The US arm of the world’s largest bank – The Industrial and Commercial Bank of China (ICBC) – was hit by a ransomware attack yesterday causing huge delays in payments and transactions.
ICBC Financial Services said that it was investigating the attack that disrupted some of its systems, and making progress toward recovering from it.
China’s foreign ministry said that the lender is striving to minimise risk impact and losses after the attack.
“ICBC has been closely monitoring the matter and has done its best in emergency response and supervisory communication”
Wang Wenbin – China ministry spokesperson
Other branches and subsidiaries of ICBC across the globe appeared unaffected by the incident
Initial analysis of the attack suggests it is another claim by LockBit, however no information has currently been uploaded to the gangs Dark Web site at the time of writing. Some are speculating that this attack might not have been to steal data, but to cause financial instability for the US, considering that it was only the US division of the financial giant which was targeted.
Financial disruption
The attack prevented ICBC from settling Treasury trades on behalf of other market participants. Some equity trades were also affected.
Market participants including hedge funds and asset managers had to reroute trades via different platforms because of the disruption and the attack had some effect on Treasury market liquidity, according to trading sources, but it was not impairing the market’s overall functioning.
ICBC currently have a notice on their website detailing the attack:
Other LockBit news
In the last week or so, I have posted about LockBit’s other activity, one of the recent attacks being against Boeing.
On the 8th, I posted that negotiations between the criminals and Boeing had failed, and that LockBit had re-published the timer for the release of Boeing’s data.
That timer has now expired and the data has now been published by the gang.
