A hacking group backed by the Chinese Communist Party (CCP) in recent weeks, reportedly targeted the information systems of two major Indian vaccine manufacturers, whose CCP Virus injections are currently being used in various immunization campaigns.
India and China are the two major global producers of the vaccine against the CCP Virus. At the moment India leads with 60% of the world’s vaccine production. This seems to have piqued the Chinese communist regime’s interest in obtaining information on vaccine production in its neighboring country.
Singapore and Tokyo-based cyberintelligence firm Cyfirma told Reuters that the Chinese-based hacking group APT10, also known as Stone Panda, had identified breaches and vulnerabilities in the information infrastructure and supply chain software of Bharat Biotech and Serum Institute of India (SII), the world’s largest vaccine manufacturer.
“The real motivation here is actually exfiltrating intellectual property and getting competitive advantage over Indian pharmaceutical companies,” said Cyfirma CEO Kumar Ritesh, who previously served as a senior cyber official with the British foreign intelligence agency MI6.
Ritesh also mentioned that APT10 was actively targeting SII that is manufacturing the AstraZeneca vaccine for many countries and will soon begin manufacturing Novavax injections in bulk.
“In the case of Serum Institute, they have found a number of their public servers running weak web servers, these are vulnerable web servers,” Ritesh added.
The U.S. Department of Justice in December 2018 reported in a press release that APT10 had acted in partnership with China’s Ministry of State Security in global cyber intrusion campaigns targeting intellectual property and sensitive business information.
The CCP did not comment on the matter, even though it is aware of the hacker group’s known ties to the CCP.
Ritesh, whose firm is dedicated to investigating large-scale cybercriminals and currently monitors nearly 2,000 hacking campaigns using a tool called DeCYFIR, commented that it was still unclear what kind of vaccine-related information APT10 may have obtained and what kind of specific information it was looking for.
This is not the first time Chinese nationals have been accused of attempting to steal information from labs doing research on the CCP Virus vaccine.
In July 2020, the U.S. Department of Justice issued a detailed 11-count indictment against two Chinese nationals, accused of conducting a hacking campaign to steal information and extort money.
U.S. laboratories conducting studies researching vaccines to combat the CCP Virus were among the hundreds of entities that fell victim to hackers stealing information.
The Justice Department warned in the report about two Chinese-born computer hackers accused of hacking into the computer systems of hundreds of companies, governments, nongovernmental organizations, and individual dissidents, clerics, and democracy and human rights activists in the United States and abroad.
Among other things, the defendants allegedly researched vulnerabilities in the computer networks of companies developing CCP virus vaccines, testing the technology and treatments.