The Industrial and Commercial Bank of China (ICBC) reportedly responded to hackers' demands after a Lockbit ransomware gang representative said the firm "paid the ransom, deal closed." Reuters reported this claim by the ransomware representative. Still, the claim has yet to be verified independently.
Tech Times recently reported the hacking incident saw ICBC's US Unit disclosing the cyberattack last week,, November 9. Now, a week later, Lockbit, which has long been who experts thought to be behind the ransomware attack, has reportedly confirmed its involvement.
Lockbit is a ransomware gang that Reuters says US officials describe as "the world's top ransomware threat," the gang has recently breached some of the biggest companies in the world, taking confidential information and exposing it when the victims refused to pay a ransom.
Ransomware attacks are ploys by hackers locking up a victim's system and requesting money to free it frequently while gathering private information for blackmail. Allan Liska, a ransomware expert at the cybersecurity company Recorded Future, stated that while bargaining with their victims, ransomware gangs might not publicly identify and disgrace the firms or individuals involved.
Some businesses have made payments covertly to swiftly restore their web presence and prevent reputational harm from exposing their private information to the public.
Extent of ICBC's Cyberhacking Incident
The firm's financial services division discovered the attack, resulting in system disruptions. The hacking incident prompted ICBC to implement system isolation as a preventive measure against the breach.
During the extensive attack, ICBC prompted its staff to use Google Mail as the company's business email account stopped working, as reported by Reuters.
The hack also reportedly disrupted the US treasury market, but "the impact of the hack appeared to be limited," as the Guardian. While the impact on ICBC itself is extensive, as per a Reuters report, expert Scott Skyrm, the executive vice-president for fixed income and repo at the broker-dealer Curvature Securities, says that "in general, the event had a limited impact on the market."
US vs. Ransomware, Cyberhacking Gangs
Last week, Lockbit hackers claimed to have compromised computer systems at Allen & Overy, a legal firm and released internal data from the massive aerospace company Boeing on their website.
To undermine the criminals' business strategy, authorities have long warned against giving ransomware gangs money. Typically, ransom demands come in cryptocurrencies, which are more difficult to track down and provide the recipient anonymity.
PYMNTS reports that the U.S.-led International Counter Ransomware Initiative was recently established with a 40-nation strong alliance in response to the growing ransomware incidents.
The group declared that it would not give ransom money to hackers as it reportedly aims to increase information sharing on ransom payment accounts to deprive hackers of their sources of income.
White House senior national security advisor for cyber and new technologies Anne Neuberger echoed the notion of not paying hackers, stating that "as long as there is money flowing to ransomware criminals, this is a problem that will continue to grow."
Read also: ICBC Ransomware Attack: Financial Authorities on High Alert Amid US Treasuries Disruption