In a major disturbing development, cyber intelligence firm Cyfirma confirmed that a Chinese state-backed hacking group in recent weeks attempted targeting the IT systems of two Indian vaccine makers whose coronavirus jab are being used in the country’s largest immunisation drive. The Drug Controller General of India (DCGI) had approved Oxford AstraZeneca’s CoviShield and Bharat Biotech’s Covaxin for restricted use in India. As per reports, India produces more than 60% of all vaccines sold in the world.

Goldman Sachs-backed Cyfirma, which is based in Singapore and Tokyo, said Chinese hacking group APT10, known as Stone Panda, had identified gaps and vulnerabilities in the IT infrastructure and supply chain software of Bharat Biotech and the Serum Institute of India (SII), the world’s largest vaccine maker. Cyfirma Chief Executive Kumar Ritesh said the real motivation of the hackers was actually exfiltrating intellectual property in an attempt to get competitive advantage over Indian pharmaceutical companies. 

Ritesh further added that in the case of Serum Institute, the hackers have found a number of their public servers running weak web servers, which are vulnerable web servers. In the light of the incident China’s foreign ministry did not reply to a request for comment. Meanwhile SII and Bharat Biotech declined to comment as well.

The hacker group APT10 is believe to be actively targeting SII, which is making the AstraZeneca vaccine for many countries and will soon start bulk-manufacturing Novavax shots.