The US-based financial services (FS) arm of Chinese bank, ICBC, suffered a ransomware attack on November 9 (Beijing Time) that purportedly disrupted “certain FS systems”.
In a statement, the bank said it disconnected impacted systems in order to isolate the attack and “contain the incident… immediately upon discovering [it]”.
“ICBC FS has been conducting a thorough investigation and is progressing its recovery efforts with the support of its professional team of information security experts,” the bank said.
“ICBC FS has also reported this incident to law enforcement.”
The bank cleared US Treasury trades executed on Wednesday 8 November (US Eastern Time) and Repo financing trades executed on Thursday 9 November (US Eastern Time).
The bank also said that ICBC FS’s business and email systems are independent of the Industrial and Commercial Bank of China Group, confirming that the wider group and its ICBC New York Branch were not affected by the incident.