In a striking revelation of vulnerability, Industrial & Commercial Bank of China, the world's largest bank, resorted to using a USB stick to handle transactions in the wake of a disruptive cyberattack. The U.S. unit of ICBC was the target of a sophisticated hack, believed to be perpetrated by Lockbit, a notorious cybercrime group. This breach forced the bank to disconnect its compromised systems, which are integral for clearing U.S. Treasury trades, leading to an unconventional solution: manually transferring critical settlement details via a thumb drive carried across Manhattan by a messenger.
The cyberattack, which brought immediate turmoil to the Treasury market, underscores the palpable threat of digital assaults on the financial industry's infrastructure. With ICBC's clients forced to redirect their trades, the event highlights the potential for significant market disruption. The hack is attributed to the same group linked to previous attacks on major corporations like Boeing Co. As the bank scrambled to contain the fallout, the broader financial community took note of the incident's gravity, recognizing the urgency for fortified cyber defenses across the globe.
Amid the chaos, ICBC's management convened emergency sessions, and the possibility of seeking assistance from China's Ministry of State Security was considered, given the risk of similar attacks on other branches. The bank confirmed the ransomware attack impacted its ICBC Financial Services unit, causing system disruptions, but assured that the main office and other overseas divisions remained unaffected. Chinese officials, including Foreign Ministry spokesman Wang Wenbin, indicated that the bank is taking "effective" measures to mitigate the risks and consequences of the attack.
The extent of the disruption remains to be fully assessed, but the tremors were felt across the Treasury market, with reports of compromised liquidity. Industry group Sifma was actively involved in discussions with members about the breach. As of year-end 2022, ICBC FS reported assets totaling $23.5 billion, with services including fixed-income clearing and securities lending. This incident stands as a stark reminder of the financial sector's susceptibility to digital threats and the critical need for robust cybersecurity measures.
