Ransomware Strikes World’s Largest Bank

ICBC Financial Services, a branch of the world’s largest bank ICBC, was targeted by a ransomware cyberattack, disrupting U.S. Treasury trades.


ICBC Resorts to USB Stick for Trade Settlements

The cyberattack forced ICBC to manually clear Treasury trades, using a USB stick to send settlement details.


LockBit Gang Implicated in ICBC Cyberattack

The notorious cybercrime gang LockBit, with ties to Russia, is the suspected perpetrator behind the ICBC ransomware attack.

News > Cyber-Attacks > CA-General
by Kevin Wood

Cyberattack on World’s Largest Bank ICBC Disrupts U.S. Treasury Trades, Highlights Growing Cybersecurity Threats in Finance



Financial sector reeling

The Industrial and Commercial Bank of China (ICBC), recognized as the world’s largest bank, has recently faced a significant cyberattack. This ransomware attack, which began on November 8, 2023, primarily targeted ICBC Financial Services, the financial arm of the bank, resulting in substantial disruptions in the trading of U.S. Treasuries.

Despite the severity of the attack, some of the bank’s units, including its head office in Beijing and the New York branch, remained unaffected. However, the cyberattack forced the bank to adopt unconventional measures, such as manually clearing US Treasury trades and sending settlement details via USB stick due to the disconnection of the compromised systems from the entities responsible for settling transactions.

The suspected perpetrator of this attack is LockBit, a prolific cybercrime gang with ties to Russia, known for targeting various organizations, including Boeing Co. and the U.K.’s Royal Mail, since 2020. The US Justice Department noted that LockBit has been involved in worldwide cyberattacks and has demanded ransoms totaling approximately $1000 million.

The attack has raised concerns about the vulnerability of the financial system to cyber threats. Financial institutions are now racing to enhance their defenses in response to this incident. ICBC itself has been improving its cybersecurity measures, given the growing challenges from potential attacks amidst the expansion of online transactions and adoption of new technologies.

The impact of the attack was not limited to ICBC. It caused immediate disruption in the Treasury market, affecting market liquidity and prompting urgent meetings and discussions among financial leaders and regulators. The Securities Industry and Financial Markets Association (Sifma) also held calls with members to address the issue.

This incident is part of a growing trend of ransomware attacks targeting the global financial system. In recent years, such attacks have become more frequent and sophisticated, with attackers increasingly targeting critical infrastructure and financial institutions. Ransomware attacks have surged by 95% in the first three quarters of the year compared to the same period in 2022, according to Corvus Insurance.

The attack on ICBC highlights the urgent need for robust cybersecurity measures in the financial sector. It serves as a stark reminder of the potential risks and disruptions that cyber threats pose to global financial stability and the importance of preparedness and resilience against such threats.


  • Advanced Data Security: Protect your business with Balance Business Group’s (BBG) state-of-the-art data security solutions, tailored to meet your specific needs.
  • Disaster Recovery as a Service (DRaaS): Ensure business continuity and safeguard against data loss with BBG’s reliable and efficient DRaaS, designed to quickly recover your critical data in any crisis.
  • Enhanced Analytics with Enterprise Browser: Elevate your data analysis capabilities using BBG’s innovative Enterprise Browser, providing secure, efficient, and insightful data management and analytics.
  • Take the First Step Towards Data Excellence: Ready to transform your data security and analytics? Email sales@bbg-mn.com to schedule a meeting with BBG and unlock the full potential of your business’s data management.