ICBC US Arm Hit by Ransomware: The U.S. arm of the Industrial and Commercial Bank of China (ICBC) fell victim to a ransomware attack, causing disruptions in U.S. Treasury trades on Thursday. ICBC Financial Services, the U.S. unit of China’s largest commercial lender, confirmed the attack and is actively investigating while making progress toward recovery. The attackers, likely associated with the cybercrime gang Lockbit, disrupted systems and demanded ransom, a tactic commonly employed to extort funds and access sensitive data.
Notably, the brazenness of this ransomware attack on a major financial institution like ICBC raises concerns. Experts, including Allan Liska from cybersecurity firm Recorded Future, identify Lockbit as the likely perpetrator. The group, active since 2020, has targeted numerous U.S. organizations, amassing a track record of 1,700 hits, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA).
The attack on ICBC adds to the growing trend of cybercriminals targeting high-profile entities without fear of repercussions. Despite ongoing efforts by U.S. authorities to combat cybercrime, ransomware attacks persist, affecting companies across various industries. The ICBC did not confirm Lockbit’s involvement, a common practice among victim organizations reluctant to disclose such details.
Also Read: Biden Vision for AGOA: Transforming U.S.-Africa Trade Relations
While the impact on the market appears limited, questions surrounding the cybersecurity controls of major organizations like ICBC are likely to arise. ICBC successfully cleared Treasury trades executed on Wednesday and repo financing trades on Thursday, minimizing the overall impact on the market. However, concerns linger about market participants’ cybersecurity measures, and regulatory scrutiny may follow.
The incident did cause disruptions in trades going through ICBC, impacting market liquidity. The U.S. Securities Industry and Financial Markets Association (SIFMA) reported the ransomware attack to its members, stating that ICBC’s inability to settle trades affected the U.S. Treasury market. The Treasury Department is monitoring the situation, with the market reportedly functioning normally despite the cybersecurity incident.
Our Reader’s Queries
What ransomware attack hit the Chinese lender ICBC’s US unit?
In early November, a New York branch of ICBC was hit by a ransomware attack, prompting the bank to disconnect its system from the U.S. Treasury market. The attack involved hackers threatening to block access to data unless a ransom was paid. As of now, it is uncertain when the bank will be able to restore the connection.
What is the ransomware incident with ICBC?
Earlier this month, ICBC’s U.S. division fell victim to a ransomware attack by the notorious cybercrime group, Lockbit. The attack was so severe that it caused a complete blackout, resulting in even the corporate email system being rendered useless. As a result, employees had to resort to using Google mail. This disruption caused the brokerage to temporarily owe BNY Mellon (BK).
Has ICBC been hacked?
According to a recent Reuters report, the Industrial and Commercial Bank of China (ICBC), the country’s biggest lender, allegedly paid a ransom to the Lockbit ransomware group after a cyber attack last week. Lockbit’s representative shared this information through an online statement.
Is China’s ICBC the world’s biggest bank hit by cyberattack?
On Thursday, ICBC, the biggest lender globally, announced that its financial services division had been hit by a ransomware attack, causing disruption to some of its systems. According to security experts, the cyberattack was carried out using ransomware from the hacking group LockBit.