A cyberattack struck the Industrial & Commercial Bank of China Ltd. (ICBC). This event is not just any disruption; it’s a significant blow to the world’s largest bank. According to a Bloomberg report, the attack paralyzed the bank’s ability to clear US Treasury trades, leading to an extraordinary situation where critical financial data was transported across Manhattan on a USB stick. This method, while unconventional, highlights the severity of the attack and the lengths to which the bank had to go to mitigate the fallout.
The attack on ICBC had immediate effects, causing major disruptions in the financial market. Brokerages, banks, and market-makers were forced into a scramble to reroute trades, dealing with an uncertain timeline for when regular operations would resume. Lockbit, a notorious criminal gang with Russian ties, is suspected to be behind this chaos. This group is no stranger to high-profile attacks, having previously targeted companies like Boeing and the UK’s Royal Mail.
Cybersecurity concerns heightened
The ICBC incident spotlighted the growing concerns about cybersecurity in the banking sector. The fear of a cyberattack crippling a critical part of the financial system is a nightmare scenario for bank leaders and government regulators worldwide. Marcus Murray, founder of Swedish cybersecurity firm Truesec, emphasized the shockwave this incident has sent through the banking community, urging banks globally to ramp up their defenses immediately.
In response to the attack, ICBC’s Beijing headquarters held urgent discussions with their U.S. division and notified regulators. They are even considering seeking help from China’s Ministry of State Security. In a statement, the bank confirmed the ransomware attack and assured that it had isolated the affected systems. ICBC Financial Services, the unit hit by the attack, is a significant player in the financial market, with $23.5 billion of assets as of the end of 2022.
This incident is part of a worrying trend of rising ransomware attacks in the financial sector. Sophos, a cybersecurity firm, reported a significant increase in such attacks in recent years, particularly in financial services. The situation is such that 64% of financial institutions faced ransomware attacks in 2023, a marked increase from previous years. The percentage of attacks in the sector increased from 55% in the 2022 report to 64% in this year’s study, nearly double the 34% reported in the 2021 report. Despite the higher attack rate, it remained below the cross-sector average of 66%. The cybersecurity firm also affirmed that many financial institutions are increasing their efforts to decrease cyber attacks.