ICBC Grapples with Ransomware Attack – Will This Cause a Major Damage?
In a significant cybersecurity incident, China’s largest commercial lender, the Industrial and Commercial Bank of China (ICBC), recorded a ransomware attack on its U.S. arm.
The incident, which occurred on Thursday, disrupted trades in the U.S. Treasury market, marking the latest victim in a series of ransom-demanding hacks this year.
ICBC Response to Major Ransomware Attack
The attack is suspected to be the work of the cybercrime gang Lockbit, known for its aggressive ransomware tactics. However, as of Thursday evening, Lockbit’s dark website, where it typically names its victims, did not include ICBC.
The attack reveals how vulnerable the systems at major financial institutions are, raising concerns about the effectiveness of cyber safety measures. Meanwhile, ICBC Financial Services remains committed to examining the attack, working to restore disrupted systems and mitigate potential losses.
Also, China’s foreign ministry emphasized the bank’s effort, stating that it will do everything possible to reduce the impact on risk and losses.
Besides this, the U.S. authorities, which have been grappling with the increase in cybercrime, particularly ransomware attacks, are also trying to fight the funding of such criminal organizations.
Despite the disruption, the bank reported that it successfully cleared Treasury trades executed on Wednesday and repurchase agreements (repo) financing trades conducted on Thursday. In the meantime, the bank has not officially commented on the attackers’ identity.
This is understandable, as it’s common for such organizations to refrain from publicly disclosing such information. Notably, market observers acknowledge that the effect of the attack was little on the market. However, they have decided to remain vigilant about its implications, particularly for cybersecurity controls in the financial sector.
Meanwhile, the U.S. Securities Industry and Financial Markets Association (SIFMA) has informed its members about the ransomware attack. They emphasized ongoing communication with key financial sector participants and federal regulators.
The Treasury market, according to LSEG data, appeared to function normally on Thursday….
