The American division of the Chinese banking institution ICBC (Industrial and Commercial Bank of China), considered the largest bank in the world, was hit by an attack ransomware.
The same institute, in recent days, declared that last week it had suffered a targeted attack on the sector dedicated to financial services, resulting in the interruption of some internal systems. However, ICBC’s security systems limited the data loss, avoiding a real disaster.
This latest ransomware attack is just the latest in an impressive series, with increasingly prominent names involved: da Boeing a Sonywith several multinationals involved in campaigns of this type against their will.
About the targeted attack on ICBC, the bank communicated, through its official channelshow it is conducting a thorough investigation and is continuing its efforts to regain full control over its compromised systems.
Although the attack only affected the division operating in the United States, it is understandable that what happened also alarmed the Chinese authorities.
The spokesperson also expressed his opinion in this regard Ministry of Foreign Affairs Chinese, Wang Wenbinwho stated a Reuters as ICBC is working to minimize the impact of the attack.
Ransomware attack on ICBC: who is responsible?
Who could be the ransomware group that targeted this financial giant? Without a claim, it is currently difficult to identify the culprits. That doesn’t mean there aren’t interesting clues.
According to multiple sources, the offending ransomware could be LockBit 3.0, currently one of the most widespread and feared in the world. We’re talking about a RaaS (ransomware-as-a-service), therefore a system that works through affiliates who exploit the tools made available by hackers for a fee.
According to the experts of Flashpoint “The group publishes primarily in Russian and English, but according to its website, the group says it is based in the Netherlands and has no political motivations“.
