A Chinese state-backed hacking group has in recent weeks been hacking the IT systems of two Indian vaccine makers whose coronavirus shots are being used in the country's immunisation campaign, reported cyber intelligence firm Cyfirma.
Chinese hacking group APT10, also known as Stone Panda, had identified gaps and vulnerabilities in the IT infrastructure and supply chain software of Bharat Biotech and the Serum Institute of India (SII), the world’s largest vaccine maker.
Both Bharat and SII are currently producing the COVID-19 vaccine, with SII producing the AstraZeneca/Oxford University Covid-19 vaccine.
Cyfirma recently launched a report titled Threat Landscape for Pharmaceutical Companies, said cyber attack campaigns are originating from Russia, China, North Korea, and the Middle East and targeting 12 countries, including India, to steal COVID vaccine research data, patient information, clinical trials data, supply chain and vaccine production information.
"The real motivation here is actually exfiltrating intellectual property and getting competitive advantage over Indian pharmaceutical companies," said Cyfirma Chief Executive Kumar Ritesh, formerly a top cyber official with British foreign intelligence agency MI6.
The target companies are the top pharma companies in India, the US, the UK, Japan, Australia, Spain, Italy, Germany, Brazil, Taiwan and Mexico.
India produces more than 60% of all vaccines sold worldwide.
Last November, Microsoft detected cyber attacks from Russia and North Korea targeting Covid-19 vaccine companies in India, Canada, France, South Korea and the United States.