China’s ICBC, the world’s biggest bank, hit by cyberattack that reportedly disrupted Treasury markets
A pedestrian walks pass a branch of Industrial & Commercial Bank of China (ICBC) in Fuzhou, Fujian province of China.
VCG | Getty Images
The U.S. financial services division of Chinese bank ICBC was hit with a cyberattack that reportedly disrupted the trading of Treasurys.
Industrial and Commercial Bank of China, the world’s largest lender by assets, said Thursday that its financial services arm, called ICBC Financial Services, experienced a ransomware attack “that resulted in disruption to certain” systems.
Immediately after discovering the hack, ICBC “isolated impacted systems to contain the incident,” the state-owned bank said.
Ransomware is a type of cyberattack. It involves hackers taking control of systems or information and only letting them go once the victim has paid a ransom. It’s a type of attack that has seen an explosion in popularity among bad actors in recent years.
ICBC did not reveal who was behind the attack but said it has been “conducting a thorough investigation and is progressing its recovery efforts with the support of its professional team of information security experts.”
The Chinese bank also said it is working with law enforcement.
ICBC said it “successfully cleared” U.S. Treasury trades executed Wednesday and repo financing trades done on Thursday. A repo is a repurchase agreement, a type of short-term borrowing for dealers in government bonds.
However, multiple news outlets reported there was disruption to U.S. Treasury trades. The Financial Times, citing traders and banks, said Friday that the ransomware attack prevented the ICBC division from settling Treasury trades on behalf of other market participants.
The U.S. Treasury Department told CNBC: “We are aware of the cybersecurity issue and are in regular contact with key financial sector participants, in addition to federal regulators. We continue to monitor the situation.”
ICBC said the email and business systems of its U.S. financial services arm operate independently of ICBC’s China operations. The systems of its head office, the ICBC New York branch, and other domestic and overseas affiliated institutions were not affected by the cyberattack, ICBC said.
What did the Chinese government say?
Wang Wenbin, spokesperson for China’s Ministry of Foreign Affairs, said Friday that ICBC is striving to minimize the impact and losses after the attack, according to a Reuters report.
Speaking at a regular news conference, Wang said ICBC has paid close attention to the matter and has handled the emergency response and supervision well, according to Reuters.
What do we know about the ransomware attack?
Nobody has claimed responsibility for the attack yet and ICBC has not said who might be behind the attack.
In the cybersecurity world, finding out who is behind a cyberattack is often very difficult due to the techniques hackers use to mask their locations and identities.
But there are clues about what kind of software was used to carry out the attack.
Marcus Murray, founder of Swedish cybersecurity firm Truesec, said the ransomware used is called LockBit 3.0. Murray said this information has come from sources with relations to Truesec, but was unable to reveal who those sources are due to confidentiality reasons. The Financial Times reported, citing two sources, that LockBit 3.0 was the software behind the attack too. CNBC was unable to independently verify the information.
This kind of ransomware can make its way into an organization in many ways. For example, by someone clicking on a malicious link in an email. Once in, its aim is to extract sensitive information about a company.
VMWare cybersecurity team said in a blog last year that LockBit 3.0 is a “challenge for security researchers because each instance of the malware requires a unique password to run without which analysis is extremely difficult or impossible.” The researchers added that the ransomware is “heavily protected” against analysis.
The U.S. government’s Cybersecurity and Infrastructure Security Agency calls LockBit 3.0 “more modular and evasive,” making it harder to detect.
LockBit is the most popular strain of ransomware, accounting for around 28% of all known ransomware attacks from July 2022 to June 2023, according to data from cybersecurity firm Flashpoint.
What is LockBit?
The LockBit is the group behind the software. Its business model is known as “ransomware-as-a-service.” It effectively sells its malicious software to other hackers, known as affiliates, who then go on to carry out the cyberattacks.
The leader of the group goes by the online name of “LockBitSup” on dark web hacking forums.
“The group primarily posts in Russian and English, but according to its website, the group claims to be located in the Netherlands and to not be politically motivated,” Flashpoint said in a blogpost.
The group’s malware is known to target small and medium-sized businesses.
LockBit has previously claimed responsibility for ransomware attacks on Boeing and the U.K’s. Royal Mail.
In June, the U.S. Department of Justice charged a Russian national for his involvement in “deploying numerous LockBit ransomware and other cyberattacks” against computers in the U.S., Asia, Europe and Africa.
“LockBit actors have executed over 1,400 attacks against victims in the United States and around the world, issuing over $100 million in ransom demands and receiving at least as much as tens of millions of dollars in actual ransom payments made in the form of bitcoin,” the DOJ said in a press release in June.
— CNBC’s Steve Kopack contributed to this article.
Technology
Tesla stock pops 8% in premarket after report Trump wants to relax U.S. self-driving rules
Technology
European tech CEOs urge ‘Europe-first’ mentality to counter U.S. dominance after Trump victory
Thomas Plantenga, CEO of used fashion resale app Vinted, on center stage during Web Summit 2024 in Lisbon, Portugal.
Harry Murphy | Sportsfile for Web Summit Getty Images
LISBON, Portugal — Tech CEOs in Europe are urging region al countries to take bolder action to tackle Big Tech’s dominance and counter reliance on the U.S. for critical technologies like artificial intelligence after Donald Trump’s electoral win.
The Republican politician’s victory was a key topic among prominent tech bosses at the Web Summit conference in Lisbon, Portugal. Many attendants said they’re unsure of what to expect from the U.S. president-elect, citing this unpredictability as a core challenge at present.
Andy Yen, CEO of Swiss VPN developer Proton, says Europe should echo American protectionism and adopt a more “Europe-first” approach to technology — in part to reverse the trend of the last two decades, during which much of the Western world’s most important technologies, from web browsing to smartphones, have become dominated by a handful of large U.S. tech firms.
VPNs, or virtual private networks, are services that encrypt data and mask a user’s IP address to hide browsing activity and bypass censorship.
“It’s time for Europe to step up,” Yen told CNBC on the sidelines of Web Summit. “It’s time to be bold. It’s time to be more aggressive. And the time is now, because we now have a leader in the U.S. that is ‘America-first,’ so I think our European leaders should be ‘Europe-first.'”
One key push for the past decade from the European Union has been to take legal action and introduce tough new regulations to tackle the dominance of large technology players, such as Google, Apple, Amazon, Microsoft and Meta.
As Trump prepares to come into power for a second mandate, concerns have now mounted that Europe might reel in its tough approach to tech giants out of fear of retaliation from the new administration.
US Big Tech playing ‘extremely unfairly’
Proton’s Yen, for one, urged the EU not to water down its attempts to rein in America’s tech giants.
“Europe has been thinking in a very globalist mindset. They’re thinking we need to be fair to everybody, we need to open our market to everybody, we need to play fair, because we believe in fairness,” he told CNBC.
“Well, guess what? The Americans and the Chinese didn’t get the memo. They have been playing extremely unfairly for the last 20 years. And now they have a president that is extremely ‘America-first.'”
Mitchell Baker, former CEO of American open internet non-profit Mozilla Foundation, said the EU’s DMA has led to meaningful changes for the Firefox browser, with activity increasing since Google implemented a “choice screen” on Android phones that enables users to select their search engine.
“The change in Firefox new users and market share on Android is noticeable,” Baker said. “That’s nice for us — but it’s also an indicator of how much power and centralized distribution that these companies have.”
She added, “This change in usage because of one choice screen isn’t the full picture. But it is an indicator of the kind of things that consumers can’t choose and that businesses can’t build successfully because of the way the tech industry is structured right now.”
Thomas Plantenga, CEO of Lithuania-headquartered used clothing resale app Vinted, urged Europe to take the “right choices” to ensure the continent can “fend for ourselves” and does not get “left behind.”
“If you look very realistically at what countries do, they try to take care of themselves and they try to form coalitions to be stronger themselves, and as a coalition be stronger,” Plantenga told CNBC in an interview. “We have a lot of very talented, well-educated people.”
“We need [to] ensure that we can take care of our own safety, that we can take care of our own energy, that we ensure to keep on investing in our education and innovation so that we can keep up with the rest [of the world],” he stressed. “If we don’t, then we’ll be left behind. In every collaboration, it’s always a trade. And if we don’t have much to trade, we become weaker.”
‘AI sovereignty’ now a key battleground
Another theme that attracted much chatter on the ground at Web Summit was the idea of “AI sovereignty” — which refers to countries and regions localizing critical computing infrastructure behind AI services, so that these systems become more reflective of regional languages, cultures and values.
With Microsoft becoming a key player in AI, concerns have surfaced that the maker of the Windows operating system and Office productivity tools suite has secured a dominant position when it comes to foundational AI tools.
The tech giant is a key backer behind ChatGPT maker OpenAI, whose technology it also heavily uses in its own products.
For some startups, Microsoft’s decision to embrace AI has resulted in harmful, anti-competitive effects.
Last year, Microsoft hiked the fees it charges search engines to use its Bing Search APIs, which allow developers access to the tech giant’s backend search infrastructure — in part because of higher costs attached to its AI-powered search features.
“They’re gradually reducing our revenue — we’re still relying on them — and that reduces our capacity to do things,” Christian Kroll, CEO of sustainability-focused search engine Ecosia, told CNBC. “Microsoft is a very fierce competitor.”
CNBC has reached out to Microsoft for comment.
Ecosia recently partnered with fellow search provider Qwant to build a European search index and reduce dependence on U.S. Big Tech to deliver web browsing results.
Meanwhile, the European Union’s AI Act, a landmark artificial intelligence law with global implications, introduces new transparency requirements and restrictions on companies developing and using AI.
The laws are likely to have a big impact on predominantly U.S. tech firms, since they’re the ones doing much of the development of — and investment in — AI.
With Trump set to come into power, it’s unclear what that could mean for the global AI regulatory landscape.
Shelley McKinley, chief legal officer of code repository platform GitHub, said she can’t predict what Trump will do in his second term — but that businesses are planning for a range of different scenarios in the meantime.
“We will learn in the next few months what President-elect Trump will say, and in January we will start seeing some of what President Trump does in this area,” McKinley said during a CNBC-moderated panel earlier this week.
“I do think it is important that we all, as society, as businesses, as people, continue to think about the different scenarios,” she added. “I think, as with any political change, as with any world change, we’re still all thinking about what are all of the scenarios we might operate.”
Technology
European SpaceX rival raises $160 million for reusable capsule to carry astronauts, cargo to space
-
Sports2 years ago‘Storybook stuff’: Inside the night Bryce Harper sent the Phillies to the World Series
-
Sports8 months agoStory injured on diving stop, exits Red Sox game
-
Sports2 years agoMLB Rank 2023: Ranking baseball’s top 100 players
-
Sports1 year agoGame 1 of WS least-watched in recorded history
-
Environment1 year agoJapan and South Korea have a lot at stake in a free and open South China Sea
-
Sports3 years ago
Team Europe easily wins 4th straight Laver Cup
-
Environment2 years agoGame-changing Lectric XPedition launched as affordable electric cargo bike
-
Business2 years agoBank of England’s extraordinary response to government policy is almost unthinkable | Ed Conway