Attack On Chinese Bank Disrupts Financial Trading

The US financial services division of the Industrial and Commercial Bank of China reported on Thursday 10th November that its financial services arm, called ICBC Financial Services, experienced a ransomware attack that caused disruption to a number of its systems. 

ICBC said it was investigating the attack that disrupted some of its systems and making progress towards recovering from it, however, sources have reported there was disruption to trading in certain financial instruments.

In particular, the ransomware attack prevented the ICBC US division from settling US Treasury trades.

China’s foreign ministry said on Friday 10th November that the lender was striving to minimise risk impact and losses after the attack. Immediately after discovering the hack, ICBC “isolated impacted systems to contain the incident,” the state-owned bank said. ICBC has not said who was behind the attack but it did say has been “conducting a thorough investigation and is progressing its recovery efforts with the support of its professional team of information security experts.”

While nobody has claimed responsibility for the attack here are clues about what kind of software was used to carry out the attack. According to sources, the ransomware used in the attack is LockBit 3.0 - a persistent type of malware used to exfiltrate confidential data.

Different iterations of LockBit can rapidly infect corporate networks, typically someone clicking on a malicious link in an email.  

ICBC said it “successfully cleared” US Treasury trades and repo financing trades done on Thursday 10th Nov. A repo is a repurchase agreement, a type of short-term borrowing for dealers in government bonds. However, multiple news outlets reported there was disruption to US Treasury trades and that the ransomware attack prevented the ICBC division from settling Treasury trades on behalf of other market participants.

A spokesman for China’s Ministry of Foreign Affairs, has said that ICBC is striving to minimise the impact and losses after the attack and ICBC has not commented on whether Lockbit was behind the hack.

ICBC has said it is working with law enforcement concerning the attack and US and Chinese Government officials have discussed the attack ahead of a forthcoming regional economic summit.

CNBC:   ICBC:     APNews:   WSJ:      Guardian:    FT:     Reuters:    CybersecurityDive:  

You Might Also Read: 

Cyber Security & The  Financial Services Industry;

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

 

« Global Law Firm Breached & Data Stolen
British Online Safety Act Is Now Law »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

FireMon

FireMon

FireMon is the only agile network security policy platform for firewalls and cloud security groups providing the fastest way to streamline network security policy management.

Sungard Availability Services (Sungard AS)

Sungard Availability Services (Sungard AS)

Sungard AS partners with customers around the globe to understand their unique business needs and provide production and recovery services tailored to their requirements.

SEPPmail

SEPPmail

SEPPmail is a patented e-mail encryption solution to secure your electronic communication.

QSecure

QSecure

QSecure specializes in the provision of information security and risk management services.

Cyberarch Consulting

Cyberarch Consulting

Cyberarch is a security-focused consulting firm. We provide services specializing in information security, digital forensics, penetration testing and cyber security training.

ArmorText

ArmorText

ArmorText offers a seamless channel for communication and collaboration for organizations concerned with keeping communication data private and secure.

Utility Cyber Security Forum

Utility Cyber Security Forum

The Utility Cyber Security Forum offers a focused venue in which utility executives can network one-on-one with colleagues facing issues in protecting against cyber attacks.

Consensys

Consensys

ConsenSys is a global blockchain company. We develop enterprise applications, invest in startups, build developer tools, and offer blockchain education.

Privakey

Privakey

Transaction Intent Verification. Privakey delivers a secure channel to streamline high risk transactions, enabling digital trust between services and their users.

Focal Point

Focal Point

We aspire to be the focal point for Medium and Small size companies providing 24/7 cyber security advice, services and solutions.

Ethyca

Ethyca

Ethyca builds automated data privacy infrastructure and tools for developers and privacy teams to easily build products that comply with GDPR, CCPA Privacy Regulations.

Centre for Cyber Security Belgium (CCB)

Centre for Cyber Security Belgium (CCB)

The Centre for Cyber Security Belgium is the central authority for cyber security in Belgium.

Infosec Institute

Infosec Institute

Infosec is a leading cybersecurity training company, we help IT and security professionals advance their careers with skills development and certifications.

Atlas VPN

Atlas VPN

Atlas VPN is a highly secure freemium VPN service with a goal to make safe and open internet accessible for everyone.

Wired Assurance

Wired Assurance

Wired Assurance is a testing and assurance company, specialized in software applications and blockchain smart contracts.

Validia

Validia

Validia is a deepfake cybersecurity service that provides proactive and reactive defense to the deepfake threat enterprises increasingly face with the rapid growth of generative AI.