👀 Ones to watch: The MOST undervalued stocks to buy right nowSee Undervalued Stocks

Gang says ICBC paid ransom over hack that disrupted US Treasury market

Published 11/13/2023, 11:44 AM
Updated 11/13/2023, 04:37 PM
© Reuters. FILE PHOTO: The logo of Industrial and Commercial Bank of China (ICBC) is pictured at the entrance to its branch in Beijing, China April 1, 2019. REUTERS/Florence Lo/File Photo
US10YT=X
-
IDCBY
-

By James Pearson

LONDON (Reuters) -China's biggest lender, the Industrial and Commercial Bank of China, paid a ransom after it was hacked last week, a Lockbit ransomware gang representative said on Monday in a statement which Reuters was unable to independently verify.

ICBC, whose U.S. arm was hit by a ransomware attack that disrupted trades in the U.S. Treasury market on Nov. 9, did not immediately respond to a request for comment.

"They paid a ransom, deal closed," the Lockbit representative told Reuters via Tox, an online messaging app.

The blackout at ICBC's U.S. broker-dealer left it temporarily owing BNY Mellon (NYSE:BK) $9 billion, an amount many times larger than its net capital.

The hack was so extensive that even corporate email at the firm ceased to function, forcing employees to switch to Google (NASDAQ:GOOGL) mail, Reuters reported. 

"The market is mostly back to normal now," said Zhiwei Ren, a portfolio manager at Penn Mutual Asset Management.

The ransomware attack came at a time of heightened worries about the resiliency of the $26 trillion Treasury market, essential to the plumbing of global finance, and is likely to draw scrutiny from regulators.

A spokesperson for the U.S. Treasury Department did not immediately provide comment on Monday.

The Financial Services Information Sharing and Analysis Center, a financial industry cybersecurity group, said financial firms have well-established protocols for sharing information on such incidents.

"We are reminding members to stay current on all protective measures and patch critical vulnerabilities immediately," a spokesperson said in a statement, adding: "Ransomware remains one of the top threat vectors facing the financial sector."

WHY PAY?

Lockbit has hacked some of the world's largest organisations in recent months, stealing and leaking sensitive data in cases where victims refused to pay ransom.

In just three years, it has become the world's top ransomware threat, according to U.S. officials.

Nowhere has it been more disruptive than in the United States, hitting more than 1,700 American organisations in nearly every sector from financial services and food to schools, transportation and government departments.

Authorities have long advised against paying ransomware gangs in a bid to break the criminals' business model. Ransom is usually demanded in the form of cryptocurrency, which is harder to trace and gives the receiver anonymity.

© Reuters. FILE PHOTO: The logo of Industrial and Commercial Bank of China (ICBC) is pictured at the entrance to its branch in Beijing, China April 1, 2019. REUTERS/Florence Lo/File Photo

Some companies have quietly paid up in a bid to get back online quickly and avoid the reputational damage of having their sensitive data publicly leaked. Victims who do not have digital backups that allow them to restore their systems without the need of a decryption key sometimes have no choice but to pay.

Last week, Lockbit hackers published internal data from aerospace giant Boeing (NYSE:BA) and said on their website they had infected computer systems at law firm Allen & Overy.

Latest comments

Risk Disclosure: Trading in financial instruments and/or cryptocurrencies involves high risks including the risk of losing some, or all, of your investment amount, and may not be suitable for all investors. Prices of cryptocurrencies are extremely volatile and may be affected by external factors such as financial, regulatory or political events. Trading on margin increases the financial risks.
Before deciding to trade in financial instrument or cryptocurrencies you should be fully informed of the risks and costs associated with trading the financial markets, carefully consider your investment objectives, level of experience, and risk appetite, and seek professional advice where needed.
Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. The data and prices on the website are not necessarily provided by any market or exchange, but may be provided by market makers, and so prices may not be accurate and may differ from the actual price at any given market, meaning prices are indicative and not appropriate for trading purposes. Fusion Media and any provider of the data contained in this website will not accept liability for any loss or damage as a result of your trading, or your reliance on the information contained within this website.
It is prohibited to use, store, reproduce, display, modify, transmit or distribute the data contained in this website without the explicit prior written permission of Fusion Media and/or the data provider. All intellectual property rights are reserved by the providers and/or the exchange providing the data contained in this website.
Fusion Media may be compensated by the advertisers that appear on the website, based on your interaction with the advertisements or advertisers.
© 2007-2024 - Fusion Media Limited. All Rights Reserved.