The U.S. financial services division of Chinese bank ICBC has been targeted a cyberattack that reportedly disrupted the trading of Treasurys. Industrial and Commercial Bank of China, which is known as the world’s largest lender assets, stated that its financial services arm, ICBC Financial Services, was affected a ransomware attack that disrupted certain systems. In response, ICBC isolated the impacted systems to contain the incident and is conducting a thorough investigation backed a professional team of information security experts.
The ransomware attack involves hackers taking control of systems or information and only releasing them once a ransom has been paid. ICBC has not disclosed the identity of the attacker but has stated that it is working with law enforcement.
Despite the attack, ICBC reported that it “successfully cleared” U.S. Treasury trades executed Wednesday and repo financing trades done on Thursday. However, multiple news outlets have reported disruption to U.S. Treasury trades, with some stating that the ransomware attack prevented ICBC from settling Treasury trades on behalf of other market participants.
The U.S. Treasury Department is monitoring the situation and is in regular contact with key financial sector participants and federal regulators. ICBC clarified that the email and business systems of its U.S. financial services arm operate independently of ICBC’s China operations and that its head office, the ICBC New York branch, and other domestic and overseas affiliated institutions were not affected the cyberattack.
In response to the attack, Wang Wenbin, spokesperson for China’s Ministry of Foreign Affairs, stated that ICBC is striving to minimize the impact and losses. He noted that ICBC has handled the emergency response and supervision well. This report also includes contributions from CNBC’s Steve Kopack.