Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Tom’s Hardware
Tom’s Hardware
Technology
Brandon Hill

China's Largest Bank Forced to Settle Trades by USB Stick After Ransomware Attack

Buffalo Thumb Drive.

Industrial & Commercial Bank of China Ltd., which is listed as the world's largest bank, was recently affected by a crippling ransomware attack. Specifically, the cyberattack targeted its U.S. division, ICBC Financial Services (ICBC FS), based in New York.

It has been reported that the incident, which disrupted several of the company's systems responsible for settling financial transactions, impacted the trading of U.S. Treasury securities earlier this week. Instead of settling transactions electronically via secure systems, ICBC FS was forced to rely on messengers carrying USB thumb drives around Manhattan, NY loaded with the settlement details.  

"Immediately upon discovering the incident, ICBC FS disconnected and isolated impacted systems," said ISBC FS in a notice on its website. "ICBC FS has been conducting a thorough investigation and is progressing its recovery efforts with the support of its professional team of information security experts. ICBC FS has also reported this incident to law enforcement."

With China becoming more tightly interwoven in the U.S. financial sector, disruptions like these are certain to draw a lot of scrutiny. In fact, ICBC is the only Chinese broker with the necessary clearance as a securities broker in the U.S.

"ICBC has been closely monitoring the matter and has done its best in emergency response and supervisory communication," added Chinese foreign ministry spokesperson Wang Wenbin in response to the ransomware attack. 

For its part, the U.S. Treasury is monitoring the situation. "We are aware of the cybersecurity issue and are in regular contact with key financial sector participants, in addition to federal regulators. We continue to monitor the situation," said a spokesman who gave a statement to Bloomberg.

ICBC has not publicly indicated who may have been behind the ransomware attack, but security researchers believe that LockBit is responsible. LockBit has attacked high-profile companies across the globe, including Boeing and the Royal Mail of the U.K. LockBit 3.0 malware was allegedly used in the attack, which is difficult to detect and harden defenses against because, "each instance of the malware requires a unique password to run without which analysis is extremely difficult or impossible," according to VMWare.

(Image credit: Flashpoint)

Cyber cyber intelligence firm Flashpoint reported in July that LockBit is by far the most prolific purveyor of ransomware globally.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.