Latest News

Ransomware attack on China’s Largest Bank, US Treasury Market disrupted


➡️ Join Whatsapp Group

On Thursday, the US branch of China’s largest bank fell victim to a ransomware attack, compelling clients to redirect trades and causing disruption in the US Treasury market.

Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid.

Ransomware attacks typically breach vulnerable computer systems, encrypt or steal data, and demand payment in exchange for decrypting or not publicly releasing the data.

The Industrial and Commercial Bank of China Financial Services (ICBC FS) acknowledged the attack, stating it led to disruptions in certain financial service systems.

Headquartered in New York City, the Industrial and Commercial Bank of China Financial Services (“ICBCFS”) is a wholly owned subsidiary of the Industrial and Commercial Bank of China Limited (“ICBC”).

Upon discovering the incident, the New York-based bank promptly disconnected and isolated affected systems, initiating an investigation and recovery efforts. ICBC FS successfully cleared US Treasury trades executed on Wednesday and repurchase (repo) financing trades on Thursday.

Reportedly, some trades on Thursday were manually relayed across Manhattan on a USB stick as messengers handled necessary settlement details.

ICBC is a state-owned commercial bank. ICBC is also the 3rd largest bank in the world by market capitalization at $211 billion (31-Dec-2022).

China’s foreign ministry assured normalcy in the business and office systems of ICBC’s head office and its domestic and foreign branches. Foreign ministry spokesman Wang Wenbin commended ICBC for its emergency handling, supervision, and communication efforts to minimize risks and losses.

The hack, reportedly utilizing software from the Russian-speaking Lockbit hacking group, is known for scrambling files and demanding cryptocurrency payments. Lockbit targeted Boeing last week, and it was the most deployed ransomware variant globally in 2022, according to the US Cybersecurity and Infrastructure Security Agency.

The group has demanded ransoms ranging from €5 million to €70 million and has previously attacked critical infrastructure and large industrial groups, including the Royal Mail in the UK and a Canadian children’s hospital.

Leave a Reply

Your email address will not be published. Required fields are marked *