On Thursday, another victim of ransom-demanding hackers joined the line today, as the U.S. arm of the Chinese bank, ICBC, received threats from an unknown source.

• ICBC, China's largest commercial lender, was hit by a ransomware attack on Thursday.
• The attack disrupted trade in the U.S. Treasury.
• Some market participants say the attack affected market liquidity.

Unraveling the Cyber Siege

In a concerning development, the U.S. arm of the Industrial and Commercial Bank of China (ICBC) encountered a ransomware attack, disrupting critical U.S. Treasury trades. ICBC Financial Services, the American subsidiary of China's largest commercial lender, is actively investigating the incident and progressing towards system recovery.

Lockbit's Suspected Role

Security analysts, including Allan Liska from Recorded Future, suggest the involvement of the cybercrime group Lockbit in the attack. Although Lockbit's dark website did not confirm ICBC as a victim, the group's history includes targeting over 1,700 U.S. organizations, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA).

Impact on Market and Cybersecurity Controls

ICBC's assertion that it successfully cleared previous trades, concerns persist over the broader impact on market participants and the vulnerability of large organizations to cyber threats. The incident underscores the escalating boldness of ransomware groups, prompting questions about cybersecurity controls and inviting regulatory scrutiny.

Market Repercussions

While ICBC claims limited market impact, some participants report unsettled trades and potential technical issues affecting market liquidity. The 30-year bond auction on Thursday faced challenges, with uncertainties arising from participants' inability to fully access the market due to the cyber attack.

Response and Monitoring

U.S. authorities, grappling with an increasing wave of cybercrime, are yet to confirm the identity of the attackers. ICBC remains tight-lipped about the potential involvement of Lockbit. The incident, despite the apparent normalcy in the Treasury market, underscores the continuous challenges posed by cyber threats to financial systems and the necessity for robust cybersecurity measures.