Attack On Chinese Bank Disrupts Financial Trading

Uploaded on 2023-11-11 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

The US financial services division of the Industrial and Commercial Bank of China reported on Thursday 10th November that its financial services arm, called ICBC Financial Services, experienced a ransomware attack that caused disruption to a number of its systems. 

ICBC said it was investigating the attack that disrupted some of its systems and making progress towards recovering from it, however, sources have reported there was disruption to trading in certain financial instruments.

In particular, the ransomware attack prevented the ICBC US division from settling US Treasury trades.

China’s foreign ministry said on Friday 10th November that the lender was striving to minimise risk impact and losses after the attack. Immediately after discovering the hack, ICBC “isolated impacted systems to contain the incident,” the state-owned bank said. ICBC has not said who was behind the attack but it did say has been “conducting a thorough investigation and is progressing its recovery efforts with the support of its professional team of information security experts.”

While nobody has claimed responsibility for the attack here are clues about what kind of software was used to carry out the attack. According to sources, the ransomware used in the attack is LockBit 3.0 - a persistent type of malware used to exfiltrate confidential data.

Different iterations of LockBit can rapidly infect corporate networks, typically someone clicking on a malicious link in an email.  

ICBC said it “successfully cleared” US Treasury trades and repo financing trades done on Thursday 10th Nov. A repo is a repurchase agreement, a type of short-term borrowing for dealers in government bonds. However, multiple news outlets reported there was disruption to US Treasury trades and that the ransomware attack prevented the ICBC division from settling Treasury trades on behalf of other market participants.

A spokesman for China’s Ministry of Foreign Affairs, has said that ICBC is striving to minimise the impact and losses after the attack and ICBC has not commented on whether Lockbit was behind the hack.

ICBC has said it is working with law enforcement concerning the attack and US and Chinese Government officials have discussed the attack ahead of a forthcoming regional economic summit.

CNBC:   ICBC:     APNews:   WSJ:      Guardian:    FT:     Reuters:    CybersecurityDive:  

You Might Also Read: 

Cyber Security & The  Financial Services Industry;

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Global Law Firm Breached & Data Stolen
British Online Safety Act Is Now Law »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Riverbed Technology

Riverbed Technology

The Riverbed Network and Application Performance Platform enables organizations to visualize, optimize, accelerate and remediate the performance of any network for any application.

Secure Identity Alliance (SIA)

Secure Identity Alliance (SIA)

The Secure Identity Alliance is dedicated to supporting sustainable worldwide economic growth and prosperity through the development of trusted digital identities and the adoption of secure eServices.

CERT.GOV.AZ

CERT.GOV.AZ

Azerbaijan Government Computer Incident Response Team

Truth Technologies Inc (TTI)

Truth Technologies Inc (TTI)

TTI is a premier provider of worldwide anti-money laundering, anti-fraud, customer identification, and compliance products and services.

Devo Technology

Devo Technology

Devo Security Operations is a next-gen cloud SIEM that enables you to gain complete visibility, reduce noise, and focus on the threats that matter most to the business.

Cyber Academy

Cyber Academy

Cyber Academy is one of the first institutions in the SE Europe region that provides a hands-on program in cyber security, blockchain and AI.

Hubraum

Hubraum

Hubraum is Deutsche Telekom’s tech incubator, helping startups to create new business opportunities in areas including data analytics, AI, robot process automation and cyber security.

Digital Magics

Digital Magics

Digital Magics is an incubator for innovative startups which offer content and services with high technological value. Areas of focus include IoT, Enterprise Software, AI, Industry 4.0 and Blockchain.

TotalAV

TotalAV

TotalAV Antivirus is a free-to-use app packed with all the essential features to find and remove malware, keeping you safe.

Regtank Technology

Regtank Technology

Regtank is a one-stop compliance solution for fintechs, navigating compliance, security and risk management.

EPIQ Infotech

EPIQ Infotech

EPIQ Infotech is a trusted consulting and implementation partner for Oracle JD Edwards and Amazon Web Services (AWS).

SecuLore

SecuLore

An innovator in public-safety-focused cybersecurity, SecuLore is dedicated to protecting critical infrastructure from cyber attacks.

Sirar by STC

Sirar by STC

Sirar is an advanced technology and cybersecurity company established by STC, the MENA region’s ICT and digital services provider.

System360

System360

System360 is one of Houston's top suppliers of network administration, design, security, and support services.

Ciena

Ciena

Ciena is a global leader in optical and routing systems, services, and automation software. We build the world’s most adaptive networks to address ever-increasing digital demands.

CeTu

CeTu

CeTu - Data Orchestration for the Modern SOC. Strengthen security and optimize costs with the world's first AI-native platform for scaling and future-proofing your data stack.