HQ/EMEAFind out how we can help your business
The aftermath of the recent ICBC ransomware incident has sent shockwaves throughout the global financial entities, significantly impacting the U.S. Treasury market. An international investment rating and research company published a report detailing the damage caused by the LockBit ransomware attack and its effects on trading markets.
The report highlighted the significant trade settlement caused by the cyberattack on ICBC. The Federal Reserve is now responsible for resolving these issues, as the attack partially disrupted the U.S. Treasury market.
Failed trading rates in the U.S. Treasury market have dramatically increased to $60 billion as of November 9, nearing a record high for 2023. Fortunately, these rates have since returned to normal levels.
ICBC’s Financial Services Unit faced various problems in clearing U.S. Treasury trades after the attack forced the shutdown of its New York subsidiary. The subsidiary, temporarily unable to access corporate email accounts, has resorted to sending settlement details for its trades to affected parties on a USB stick via a messenger in Manhattan.
The ICBC ransomware incident concluded in a ransom payment.
LockBit, a prominent Russian-speaking hacking group, claimed responsibility for the ICBC ransomware incident. This threat group stated the company had completed a ransomware payment to start the restoration of its systems. A representative of the hacking group confirmed the reports and claimed that the deal was closed.
The attack did not cause significant stress in the U.S. market and suggested that ICBC’s losses, while impactful, are manageable. Unfortunately, the report is aware that the cyberattack could inflict reputational damage to ICBC’s Financial Services Unit (ICBC FS) but emphasised that the incident did not escalate into systemic risk in the financial sector.
Financial experts have praised ICBC’s overall financial strength since the damage could have been more widespread and systemic if the attack had involved destructive wiper malware, which happened to the NotPetya cyberattack in June 2017.
The ICBC LockBit ransomware attack is a prime example of the vulnerabilities within the global financial sector. While the incident did not result in systemic risk, cybersecurity experts note the importance of potent cybersecurity measures for financial institutions of all sizes to prevent potential market-wide disruptions.
