China’s largest bank is exposed to a “ransomware attack” on American soil
The American unit of the Industrial and Commercial Bank of China (ICBC), which is the largest Chinese bank ever, was subjected to a ransomware attack that led to the disruption of the bank’s transactions at the US Treasury, on Thursday evening, making the Chinese bank the latest in a series of victims who were subjected to a cyber attack this year. The hackers then ask them to pay a large ransom to free their sites.
The US unit of China’s largest commercial bank by assets said it was investigating the attack, which disabled some of its systems, and was making progress toward recovering from it.
In a ransomware attack, hackers lock down the victim organization’s systems in such attacks and demand a ransom to unlock them, often also stealing sensitive data for blackmail later.
Several ransomware experts and analysts said that an aggressive cybercrime gang called Lockbit is believed to be behind the hack, although the gang’s dark web site, where it typically publishes the names of its victims, did not even mention the Industrial and Commercial Bank of China as a victim. Thursday evening. Lockbit did not respond to a request for comment sent via a contact address published on its website.
“It’s not often that we see a bank of this size being subjected to a disturbing ransomware attack,” said Alan Liska, a ransomware expert at cybersecurity firm Recorded Future. Liska, who also believes Lockbit was behind the hack, noted that ransomware gangs may not name and shame their victims when they negotiate a ransom demand.
He added: “This attack continues to demonstrate the increasing audacity on the part of ransomware groups… with no fear of repercussions, as ransomware groups now feel that there is no target blocked.”
US authorities are struggling to curb a series of cybercrimes, led by ransomware actors, which strike hundreds of companies in almost every industry annually. Just last week, US officials said they were working to reduce the ways ransomware gangs are funded by improving the sharing of information about these criminals across a coalition of 40 countries.
The Industrial and Commercial Bank of China did not comment on whether Lockbit was behind the hack. It is common for organizations that fall victim to this type of attack to refrain from publicly disclosing the names of cybercrime gangs.
Since Lockbit was discovered in 2020, the group has struck 1,700 American institutions, according to the US Cybersecurity and Infrastructure Security Agency (CISA). Last month, the group threatened Boeing with leaking sensitive data, which it said it found through a hack into the company.
While market sources said the impact of the hack appears limited, it indicates how vulnerable systems in large institutions such as banks are to cybercriminals. Thursday’s incident is likely to raise questions about market participants’ cybersecurity controls and spark regulatory scrutiny.
The Industrial and Commercial Bank of China said that it succeeded in settling the treasury transactions that were carried out on Wednesday, and the repurchase agreement (repo) financing transactions that were completed on Thursday.
“Overall, the event had a limited impact on the market,” said Scott Scrim, executive vice president of fixed income and repo at brokerage firm Curvator Securities.
Some market participants said that trades going through the Industrial and Commercial Bank of China were not settled due to the attack and market liquidity was affected. It was not clear whether this contributed to the weak result of the 30-year bond auction on Thursday.
“There may have been some technical issues with some participants not being able to fully access the market during the day,” said Michael Gladshon, associate portfolio manager for core income as well as fixed income at Loomis Sales.
The Financial Times reported earlier Thursday that the US Securities Industry and Financial Markets Association (SIFMA) informed members that the Industrial and Commercial Bank of China had been subjected to a ransomware attack that disrupted the US Treasury market by preventing it from settling trades on behalf of other players. In the market.
A Treasury Department spokesperson said in response to a question about the Financial Times report: “We are aware of the cybersecurity issue, and we are in regular contact with key participants in the financial sector, as well as federal regulatory agencies. We continue to monitor the situation.”
2023-11-10 12:19:23
#Federal #Reserve #raise #interest #rates #finds