≡ Menu

Hackers disrupt one of world’s biggest bank’s trades with U.S. Treasury

LockBit gang says it was behind the attack on ICBC, in the latest move by ransom-demanding hackers

The Industrial and Commercial Bank of China’s (ICBC) U.S. arm was hit by a ransomware attack that disrupted trades in the U.S. Treasury market on Thursday, the latest in a string of victims ransom-demanding hackers have claimed this year.

ICBC Financial Services, the U.S. unit of China’s largest commercial lender by assets, said it was investigating the attack that disrupted some of its systems, and making progress toward recovering from it.

China’s Foreign Ministry said on Friday the lender is striving to minimize risk impact and losses after the attack.

“ICBC has been closely monitoring the matter and has done its best in emergency response and supervisory communication,” ministry spokesperson Wang Wenbin told a regular news conference.

Wang added businesses remained normal at ICBC head office and other branches and subsidiaries across the globe.

Meanwhile, Britain’s Financial Conduct Authority said it was “communicating with the relevant U.S. and U.K. authorities and firms to identify any impacts to U.K. financial services.”

Hackers lock up a victim organization’s systems in such attacks and demand ransom for unlocking it, often also stealing sensitive data for extortion.

Several ransomware experts and analysts said an aggressive cybercrime gang named LockBit was believed to be behind the hack. LockBit confirmed its involvement via chat on Friday.

“We don’t often see a bank this large get hit with this disruptive of a ransomware attack,” said Allan Liska, a ransomware expert at the cybersecurity firm Recorded Future.

Liska said the attack “continues a trend of increasing brazenness by ransomware groups.”

“With no fear of repercussions, ransomware groups feel no target is off-limits,” he said.

U.S. authorities have struggled to curb a rash of cybercrime, chiefly ransomware attacks, which hit hundreds of companies in nearly every industry each year. Just last week, U.S. officials said they were working on curtailing the funding routes of ransomware gangs by improving information-sharing on such criminals across a 40-country alliance.

Since Lockbit was discovered in 2020, the group has hit 1,700 U.S. organizations, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA). Last month, it threatened Boeing with a leak of sensitive data.

A CISA spokesperson referred questions about the ICBC hack to the U.S. Treasury Department.

While market sources said the impact of the hack appeared limited, it signalled how vulnerable systems at large organizations such as the bank continue to be. Thursday’s incident is likely to raise questions over market participants’ cybersecurity controls and draw regulatory scrutiny.


Copyright © 2009-2024 Interconnected Business Services, LLC.