London – The Industrial and Commercial Bank of China (ICBC), the nation’s largest lender, reportedly succumbed to a cyber attack by the notorious Lockbit ransomware gang. The breach, which impacted ICBC’s US arm and disrupted trades in the US Treasury market on Nov. 9, took a severe toll on the bank’s operations.
A spokesperson from the Lockbit gang, communicating via the Tox messaging app, claimed that ICBC paid a ransom to resolve the cyber incident. The amount paid remains undisclosed. ICBC has not yet officially commented on the alleged payment.
The ramifications of the hack extended beyond financial losses. ICBC’s US broker-dealer found itself owing a staggering $9 billion to BNY Mellon, far surpassing its net capital. The breach was so extensive that even corporate email systems at the firm were compromised, necessitating a switch to Google mail.
While ICBC has not provided an official statement, the Lockbit gang’s claim has raised questions about the vulnerability of major financial institutions to cyber threats. This incident, coming at a time of heightened concerns about the resilience of the $26 trillion Treasury market, is likely to draw increased scrutiny from regulators.
The Financial Services Information Sharing and Analysis Center, a cybersecurity group for the financial industry, emphasized the importance of protective measures and prompt vulnerability patching. Ransomware, it noted, remains a top threat vector facing the financial sector.
Lockbit, in recent months, has targeted some of the world’s largest organizations, often resorting to leaking sensitive data when victims refuse to pay. Despite authorities advising against paying ransomware gangs, some companies opt to pay quietly to restore operations swiftly and avoid reputational damage.
As the investigation unfolds, the ICBC cyber attack serves as a stark reminder of the persistent and evolving threats faced by global financial institutions in the digital age. The fallout from this incident will likely contribute to ongoing discussions on bolstering cybersecurity measures in the financial sector.
