A health worker prepares a dose of the COVID-19 vaccine Covishield for health workers of the Border Security Force at Agartala, the capital city of India's northeastern state of Tripura, Jan. 21, 2021.Photo:Xinhua
Chinese Embassy in India and the country's cybersecurity insiders have refuted a Reuters report which cited Goldman Sachs-backed cyber intelligence firm Cyfirma on Monday as claiming that a "Chinese state-backed' hacking group had attacked two Indian vaccine makers in recent weeks, slamming such groundless allegations to be nothing but an ill-indented slander and stressing that China leads in the
vaccine research and development and there is no need for China to rely on "stealing" to obtain vaccines. Refuting the Reuters report, a spokesperson with the Chinese Embassy in India on Tuesday via its official WeChat public account criticized the "irresponsible, ill-intended smearing acts", and said China firmly opposes politicizing cybersecurity issues.
"The relevant allegations are pure slander. Since it is highly complicated and sensitive to figure out the origins of cyberattacks, one should not target a specific party to blame it when there is no evidence," the spokesperson noted.
"China takes the lead in vaccine research and development, we don't need to and will not rely on 'stealing' to obtain vaccines. Both China and India are contributors to international cooperation on vaccines, and both have fallen victim to disinformation. This is not in the common interests of the international community," the spokesperson added.
Reuters reported on Monday that a Chinese hacking group called APT-10, or Stone Panda, had identified gaps and vulnerabilities in the IT infrastructure and supply chain software of Bharat Biotech and Serum Institute of India (SII), the world's largest vaccine maker. But it did not spell out a clear connection between the so-called hacker group and the Chinese government.
The Reuters report went even further in its attempt to find logical grounds for the Chinese government-backed hacking event by citing Cyfirma boss Kumar Ritesh, a top cyber official with British intelligence agency MI6, as saying, "The real motivation here is actually exfiltrating intellectual property and getting competitive advantage over Indian pharmaceutical companies."
He said APT10 was actively targeting SII, which is making the AstraZeneca vaccine for many countries and will soon start bulk-manufacturing Novavax shots.
"In the case of Serum Institute, they have found a number of their public servers running weak web servers, these are vulnerable web servers," Ritesh said, referring to the hackers.
An employee with SII reached by the Global Times on Tuesday also declined to comment on the issue, while saying he is aware of the development.
Cyfirma did not respond to the Global Times' request for comments.
Chinese cybersecurity insiders told the Global Times that they have no idea of this so-called hacker group, and are not surprised by this round of accusations made by Western media using the same old trick of tarnishing China with the cybersecurity issue.
Qin An, director of the China Internet Space Research Institute, told the Global Times that the allegations that APT10 had links with the Chinese government are absolutely groundless, because the Chinese government has never supported cyberspace crime, as regulations and laws explicitly prohibit such acts.
Similarly, in 2017, APT10 was also targeted in a report by BAE systems, a British multinational arms, security, and aerospace company, for a series of intrusions against several major service providers.
Qin told the Global Times that the clear intention of this report by BAE systems was to hype up the cyberthreat posed by China. When cyberspace was regarded as the second public sphere of war, US military industrial enterprises opted to transform themselves by acquiring cyberspace companies in order to obtain more funding from the government.
"The repeated allegations to discredit China are only a means of survival for those military industrial enterprises," Qin said.
Western media is trying to create new bad blood over the vaccine issue between China and India at a time when two sides are pushing for the disengagement of border troops, and the practice is pure evil slanders, observers said.
There has been never solid evidence to prove that China has supported any hacker groups including APT-10, and the Western media's accusation also acknowledged that.
Back in 2018 December, FT pointed out that security companies believe APT-10 is backed by the Chinese government simply because "their goals are aligned."
Also this week, refuting reports that China had initiated cyberattacks against India's power grid resulting in massive power outages as a way to "warn" India to stop acting aggressively on the border issue, Chinese Foreign Ministry spokesperson Wang Wenbin said, "As a staunch defender of cybersecurity, China firmly opposes and cracks down on all forms of cyberattacks."
"Speculation and fabrication have no role to play in the issue of cyberattacks, as it is very difficult to trace the origin of a cyberattack. It is highly irresponsible to accuse a particular party when there is no sufficient evidence. China is firmly opposed to such irresponsible and ill-intentioned practices," Wang noted.