The Impact of Ransomware Attack on China’s ICBC on U.S. Treasury Market Trades
Disruption in U.S. Treasury Market Trades Due to Ransomware Attack
A ransomware attack on Industrial and Commercial Bank of China (ICBC) disrupted some trades in the U.S. Treasury market on Thursday. However, market sources reported that the impact appeared to be limited.
ICBC Financial Services Responds to Ransomware Attack
ICBC Financial Services released a statement acknowledging the ransomware attack, which resulted in the disruption of certain systems. The organization is currently conducting an investigation and making progress in its recovery efforts.
Successful Clearing of Treasury and Repo Financing Trades
Despite the attack, ICBC confirmed that it successfully cleared Treasury trades executed on Wednesday and repurchase agreements (repo) financing trades conducted on Thursday.
Market Impact and Cybersecurity Concerns
Scott Skrym, executive vice president for fixed income and repo at broker-dealer Curvature Securities, stated that the event had a limited impact on the market. Nevertheless, the incident is likely to raise questions about market participants’ cybersecurity controls and may draw regulatory scrutiny.
Prolific Criminal Gang Suspected
Bloomberg reported that a criminal gang known as Lockbit is suspected to have orchestrated the attack. This revelation has raised concerns as ransomware attacks have rarely disrupted major financial markets in the past.
Unprecedented Impact on Market Liquidity
Market participants reported that trades through ICBC were not settled due to the attack, affecting market liquidity. This situation may have contributed to the weak outcome of a 30-year bond auction on Thursday.
Response from the U.S. Treasury and Ongoing Monitoring
The U.S. Treasury spokesperson acknowledged the cybersecurity issue and stated that they are in regular contact with key financial sector participants and federal regulators. The Treasury continues to monitor the situation closely.
Global Ransomware Attack Statistics
According to the data platform Statista, organizations detected 493.33 million ransomware attack attempts last year. Lockbit was identified as the most prolific ransomware operator throughout 2022, according to the Financial Services Information Sharing and Analysis Center.
The Treasury market appeared to be functioning normally on Thursday, as per LSEG data.
Overall, the ransomware attack on ICBC has raised significant concerns about the cybersecurity of financial markets and the potential impact on market operations. The incident serves as a reminder of the increasing threat posed by cyberattacks and the need for robust security measures across all sectors.