November 10, 2023 at 10:32AM
The Industrial & Commercial Bank of China (ICBC) has confirmed that it experienced a ransomware attack on November 8, which disrupted its services. The attack impacted certain financial services systems, including its ability to connect to DTCC/NSCC and settle U.S. Treasury trades for other market participants. ICBC is conducting an investigation and working on recovery efforts with the support of information security experts. The incident did not affect the bank’s business and email systems, as well as its branches in the United States and other affiliated institutions domestically and abroad. The bank is currently restoring its systems and services.
Summary of Meeting Notes:
The Industrial & Commercial Bank of China (ICBC) experienced a ransomware attack on November 8, 2023, which resulted in disruption to certain financial services (FS) systems. Upon discovering the incident, ICBC disconnected and isolated the impacted systems to contain the attack. The bank is currently conducting a thorough investigation and progressing with recovery efforts, with support from information security experts. ICBC has also reported the incident to law enforcement. It clarified that the attack did not affect its business and email systems, as well as the systems of ICBC New York Branch, ICBC Head Office, and other affiliated institutions domestically and abroad.
As a result of the attack, ICBC was unable to connect to DTCC/NSCC, causing clearing issues in the U.S. Treasury market. This impacted all of ICBC’s clearing customers. The bank is working closely with ICBC to resolve the issue and will advise as soon as it is resolved.
Multiple sources have confirmed that ICBC fell victim to a ransomware attack, with an unpatched Citrix server being exploited. The server, which was last seen online on Monday, is now offline. This security vulnerability allows attackers to bypass authentication and gain remote access to an organization’s systems.
ICBC is China’s largest bank and the largest commercial bank in the world by revenue. It has a significant number of corporate and individual customers and operates branches in multiple countries, including the United States.
Please note that the above is a summary of the meeting notes. For more detailed information, please refer to the original document.