According to media sources, the Industrial and Commercial Bank of China (ICBC) paid a ransom after a cyberattack on some of its US-based systems last week, according to LockBit, the hacker group behind the incident.
The breach on the world’s largest lender by total assets, revealed on November 9, prevented some US Treasury market deals from clearing, forcing brokers and dealers to reroute transactions.
A LockBit official verified the payment on Monday, according to Reuters, but declined to disclose any specifics.
“They paid a ransom, deal closed,” the representative said using the online chat app Tox.
According to the publication, the ICBC breach was so serious that even corporate email servers went down, forcing employees to use Google mail.
“The market is mostly back to normal now,” said Penn Mutual Asset Management portfolio manager Zhiwei Ren.
Ransomware is a sort of cyberattack in which hackers seize control of systems or information and demand a ransom payment. In recent years, this form of attack has grown in favour among hackers.
A financial industry cybersecurity association, the Financial Services Information Sharing and Analysis Centre, recommended businesses to “stay current on all protective measures and patch critical vulnerabilities immediately.”
“Ransomware remains one of the top threat vectors facing the financial sector,” a spokeswoman for the organisation stated.
LockBit has recently targeted some of the world’s major organisations, causing significant disruption in the United States. In cases when victims refused to pay, the cybercriminal gang stole information and leaked crucial data.
According to Reuters, the ransomware group has targeted over 1,700 organisations in the United States, ranging from financial services and food to schools, transportation, and government offices.
