Generic filters
Exact matches only
Search in title
Search in content
Filter by Custom Post Type
Filter by Categories

ICBC Allegedly Pays Ransom to Lockbit After Major Cyberattack

Executive Summary

The Lockbit ransomware gang claimed that the Industrial and Commercial Bank of China (ICBC), the world’s largest lender, paid a ransom following a major cyberattack last week.

The incident, which caused major disruptions in the US Treasury market, shows how cybercrime is becoming a bigger threat in global finance. The attack could have many consequences, including affecting international relations because a Chinese state-owned bank was involved and there are suspected links to Russia. Given that a US institution was also impacted, this incident has the potential to have implications on the relationship between China, the United States, and Russia.

This event not only shows that cyber threats are changing, but also highlights how complicated the modern cybersecurity landscape is.

What Happened

China’s largest lender, the Industrial and Commercial Bank of China (ICBC), was targeted in a significant ransomware attack last week. The attack, attributed to the Lockbit ransomware gang, disrupted trades in the US Treasury market. Even, led to ICBC’s US arm temporarily owing BNY Mellon $9 billion. This cyberattack has raised serious concerns about the resiliency of the Treasury market and the broader implications for global finance.

On Monday, a Lockbit representative, speaking to Reuters via the online messaging app Tox, stated:

They paid a ransom, deal closed.

This claim suggests that ICBC opted to pay the demanded ransom to resolve the crisis. However, ICBC has not responded to requests for comment.

The blackout resulting from the attack was so severe that it disrupted corporate email systems. Therefore, forcing employees to switch to alternative communication methods like Google mail. Please refer to our news article for more information about the attack that occurred last week.

International Implications and Potential Retribution

This attack might invite significant retribution from powerful countries, given the involvement of a US arm of a Chinese government-owned bank and the potential link to Russia.

Cybersecurity experts speculate that both China and the US might be compelled to respond to this aggression. There are also suggestions that Russia, as the alleged host nation for LockBit, might face pressure to act against the group to maintain international relations, especially with China.

The attack raises questions about LockBit’s strategy and the potential consequences it might face. Experts like Chris Krebs, former director of the Cybersecurity and Infrastructure Security Agency (CISA), and independent researcher Dominic Alvieri have commented on the gravity of the situation and the possible responses from Chinese security services.

The attack on ICBC by LockBit marks a significant event in the landscape of international cybersecurity. It underlines the complex interplay between cybercrime, international politics, and global finance. With theories abounding and potential geopolitical consequences, the incident highlights the evolving nature of cyber threats. It also brings to light the need for robust cybersecurity measures across sectors and nations.



Cubic Lighthouse is a cybersecurity publication dedicated to demystifying security, making news actionable, providing deeper thinking about the fundamentals of security, and providing decision-makers and the community at large with the right information to make the right decisions. We will also feature more technical articles and provide personal/family security advice.

©2024 Cubic Consulting, a Smart Security Company for your Business – All Rights Reserved.