Bloomberg reported on November 10 that ICBC Financial Services (ICBCFS), headquartered in New York (USA), recently suffered a cyber attack that prevented them from completing US Treasury bond transactions. Specifically, the units responsible for processing these transactions were disconnected from the systems affected by the attack. Therefore, ICBCFS had to send the necessary information to those parties by sending people to transfer data USBs throughout the Manhattan district of New York.

The attack began on November 8 and lasted until November 9. Late on November 9, ICBCFS posted a statement on its website confirming that the company had “experienced a ransomware attack that resulted in disruptions to certain [financial services] systems.” The statement said ICBCFS had contained the situation by disconnecting and isolating the affected systems, adding that it was “conducting a thorough investigation and… working on recovery efforts” with the help of security experts.

ICBCFS operates independently of ICBC in China, and neither ICBC's headquarters in Beijing nor its New York branch are affected, the statement said. According to Bloomberg , ICBC is the world's largest bank by assets.

Beijing said on November 10 that ICBC was trying to minimize the impact and potential losses following the attack. "ICBC has been closely monitoring the issue and has done its best in emergency response and monitoring communication," Chinese Foreign Ministry spokesman Wang Wenbin said at a regular press briefing, according to Reuters.

Mr. Uong also said that business operations are still running normally at ICBC's headquarters as well as other branches and subsidiaries globally.

But the incident has caused concern in the global banking industry. "This is a real shock to the world's major banks. The ICBC hack will make major banks around the world race to improve their defenses, starting today," Bloomberg quoted Marcus Murray, founder of Swedish cybersecurity company Truesec.

The suspect in the ICBCFS attack is Lockbit, a notorious criminal group believed to be linked to previous attacks on Boeing and the British postal service Royal Mail. Lockbit often posts the names of its victims online, but the group did not mention ICBC in its list of victims as of the evening of November 9. Lockbit is believed to have ties to Russia, according to Bloomberg .

Britain's financial regulator said on November 10 that it was aware of the attack on ICBC and was in contact with US and British authorities.