The U.S. branch of the Industrial & Commercial Bank of China (ICBC) fell victim to a cyberattack last Thursday, disrupting the clearance of significant volumes of U.S. Treasury trades as the entities responsible for transaction settlement hastily disconnected from the affected systems.
Reportedly orchestrated by the notorious Lockbit criminal gang, linked to Russia and previously associated with attacks on Boeing Co., ION Trading UK, and the UK’s Royal Mail, the incident prompted ICBC to convey settlement details via a messenger carrying a thumb drive, a measure taken in a race against time to mitigate the impact.
The attack triggered immediate chaos, compelling market-makers, brokerages, and banks to reroute trades, leaving many uncertain about when normal access would be restored. As of the end of 2022, the U.S. unit of ICBC held $23.5 billion in assets, as per its latest annual filing with U.S. regulators.
ICBC officially acknowledged the cyberattack, confirming it as a ransomware incident that disrupted systems at its ICBC Financial Services unit. The affected systems were promptly isolated, with no impact reported at the bank’s head office or other overseas units, including the New York branch.
Upon discovering the breach, ICBC’s Beijing headquarters convened urgent meetings with the U.S. division, notifying regulators and strategizing the next steps to assess the incident’s impact. In response to potential risks of attacks on other units, ICBC is reportedly contemplating seeking assistance from China’s Ministry of State Security, according to an insider cited by Bloomberg.
This attack on the world’s largest bank serves as a stark warning to financial institutions in Nigeria, urging them to enhance their security infrastructure. Recent incidents reveal significant losses, with three fintechs reportedly losing over N5 billion to hackers in the first eight months of the year.
The situation is exacerbated by internal involvement, as some heists allegedly include staff members of the affected fintechs.
Commercial banks in Nigeria are also grappling with financial losses from hacks and frauds, with FITC’s Q2 2023 Fraud and Forgeries report disclosing a staggering N5.79 billion lost to fraud activities, reflecting a drastic 1,125.03% increase from the previous quarter.
Current Wave of Cyberassaults Targets Global Corporations
This cyberattack on ICBC echoes a broader trend of global companies falling prey to ransomware assaults. In the past eight months, ION Trading UK, a relatively obscure company serving derivatives traders globally, experienced a ransomware attack that paralyzed markets and compelled the manual processing of transactions.
The incident underscores the heightened alert among financial institutions, with Chainalysis reporting approximately $500 million in ransomware payments through September, a nearly 50% increase from the previous year.
Corvus Insurance highlights a 95% surge in ransomware attacks in the first three quarters of this year compared to the same period in 2022. The remainder of the 2020 cyberattack on the New Zealand Stock Exchange, affecting over 100 global financial firms, emphasizes the persistent and evolving threat landscape faced by the financial sector.