Technology
Friday, November 10th, 2023 6:10 pm EDT
Key Points
- Ransomware Attack on ICBC Financial Services: ICBC Financial Services, the U.S. financial services division of the Industrial and Commercial Bank of China (ICBC), experienced a ransomware attack that disrupted certain systems, leading to the isolation of impacted systems to contain the incident. The attack reportedly affected the trading of U.S. Treasurys.
- Response and Investigation: ICBC has not disclosed the identity of the attackers but stated that it is conducting a thorough investigation and working with law enforcement. The Chinese government, through its Ministry of Foreign Affairs, mentioned that ICBC is minimizing the impact and losses and has handled the emergency response well.
- LockBit 3.0 Ransomware: The ransomware used in the attack is identified as LockBit 3.0, a strain known for its modular and evasive nature, making it challenging to detect. LockBit is a ransomware-as-a-service group that sells its malicious software to other hackers, primarily targeting small and medium-sized businesses. The group’s leader operates under the online name “LockBitSup.” LockBit has previously claimed responsibility for ransomware attacks on Boeing and the U.K.’s Royal Mail. The U.S. Department of Justice charged a Russian national in June for deploying LockBit ransomware in various cyberattacks globally.
The U.S. financial services division of the Industrial and Commercial Bank of China (ICBC) experienced a ransomware attack, disrupting the trading of Treasurys. ICBC, the world’s largest lender by assets, reported that the cyberattack affected certain systems of its financial services arm. The attack prompted ICBC to isolate impacted systems immediately to contain the incident. While ICBC stated that it successfully cleared U.S. Treasury trades executed on Wednesday and repo financing trades on Thursday, reports from traders and banks suggested disruption to U.S. Treasury trades. The ransomware used in the attack is identified as LockBit 3.0, known for its modular and evasive nature, making it challenging to detect. LockBit is a ransomware-as-a-service group that sells its malicious software to other hackers, targeting small and medium-sized businesses. ICBC is conducting a thorough investigation into the incident and is working with law enforcement. The Chinese government, through its Ministry of Foreign Affairs, mentioned that ICBC is minimizing the impact and losses and has handled the emergency response well. The perpetrators behind the attack have not been identified, and the situation is being closely monitored by the U.S. Treasury Department.
For the full original article on CNBC, please click here: https://www.cnbc.com/2023/11/10/icbc-the-worlds-biggest-bank-hit-by-ransomware-cyberattack.html