Disturbing reports have surfaced about suspected Chinese hackers doing cyber espionage to ferret out information about Covid-19 vaccines being produced in India and also the supply and distribution chains of vaccines in the US. Now Chinese hackers are also credited to have wreaked havoc on the Mumbai power grid in October, 2020 causing a severe power failure in decades in the country’s finance capital through a malware at the height of the border standoff in Ladakh between India and China.
The reports emanated from cyber intelligence firms based in Singapore, Tokyo and the US. The Federal Bureau of Investigation (FBI) has also alerted the world against such attacks by hackers in China, North Korea and Russia on researchers of Covid vaccines. Goldman Sachs-backed Cyfirma, based in Singapore and Tokyo said in a report Chinese hacking group APT10, also known as Stone Panda, had identified gaps and vulnerabilities in the IT infrastructure and supply chain software of Bharat Biotech and the Serum Institute of India (SII). The main motive is to get competitive advantage over the Indian companies producing Covid vaccines. This report carries weight as the Chief Executive of Cyfirma has an impeccable record in counter-intelligence having been a top cyber official with British foreign intelligence agency MI6. In the case of SII, the hackers have found a number of their public servers running weak web servers and weak content-management system.
Cyfirma told news agency Reuters the Chinese state-backed hacking group had, in recent weeks, targeted the IT systems of two Indian vaccine makers whose shots are being used in the country’s immunisation campaign. China and India are trying to capture the global Covid vaccine market. Both have already sold or donated vaccine shots to many countries. Incidentally, India produces more than 60 per cent of all vaccines sold in the world.
This is no longer in the realm of speculation and conjecture. India’s state-run Computer Emergency Response Team (CERT) has acknowledged the threat mentioned by Cyfirma. Its technical analysis and evaluation verified the threats and attacks. US drug-maker Pfizer and its German partner BioNTech SE have also stated documents on the development of their Covid vaccines were unlawfully accessed.
Director of the US National Counterintelligence and Security Centre, William Evanina, revealed on March 1 that US adversaries were trying to interfere with the US government operation distributing the vaccines. He pointed the accusing finger at China and Russia.
China’s response has, so far, been on predictable lines. Its Foreign Ministry spokesman Zhao Lijian is smart enough to claim China itself has been investing enormous time, energy and money on research on Covid treatment and vaccine. As such, it would be immoral to target his country with rumours and slanders in the absence of any tangible evidence. This is typical Chinese obfuscation as is being done regarding the spread of the Covid-19 pandemic from Wuhan. A World Health Organisation (WHO) experts’ team is, probably, still trying to find out whether China played a nefarious role in the pandemic. China deliberately delayed the investigation on one pretext or the other apparently destroying, in the process, much evidence of the origin of the virus from Wuhan.
Another US company, Massachusetts-based Recorded Future, has claimed in its latest study that a Chinese government-linked group of hackers targeted Mumbai’s critical power grid system through malware causing massive power outage that threw the city’s train and hospital services and academic activities out of gear during two hours’ power shutdown in October, last year. China’s aim appears to warn India not to rub it the wrong way or else it would make its vital sectors fall like nine pins.
All these point to a sordid and alarming state of affairs. If China has been able to infiltrate India’s cyber space at will, Indian counter-intelligence and foreign service establishment, as usual, are always caught with their pants down. This has become a set pattern. So long China has been sneaking in and out of Indian territory as is evident in Doklam and Ladakh. All this while an Union minister who was earlier the Chief of the Indian Army has publicly said in Tamil Nadu that India has transgressed more number of times into Chinese territory than China has into Indian territory. This kind of brave talk without any basis may help create a false sense of nationalism that could help the BJP but it makes India the aggressor and China becomes the affected nation.
The Indian government, on the other hand, persistently remained in a denial mode about the Chinese incursions. In the same breath it engaged in protracted negotiations on disengagement in Ladakh which is an admission that encroachment had taken place.
Now, it turns out Chinese hackers can invade Indian cyber space as well to cause incalculable harm to its vital infrastructure and steal intellectual property as the People’s Liberation Army (PLA) has entered into Indian territory without much resistance. Chest-thumping policy by the government is not the answer to the grave threat from Chinese cyberspace and land invasions. The government needs to get rid of its false bravado displayed in the slogan of building “atmanirvar” (self-reliant) India adding to empty verbiage of “make in India” and “start-ups.” Coining catchy terms, acronyms and slogans is not the weapon to fight a shrewd, crafty and powerful adversary such as China.
The government ought now to find out what China has done in Indian territory during the showdown in Ladakh. It’s not in keeping with China’s character to agree to disengagement in Ladakh so easily after remaining inside Indian borders for months. Seeds of big mischief like cyber attack may have been sown during the occupation of Indian territory by China’s PLA. This seems to be a distinct possibility now that the hackers’ designs are no longer a secret.