India’s top military officer said that the country plans to seek help from the U.S. and other countries to shore up its vulnerable cyber defense infrastructure that has been under attack from Chinese cyberattacks.
Defense Chief General Bipin Rawat said on Wednesday that while India is currently trying to play catchup while building its own cyber defenses, much of Indian critical and military systems remain highly vulnerable to breaches. And in the interim, India is turning to the U.S. and other Western nations for solutions. This was a topic of discussion during U.S. Secretary of Defense Lloyd Austin’s visit in March as India and the United States have agreed to help India with cybersecurity and artificial intelligence.
“We have to seriously look at catching up with China on technology,” Rawat said. “We may not be able to fully catch up with China therefore we are trying to develop a relationship with Western nations to see how best we can get support from them during peacetime, at least, to overcome these deficiencies.”
Ever since Indian and Chinese troops clashed in a bloody, hand-to-hand fight along the disputed 2,200-mile border in the Himalayas in May of 2020, India has been hit by several cyberattacks. These attacks have targeted Indian port facilities, power infrastructure in Mumbai, banks, and the Indian stock exchange.
These cyberattacks were recorded by the U.S.-based Recorded Future, a cybersecurity firm. Recorded Future said a group of Chinese-linked hackers called RedEcho had targeted as many as 10 different entities in India’s power grid as well as two maritime ports when the company first notified India’s Computer Emergency Response Team.
In the attacks, Chinese malware entered control systems that manage India’s power grid. A high-voltage transmission substation was also targeted alongside a coal-fired thermal power plant. It is thought that this cyber intrusion had a hand in the widespread power outage that hit Mumbai in October last year. The outage lasted several hours, disrupted train services, and caused chaos for a time. China denied any involvement in the cyberattack.
Chinese foreign ministry spokesman Wang Wenbin said back in March that “Without any proof, slandering a specific side is irresponsible behavior and an ill-intentioned one.”
Besides the attacks on infrastructure, Chinese cyberattacks also aim at stealing Indian intellectual property. Reuters reported that Chinese state-run hackers targeted two Indian vaccine makers, Bharat Biotech and the Serum Institute of India (SII), whose shots are being used for India’s coronavirus vaccine program. Cyber intelligence firm Cyfirma was the first to report this attack. SII is the world’s largest vaccine maker.
Goldman Sachs-backed Cyfirma, based in Singapore and Tokyo, said that the Chinese hacker group “Apt10,” also known as “Stone Panda” was responsible for this attack. Cyfirma identified gaps and vulnerabilities in the IT infrastructure of Bharat Biotech and SII and in their supply chain software. SII produces the AstraZeneca vaccine for COVID-19 and will soon start bulk-manufacturing Novavax shots.
“The real motivation here is actually exfiltrating intellectual property and getting a competitive advantage over Indian pharmaceutical companies,” said Cyfirma Chief Executive Kumar Ritesh, formerly a top cyber official with the British MI6, the country’s foreign intelligence agency.
The U.S. Department of Justice said back in 2018 that APT10 had acted as an arm of the Chinese Ministry of State Security.
Microsoft reported in November that it had detected cyberattacks from Russia and North Korea targeting vaccine companies in India, Canada, France, South Korea, and the United States. North Korean hackers also tried to hack into the British drugmaker AstraZeneca’s files.