Home Cyber Attack ICBC Ransomware Attack – China’s Largest Bank Forced To Use USBs

ICBC Ransomware Attack – China’s Largest Bank Forced To Use USBs

by Abeerah Hashim

As ransomware attacks continue wreaking havoc, the latest victim turned out to be the largest Chinese bank. The ICBC Bank admitted suffering a ransomware attack, following which, the bank switched to using USB sticks to continue operations manually.

ICBC Suffered Ransomware Attack

Reportedly, the largest Chinese Bank, the Industrial and Commercial Bank of China (ICBC), has become the latest victim of a ransomware attack. The attack struck the US unit of ICBC Financial Services, disrupting the US Treasury market trades.

The news about this incident first surfaced online on Thursday when the Financial Times reported the matter.

Initially, the bank confirmed facing no impact on the other units, as it started recovery measures from the attack. That included isolating its systems from the rest of the Wall Street.

Eventually, the Bank managed to continue its operations manually as it resorted to using USB sticks for information exchange with BNY Mellon. Nonetheless, the resultant disruptions following the cyberattack compelled ICBC’s parent firm to inject $9 billion to cover unsettled trades.

According to FT, BNY disconnected ICBC from its systems, refusing a reconnection until a third-party firm cleared the Bank for safety threats. Nonetheless, Reuters report that ICBC representatives already assured to have involved a cybersecurity firm for security assessment.

The Notorious Lockbit Found Responsible For ICBC Cyber Attack

Initially, it remained unclear how ICBC fell prey to the ransomware attack and who the attackers were. However, as the news gained traction, the notorious Lockbit ransomware gang appeared as the adversary responsible for this attack. According to Reuters, a Lockbit representative confirmed the attack via the Tox messaging service.

Lockbit first made it to the news a few years ago, undergoing several improvisations over time as it kept targeting different organizations. Consequently, the ransomware surfaced online as newer iterations, starting from Lockbit, followed by Lockbit 2.0, and then Lockbit 3.0. With every iteration, the ransomware kept enhancing its malicious capabilities, achieving the ability to target more operating systems, including Macs.

Let us know your thoughts in the comments.

You may also like