China on Tuesday rejected an allegation by a cyber intelligence firm that a state-backed hacking group targeted the IT systems of two Indian coronavirus vaccine makers.
Cyfirma told Reuters that hacking group APT10, known as Stone Panda, had identified gaps and vulnerabilities in the IT infrastructure and supply chain software of Bharat Biotech and the Serum Institute of India (SII), the world’s largest vaccine maker.
”Without showing any evidence, the relevant party made baseless speculation, distorted and concocted facts, to malign a specific party,” China’s foreign ministry told Reuters.
”This behaviour is irresponsible and has ulterior motive. China firmly opposes it,” it added in a written reply to questions about Cyfirma’s allegations.
Asked to respond to Beijing’s comment, Cyfirma, a company which is backed by investors including Goldman Sachs, said in a statement: ”We stand by our findings and research”.
SII declined to comment. Bharat Biotech, which said on Monday it did not comment on hacking-related matters, had no immediate comment on Tuesday.
The office of the director-general of the state-run Indian Computer Emergency Response Team (CERT) told Reuters on Monday the hacking matter had been handed to its operations director.
It declined further comment.
SII is making the Oxford University-AstraZeneca vaccine for many countries and will soon start bulk manufacturing Novavax shots, while Bharat Biotech plans to export its COVAXIN shot to dozens of countries including Brazil and the Philippines.
China and India have both sold or gifted COVID-19 shots to many countries. India produces more than 60% of all vaccines sold in the world.
Relations between the nuclear-armed neighbours soured in June when 20 Indian and four Chinese soldiers were killed in a Himalayan border confrontation. Recent talks have eased tension, and the Chinese foreign ministry said both sides were working towards safeguarding the peace in the border region.
”China and India are using military diplomatic channel to communicate about how to properly manage the border situation,” the foreign ministry statement said.
”We hope everyone can work together to stop the spreading of fake information,” it added.
A report yesterday revealed that Chinese state-backed hacking group has in recent weeks targeted the IT systems of the two Indian vaccine makers whose coronavirus shots are being used in the country’s immunisation campaign.
Goldman Sachs-backed Cyfirma, based in Singapore and Tokyo, said Chinese hacking group APT10, also known as Stone Panda, had identified gaps and vulnerabilities in the IT infrastructure and supply chain software of Bharat Biotech and the Serum Institute of India (SII), the world’s largest vaccine maker.
“The real motivation here is actually exfiltrating intellectual property and getting competitive advantage over Indian pharmaceutical companies,” said Cyfirma Chief Executive Kumar Ritesh, formerly a top cyber official with British foreign intelligence agency MI6.
A new study has also revealed that computer networks of at least 12 Indian state-run organisations, primarily power utilities and load dispatch centres, have been targeted by Chinese state-sponsored groups since mid-2020 in an attempt to inject malware that could cause widespread disruptions.
According to the study by Recorded Future, a US-based company that monitors the use of the internet by state actors for cyber-campaigns, NTPC Limited, the country’s largest power conglomerate, five primary regional load dispatch centres that aid in the management of the national power grid by balancing electricity supply and demand, and two ports were among the organisations attacked.