The Ministry of Electronics and Information Technology (MeitY) has stepped up its vigil of cyberattacks on Indian companies in the vaccine, logistics, pharmaceutical and power sector, and has asked these to report “any and all major cybersecurity” incidents to the Computer Emergency Response Team (CERT-In) team every week, senior government officials said.
“The frequency of such attacks has definitely increased over the last one year. But for each such attack that gets reported or is flagged by some external agency, at least 10 others are stopped in track before they can do any harm. CERT-In has been in touch with all these companies,” an official said.
Over the past four-five months, especially after cyberattacks on Dr Reddy’s Laboratories and Lupin Ltd in October and November last year, the IT Ministry and its nodal body on cybersecurity, CERT-In, conducted meetings with critical companies in the vaccine, logistics, pharmaceutical and power sectors and assisted them in shoring up their defence, officials said.
“They are helping in many different ways,” said the executive of one of the vaccine companies that has received assistance. This includes training of the company’s staff for protection against cyber attacks, assessing weaknesses in its IT systems, strengthening these and searching for attack attempts, the executive told The Indian Express requesting anonymity.
The exercise was initiated towards the end of last year over triggers like rising potential cyber threats from countries like China, Russia and Uzbekistan, according to the executive.
“We were told that it (the threat) is primarily (from) China,” the executive added.
Another vaccine firm executive told The Indian Express that a government official had come to their office last month “to verify whether we have enough security from an IT perspective as well as general security for vaccine manufacturers.” According to this executive, the official had looked for measures like whether the company had adequate firewalls in place to thwart cyber attack attempts. “There is a lot of renewed interest in Indian vaccine companies,” the executive said.
Following the attacks on Dr Reddy’s Laboratories and Lupin in October and November last year, pharmaceuticals and healthcare companies have been on high alert, according to some industry executives. The number of cyber threats against vaccine makers, especially, has exponentially risen in the last six months alone, they said.
The executive of one such vaccine firm said that it now has to fight “thousands” of attempts to attack its systems every month. “Depending on the day, we get anywhere between 4-6 cyberattack attempts to as many as 100 attempts. Around 6-8 months ago, we would get 3-4 attack attempts in a month,” said the executive, requesting anonymity.
Towards the end of February, Goldman Sachs-backed cyber intelligence firm Cyfirma had said a Chinese hacker group known as Stone Panda had “identified gaps and vulnerabilities in the IT infrastructure and supply chain software of Bharat Biotech and the Serum Institute of India,” according to a Reuters report. These companies have developed Covaxin and Covishield, which are currently being used in the national vaccination campaign.
Apart from companies in the vaccine and pharmaceutical space, firms in the power distribution space have also been on the radar of cybercriminals. On February 28, Recorded Future published a report saying it had observed a “steep rise” in the use of resources like malware by a Chinese group called Red Echo to target “a large swathe” of India’s power sector.
It said 10 distinct Indian power sector organisations were targeted, including four Regional Load Despatch Centres that are responsible for smooth operation of the country’s power grid. Recorded Future said the group also targeted two Indian seaports.