So much for decoupling. Hackers managed to disrupt the US treasury market by targeting not an American financial institution, but a Chinese mega-bank.

The financial services arm of the Industrial and Commercial Bank of China announced Thursday that a ransomware attack disrupted its systems and prevented it from settling Treasury trades on behalf of other market participants. The transaction reportedly failed to complete and traders had to transfer their deals to other financial institutions. The bank was also forced to obtain settlement data from affected parties using messengers and portable USB drives, Bloomberg reported.

The bank said it was conducting a “thorough investigation” and “stepping up its recovery efforts,” according to a notice posted on ICBC Financial Services’ website on Thursday. The notice said the bank successfully cleared US Treasury trades executed on Wednesday and repo financing trades executed on Thursday. The bank also said that systems at other foreign and domestic branches as well as the head office were not affected.

ICBC is the highest ranked bank in the Fortune Global 500, which ranks global companies by revenue, 28th. According to S&P Global Intelligence, it is the largest bank in both China and the world by assets. ICBC is a government-owned bank and offers a range of services from personal and commercial banking to wealth management and treasury management services.

Fortunately, the disruption from the ICBC attack may be limited, as treasury market experts say traders often have relationships with multiple banks. Yet the ICBC attack highlights the challenge of keeping banking and financial institutions secure as more transactions move online.

What is Ransomware?

Ransomware is a type of malware that locks a victim’s device, data, or systems until payment is made.

In recent months, hackers have attacked two casino companies—MGM and Caesars—and Boeing with ransomware attacks. In the case of MGM, the ransomware attack disrupted websites, reservation systems, and even slot machines at its resorts.

The consequences of a ransomware attack can be serious. An attack on the Colonial Pipeline in May 2021 threatened gas supplies for millions of Americans on the US East Coast, and was resolved only after the company paid about $5 million in ransom to the hackers.

Lockbit, a criminal gang with ties to Russia, is suspected of carrying out the attack on ICBC, Bloomberg reports. The group attacked ION Trading UK and the UK’s Royal Mail earlier this year.

But it is highly unusual for a large bank like ICBC to be hit by “this disruptive onslaught of ransomware attacks,” said Alan Liska, an expert at cybersecurity firm Recorded Future. Reuters. The attack continues “a trend of increasing brazenness by ransomware groups,” he added.

Source: fortune.com