Attack On Chinese Bank Disrupts Financial Trading

Uploaded on 2023-11-11 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

The US financial services division of the Industrial and Commercial Bank of China reported on Thursday 10th November that its financial services arm, called ICBC Financial Services, experienced a ransomware attack that caused disruption to a number of its systems. 

ICBC said it was investigating the attack that disrupted some of its systems and making progress towards recovering from it, however, sources have reported there was disruption to trading in certain financial instruments.

In particular, the ransomware attack prevented the ICBC US division from settling US Treasury trades.

China’s foreign ministry said on Friday 10th November that the lender was striving to minimise risk impact and losses after the attack. Immediately after discovering the hack, ICBC “isolated impacted systems to contain the incident,” the state-owned bank said. ICBC has not said who was behind the attack but it did say has been “conducting a thorough investigation and is progressing its recovery efforts with the support of its professional team of information security experts.”

While nobody has claimed responsibility for the attack here are clues about what kind of software was used to carry out the attack. According to sources, the ransomware used in the attack is LockBit 3.0 - a persistent type of malware used to exfiltrate confidential data.

Different iterations of LockBit can rapidly infect corporate networks, typically someone clicking on a malicious link in an email.  

ICBC said it “successfully cleared” US Treasury trades and repo financing trades done on Thursday 10th Nov. A repo is a repurchase agreement, a type of short-term borrowing for dealers in government bonds. However, multiple news outlets reported there was disruption to US Treasury trades and that the ransomware attack prevented the ICBC division from settling Treasury trades on behalf of other market participants.

A spokesman for China’s Ministry of Foreign Affairs, has said that ICBC is striving to minimise the impact and losses after the attack and ICBC has not commented on whether Lockbit was behind the hack.

ICBC has said it is working with law enforcement concerning the attack and US and Chinese Government officials have discussed the attack ahead of a forthcoming regional economic summit.

CNBC:   ICBC:     APNews:   WSJ:      Guardian:    FT:     Reuters:    CybersecurityDive:  

You Might Also Read: 

Cyber Security & The  Financial Services Industry;

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Global Law Firm Breached & Data Stolen
British Online Safety Act Is Now Law »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

DKCERT

DKCERT

DKCERT (Danish Computer Security Incident Response Team) handles security incidents on forskningsnettet, the National Research and Education Network (NREN) in Denmark.

Wilson Sonsini Goodrich & Rosati (WSGR)

Wilson Sonsini Goodrich & Rosati (WSGR)

WSGR is the premier provider of legal services to technology, life sciences, and growth enterprises worldwide. Practice areas include cybersecurity and data protection.

Glasswall Solutions

Glasswall Solutions

Glasswall Solutions has developed a disruptive, innovative security technology which provides unique protection against document based cyber threats.

CyberDefcon

CyberDefcon

CyberDefcon is an independent organization dedicated to the pursuit of making the internet a safer place.

File Centre

File Centre

File Centre is a leading specialist when it comes to data backup, we offer our clients a premium backup retrieval and delivery solution.

Cybersecurity Advisors Network (CyAN)

Cybersecurity Advisors Network (CyAN)

CyAN provides a not-for-profit platform that helps private and public organisations as well as governments to identify trusted advisors in the area of Cyber Security and Cyber Crime.

UNIDIR Cyber Policy Portal

UNIDIR Cyber Policy Portal

The UNIDIR Cyber Policy Portal is an online reference tool that maps the cybersecurity and cybersecurity-related policy landscape.

Datplan

Datplan

Datplan offers a software solution that gives an overview of 8 key cyber risk areas, their threats, and risk management steps.

R3

R3

R3 is an enterprise blockchain software firm working with a broad ecosystem of more than 300 participants across multiple industries to develop blockchain applications.

NuID

NuID

NuID is a pioneer in trustless authentication and decentralized digital identity.

Data Privacy Office (DPO)

Data Privacy Office (DPO)

Data Privacy Office is a company that specializes in privacy and personal data protection, following the highest standards in its sector.

Predatech

Predatech

A cyber security consultancy offering a range of services, including CREST accredited penetration testing, vulnerability assessments and certifications incl. Cyber Essentials & Cyber Essentials Plus.

Dhound

Dhound

Dhound is a cybersecurity company providing web application penetration testing.

Surefire Cyber

Surefire Cyber

Surefire Cyber delivers swift, strong response to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats with end-to-end response capabilities.

VulnCheck

VulnCheck

VulnCheck helps organizations outpace adversaries with vulnerability intelligence that predicts avenues of attack with speed and accuracy.

Blue Cloud Softech Solutions

Blue Cloud Softech Solutions

Blue Cloud Softech propels inspiring digital transformations. We provide AI products, cybersecurity, healthcare technology, and cloud solutions.