November 10, 2023 at 07:00AM
China’s Industrial and Commercial Bank of China Financial Services, a financial services business of China’s largest bank, experienced a ransomware attack that disrupted trading in the U.S. Treasury market. The attack affected some of its systems, but the company disconnected parts to mitigate the impact. The incident is being investigated and has been reported to law enforcement. According to reports, the attack was carried out by LockBit, a Russian-speaking ransomware group known for targeting organizations worldwide.
Key Takeaways from Meeting Notes:
1. ICBC Financial Services, a subsidiary of Industrial and Commercial Bank of China, experienced a ransomware attack that disrupted trading in the U.S. Treasury market.
2. The attack occurred earlier in the week and affected some of ICBC’s systems.
3. ICBC Financial Services disconnected parts of the affected systems to minimize the impact of the attack.
4. The company has launched an investigation into the incident and has informed law enforcement.
5. Treasury trades executed on Wednesday and repo financing trades on Thursday were cleared despite the attack.
6. ICBC’s banking, email, and other systems were not affected by the ransomware attack.
7. The attack was reportedly carried out by the LockBit ransomware syndicate, known for its efficiency and targeting non-Soviet countries since September 2019.
8. LockBit has targeted thousands of organizations in its ransomware campaigns.
9. The meeting notes also mention related topics such as a zero-day vulnerability exploited by a different ransomware group, emerging initial access methods used by ransomware groups, and the shutdown of the RagnarLocker ransomware infrastructure.