World's largest bank forced to use USB stick for trading after cyberattack cripples its network
The biggest Chinese bank in the U.S., ICBC, gets hacked. They couldn't finish lots of U.S. Treasury trades because the systems got disconnected. The cyberattack caused disruptions for them.
Highlights
- ICBC's U.S. unit faced a ransomware attack, impacting operations
- ICBC used a USB stick to transmit crucial settlement details amidst the cyber crisis
- The incident emphasises global repercussions, underscoring the urgency for enhanced cybersecurity in banking
The world's largest bank, Industrial & Commercial Bank of China Ltd. (ICBC), faced a crippling cyberattack, leaving its U.S. unit unable to process significant U.S. Treasury trades. The aftermath forced ICBC to resort to an unconventional solution—sending vital settlement details via a USB stick.
ICBC's U.S. unit fell victim to a cyberattack believed to be orchestrated by the Lockbit gang linked to Russia. The attack disrupted market activities, forcing ICBC to use a messenger with a USB stick to relay crucial settlement details.
Market-makers, brokerages, and banks experienced immediate disruptions, rerouting trades with uncertain timelines for the restoration of normalcy. Cybersecurity firm Truesec, emphasised the global impact, stating,
This is a true shock to large banks around the world.
Ransomware confirmation
ICBC's Beijing headquarters held urgent meetings with the U.S. division and regulators to assess the situation. The bank confirmed a ransomware attack on its ICBC Financial Services unit but assured that the bank's head office and overseas units, including the New York branch, were unaffected.
Ransomware attacks involve encrypting a victim's data and demanding payment, often in cryptocurrency, for its release. It's a form of cyber extortion where access to files or systems is held hostage until a ransom is paid.
Cybersecurity concerns
The incident underscores the growing threat of cyberattacks on crucial components of the financial system. Mattias Wahlen from Truesec highlighted potential weaknesses in ICBC's defences, suggesting a need for enhanced security measures.
As the Securities and Exchange Commission works on proposals to reduce financial risks, the incident emphasises the importance of cybersecurity in an increasingly digital banking landscape.
Financial system
ICBC's cyber ordeal serves as a stark reminder of the vulnerability of global financial systems to cyber threats. With cybersecurity concerns at the forefront, the banking industry faces an urgent call to fortify defences and ensure the resilience of critical infrastructure against potential future attacks.
