Sezzle FinTech Tracker October 2023 Banner

Hackers Claim ICBC Paid to End Ransomware Attack

ICBC, Industrial and Commercial Bank of China

A hacker group says the Industrial and Commercial Bank of China (ICBC) paid a ransom following an attack last week.

The bank, which is China’s largest lender, disconnected itself from an electronic settlement platform for the U.S. Treasury securities operated by BNY Mellon after a ransomware attack last week.

According to a report by Reuters Monday (Nov. 13), a representative of a Lockbit ransomware gang claims that ICBC paid the ransom. Reuters noted that it could not independently confirm the group’s statement.

“They paid a ransom, deal closed,” the Lockbit representative told Reuters in a message sent on the online messaging app Tox.

PYMNTS has contacted ICBC for comment but has not yet gotten a reply.

ICBC confirmed the attack in a notice on its financial services website last week, saying that it disrupted some of its systems.

“Immediately upon discovering the incident, ICBC FS disconnected and isolated impacted systems to contain the incident,” the bank said. “ICBC FS has been conducting a thorough investigation and is progressing its recovery efforts with the support of its professional team of information security experts. ICBC FS has also reported this incident to law enforcement.”

The attack comes amid an increase in worldwide ransomware incidents aimed at both people and organizations. As PYMNTS wrote last month, these attacks involve malicious actors breaking into computer systems and encrypting data and then demanding a ransom in exchange for the decryption key. 

High profile examples this year include the attack that hamstrung operations at MGM Resorts’ casinos this summer, and one on cleaning products company Clorox, which apparently hampered the company’s quarterly earnings.

In response to these attacks, a 40-nation alliance, the U.S.-led International Counter Ransomware Initiative, has said it will pledge not to pay ransoms to cybercriminals. The coalition hopes to deprive hackers of their income sources by improving information sharing about ransom payment accounts. 

“As long as there is money flowing to ransomware criminals, this is a problem that will continue to grow,” Anne Neuberger, White House deputy national security adviser for cyber and emerging technologies, told reporters on Oct. 31.  

The Federal Trade Commission (FTC) is also working to combat ransomware and other cyberattacks, in part by “implementing a robust data security enforcement program aimed at ensuring companies take appropriate steps to protect personal data they hold from such attacks,” as PYMNTS reported last month.