The U.S. financial services division of the Industrial and Commercial Bank of China (ICBC), the largest lender by assets globally, experienced a ransomware attack that disrupted specific systems, particularly affecting the trading of U.S. Treasurys. Following the discovery of the cyberattack, ICBC isolated the impacted systems to contain the incident. Despite the disruptions, ICBC reported it successfully cleared U.S. Treasury trades and repo financing trades, providing evidence of attempts to mitigate the impact and normalize operations. The event highlights the increasing threat of ransomware attacks in the financial sector, underscoring the importance of robust cybersecurity measures and rapid response protocols. This incident is a stark reminder of the vulnerabilities in the global financial system and the potential operational risks posed by such cyberattacks.
Source: https://www.cnbc.com/2023/11/10/icbc-the-worlds-biggest-bank-hit-by-ransomware-cyberattack.html
TPRM report: https://scoringcyber.rankiteo.com/company/industrial-and-commercial-bank-of-china
"id": "ind408050724",
"linkid": "industrial-and-commercial-bank-of-china",
"type": "Ransomware",
"date": "10/2023",
"severity": "100",
"impact": "",
"explanation": "Attack on finance system with significant operational disruptions"{'affected_entities': [{'industry': 'Financial Services',
'location': 'United States',
'name': 'Industrial and Commercial Bank of China '
'(ICBC)',
'size': 'Large',
'type': 'Financial Institution'}],
'description': 'The U.S. financial services division of the Industrial and '
'Commercial Bank of China (ICBC), the largest lender by assets '
'globally, experienced a ransomware attack that disrupted '
'specific systems, particularly affecting the trading of U.S. '
'Treasurys. Following the discovery of the cyberattack, ICBC '
'isolated the impacted systems to contain the incident. '
'Despite the disruptions, ICBC reported it successfully '
'cleared U.S. Treasury trades and repo financing trades, '
'providing evidence of attempts to mitigate the impact and '
'normalize operations. The event highlights the increasing '
'threat of ransomware attacks in the financial sector, '
'underscoring the importance of robust cybersecurity measures '
'and rapid response protocols. This incident is a stark '
'reminder of the vulnerabilities in the global financial '
'system and the potential operational risks posed by such '
'cyberattacks.',
'impact': {'operational_impact': 'Disruption in trading of U.S. Treasurys',
'systems_affected': ['Trading systems for U.S. Treasurys']},
'lessons_learned': 'The importance of robust cybersecurity measures and rapid '
'response protocols in the financial sector.',
'response': {'containment_measures': ['Isolated impacted systems'],
'recovery_measures': ['Successfully cleared U.S. Treasury trades '
'and repo financing trades']},
'title': 'Ransomware Attack on ICBC U.S. Financial Services Division',
'type': 'Ransomware Attack'}