The U.S. financial services branch of the Industrial and Commercial Bank of China (ICBC) encountered a cyberattack that disrupted the trading of Treasurys. As the world’s largest lender by assets, ICBC disclosed a ransomware attack on its financial services arm, ICBC Financial Services, resulting in disruptions to specific systems. Following the discovery, ICBC promptly isolated affected systems to contain the incident.
Although ICBC did not identify the attackers, it is actively investigating the incident and collaborating with law enforcement. Despite successfully clearing U.S. Treasury and repo financing trades, there were reports of disruption to Treasury trades. The ransomware attack allegedly prevented the ICBC division from settling Treasury trades on behalf of other market participants.
The U.S. Treasury Department acknowledged the cybersecurity issue, stating ongoing communication with key financial sector participants and federal regulators while monitoring the situation. ICBC assured that the email and business systems of its U.S. financial services operate independently from its China operations, and the cyberattack did not affect its head office, the ICBC New York branch, or other domestic and overseas affiliated institutions.
Wang Wenbin, China’s Ministry of Foreign Affairs spokesperson, noted ICBC’s efforts to minimize impact and losses, emphasizing the bank’s effective emergency response and supervision.
Regarding the ransomware used, no entity has claimed responsibility, and ICBC has not disclosed the perpetrator. Security experts identified the ransomware as LockBit 3.0.
Read more news: https://www.worldcybersecurities.com/news/