China’s ICBC, the world’s biggest bank, hit by cyberattack

ICBC did not reveal who was behind the attack but said it has been conducting a thorough investigation.

The U.S. financial services division of Chinese bank ICBC was hit with a cyberattack that reportedly disrupted the trading of Treasurys.
Industrial and Commercial Bank of China, the world’s largest lender by assets, said Thursday that its financial services arm, called ICBC Financial Services, experienced a ransomware attack “that resulted in disruption to certain” systems.
Immediately after discovering the hack, ICBC “isolated impacted systems to contain the incident,” the state-owned bank said.
Ransomware is a type of cyberattack. It involves hackers taking control of systems or information and only letting them go once the victim has paid a ransom. It’s a type of attack that has seen an explosion in popularity among bad actors in recent years.
ICBC did not reveal who was behind the attack but said it has been “conducting a thorough investigation and is progressing its recovery efforts with the support of its professional team of information security experts.”
The Chinese bank also said it is working with law enforcement.
ICBC said it “successfully cleared” U.S. Treasury trades executed Wednesday and repo financing trades done on Thursday. A repo is a repurchase agreement, a type of short-term borrowing for dealers in government bonds.
However, multiple news outlets reported there was disruption to U.S. Treasury trades. The Financial Times, citing traders and banks, said Friday that the ransomware attack prevented the ICBC division from settling Treasury trades on behalf of other market participants.
The U.S. Treasury Department told CNBC: “We are aware of the cybersecurity issue and are in regular contact with key financial sector participants, in addition to federal regulators. We continue to monitor the situation.”
ICBC said the email and business systems of its U.S. financial services arm operate independently of ICBC’s China operations. The systems of its head office, the ICBC New York branch, and other domestic and overseas affiliated institutions were not affected by the cyberattack, ICBC said.

Wang Wenbin, spokesperson for China’s Ministry of Foreign Affairs, said Friday that ICBC is striving to minimize the impact and losses after the attack, according to a Reuters report.

Speaking at a regular news conference, Wang said ICBC has paid close attention to the matter and has handled the emergency response and supervision well, the Reuters report said.

Nobody has claimed responsibility for the attack yet and ICBC has not said who might be behind it.

In the cybersecurity world, finding out who is behind a cyberattack is often very difficult due to the techniques hackers use to mask their locations and identities.

But there are clues about what kind of software was used to carry out the attack.

By Arjun Kharpal, CNBC