An American branch of the Industrial and Commercial Bank of China, or ICBC, has been hit by a ransomware attack. The attack started on Wednesday and is still ongoing at the time of writing. It is not yet clear who is behind the attack.
ICBC, which is the largest bank in China, reports on the ICBC FS site that the attack limits access to ‘certain systems’. For example, employees can no longer access the email system. Upon discovery of the attack, the affected systems were taken offline so that the ransomware could not spread further. It has also informed the police and other relevant authorities about the ransomware attack. ICBC’s branches in other countries and those in New York are not affected because their systems are separate from those of ICBC FS.
It is not yet known who is behind the attack and what demands have been made. Several cybersecurity experts suspect that Lockbit is behind the attack, Reuters writes. However, the group posts the names of its victims on its site and in the case of ICBC FS, this has not yet happened. Ransomware expert Allan Liska told Reuters that groups do not always post the name during negotiations with the victim. “It is not often that such a large bank falls victim to such a disruptive attack,” says Liska.