The Industrial and Commercial Bank of China (ICBC), the world’s largest bank by deposits, was hit by a cyberattack earlier this week. According to the reports, the attack disrupted US Treasury trades, leading the bank to use a USB stick to complete its settlements.
The US financial services unit of ICBC disclosed on Thursday that it had experienced a ransomware attack, causing disruptions to several systems. Consequently, the bank was forced to physically transport a USB stick containing the settlement details to affected parties, as reported by various media outlets.
Despite ICBC’s claims that it had successfully cleared US Treasury trades executed on Wednesday, multiple reports cited disruptions and liquidity issues caused by the cyberattack. The incident has sent ripples through the banking sector, as Marcus Murray, the founder of the Swedish cybersecurity firm Truesec, stated, “This is a true shock to large banks around the world. The ICBC hack will make large banks around the globe race to improve their defenses, starting today.”
The US financial services unit of ICBC had $23.5 billion in assets at the end of 2022, according to its most recent annual filing with US regulators. We must note that ransomware is a type of cyberattack in which hackers seize control of systems or information and demand a ransom. This type of attack has increased in popularity among hackers in recent years.
Notably, Chinese banks have not been usual targets for ransomware attacks since cryptocurrency is typically demanded as a ransom, providing more anonymity. However, it is essential to highlight that China has banned crypto-related transactions.
As of now, no party has claimed responsibility for the ICBC attack, and the Chinese lender has not identified the perpetrators. According to analytics firm Chainalysis, payments for ransomware attacks had totaled $500 million by the end of September, marking a 50% increase from the previous year.
This incident poses a significant threat to the banking sector’s cybersecurity, and it has sparked concerns about the possible vulnerabilities in global financial systems. While banks have been investing resources into cybersecurity, the ICBC attack underscores the urgent need for even stronger measures to safeguard banking operations from sophisticated cyber threats.
The attack on ICBC could potentially lead to new regulations and requirements for banks to improve their defense against cyber threats. Furthermore, it may trigger a reassessment of the readiness of banks and financial institutions to respond to similar incidents.
In conclusion, the cyberattack on ICBC has placed a spotlight on the vulnerabilities of the banking sector to cyber threats, highlighting the critical need for advanced security measures. Banks worldwide will likely reevaluate their cybersecurity protocols to protect their operations and sensitive financial transactions from potential cyberattacks.