NEW DELHI – The issue of Chinese hackers has returned to the forefront in India with allegations of their attempts to infiltrate the IT systems at two Indian vaccine makers and their involvement in a power outage in Mumbai last year.
Researchers from Cyfirma, a cyber intelligence firm, said it had uncovered how a Chinese hacking group APT10 had been targeting the IT infrastructure and supply chain of the Serum Institute of India (SII), the world’s largest vaccine maker manufacturing the AstraZeneca vaccine, and Bharat Biotech, the indigenous vaccine maker.
India has given emergency approval to both vaccine manufacturers to supply the country’s needs for its vaccination programme, which is among the largest undertaken in the world.
Cyfirma said it found that India’s vaccine research had attracted the attention of Chinese state-sponsored threat actors “whose intentions are to tarnish India’s reputation as well as to disrupt her national vaccination effort.”
The firm said it did not not know the exact date of the attacks but said evidence from hackers’ communities and forums pointed to the efforts already starting against the two companies.
“Nations are not holding back in their attempts to win the vaccine race as we are seeing unprecedented levels of cyber activities,” said Mr Kumar Ritesh, the founder and chief executive officer of Cyfirma.
“State-sponsored hackers are making inroads to disrupt vaccine distribution, steal research intellectual property, all in their efforts to create a competitive advantage for their countries.”
They were looking for “medicine chemical combination, sensitive database, customer information for geopolitical and competitive advantage,” among others, he said.
In 2018, the US Department of Justice said that APT10 had acted in association with the Chinese Ministry of State Security.
The claim of alleged hacking attempts coincides with efforts by India and China to defuse tensions along the border where a stand-off between forces on both sides disrupted ties. The two countries have since moved forward on disengaging their forces at different points on the border. The violent clash last June led to a build-up of troops and weaponry by both sides.
The two countries have also both been at the forefront of vaccine diplomacy. India has given millions of doses of its home-made vaccine to its immediate neighbours, including Nepal, Bangladesh and the Maldives, in part to strengthen its influence in the face of growing Chinese involvement in South Asia.
It has also supplied to different countries around the world including through Covax, a global scheme to procure and distribute Covid-19 vaccines free to poorer countries.
Similarly China too has been distributing vaccines to 45 countries.
The Cyfirma allegation of Chinese hacking attempts followed another report by the New York Times on Feb 28 that a power outage in Mumbai in October last year was part of a Chinese cyber campaign against India’s power grid.
Quoting a report by Recorded Future, a US-based company, the major US daily linked the cyber attack to the border troubles, saying that it could have been a warning to India of the cost of escalating the border row.
The power outage in Mumbai, which is India’s financial capital, affected millions with suburban train services in the metropolis at a standstill for over two hours, traffic signals stopped working and water supply to some parts were affected.
Federal power minister R.K. Singh denied that the power outage was due to hacking, telling Asian News International, an Indian news agency, it was caused by “human error and not due to cyber attack.” He said teams that investigated the outage found a cyber attack did take place but it was not linked to the grid failure.
But Anil Deshmukh, the Home Minister for the state of Maharashtra, where Mumbai is situated, described the outage as a cyber-sabotage attempt.
China, responding to the New York Times report, denied any links to the Mumbai cyber attack.
“As a staunch defender of cyber security, China firmly opposes&cracks down on all forms of cyber attacks,” the Chinese embassy in New Delhi said in a tweet which quoted a statement from the Chinese foreign ministry spokesman.
“Speculation&fabrication have no role to play on the issue of cyber attacks. Highly irresponsible to accuse a particular party with no sufficient evidence around,” added the tweet.
Analysts say the latest reports of alleged Chinese hacking will only intensify the massive trust deficit between the two countries although India has been aware of earlier instances of Chinese hacking as well as threats.
A 2018 Indian government report found that 35 per cent of cyber attacks on official Indian websites were from China, followed by the US and Russia.
“Industrial and military espionage is done by many countries,” said Prof Srikant Kondapalli, a China expert at Jawaharlal Nehru University.
“In this case mistrust at the popular level increases. Already popular opinion was against China following the border troubles. As such, there is also no forward momentum in the relationship. Mutual mistrust continues and these incidents reinforce that,” he added.