World’s biggest bank, China’s ICBC, hit by ransomware

Subject : Science and Tech

Section: Awareness in IT

Context: World’s biggest bank, China’s ICBC, hit by ransomware

More about the news:

The US branch of the Industrial and Commercial Bank of China (ICBC) experienced a ransomware attack, causing minimal disruption to trades in the US Treasury market.
Lockbit 3.0 was behind the attack.
The bank is investigating the incident and taking steps to recover, including isolating impacted systems.

What is ICBC:

ICBC, a Chinese state-owned commercial bank, is China’s and the world’s largest lender in terms of assets over $ 6 trillion, and one of the most profitable companies in the world, according to Forbes.
It is also the 3rd largest bank in the world behind JPMorgan Chase and Bank of America by market capitalization, at $ 194.57 billion, according to a Fobes

What are ransomware attacks:

A ransomware attack is a cyberattack using malware that encrypts the victim’s files and requires users to pay a ransom to decrypt the files.
It is often designed to spread across a network and target database and file servers, and can thus quickly paralyze an entire organization.
Unlike other cyber-attacks, in this form of attack, the user is notified of the attack.
Ransomware spreads easily when it encounters unpatched or outdated software.

What is Lockbit 3.0:

LockBit 3.0, developed by the Lockbit group, is a prevalent strain of ransomware, constituting approximately 28% of known attacks from July 2022 to June 2023.
The group, which markets its malware on the dark web, has executed over 1,400 attacks globally, with ransom demands exceeding $100 million.
While LockBit has Russian origins, confirmation is lacking.

Why is this attack such a big deal:

The ransomware attack on the US arm of the Industrial and Commercial Bank of China (ICBC) is considered unusual for a bank of its size, given the robust cybersecurity measures typically employed by financial institutions.
Banks, particularly large ones, invest significantly in cybersecurity to protect against cyber threats.
The attack on ICBC, a major player in the global financial system, raises concerns about potential consequences, highlighting the evolving and sophisticated nature of cyber threats in the financial sector.

What has the impact of this attack been:

Despite the ransomware attack on the US arm of the Industrial and Commercial Bank of China (ICBC), US Treasury Secretary Janet Yellen stated that the incident only had minimal disruptions to the Treasury market.
Market participants mentioned issues with settlements, affecting market liquidity.
However, ICBC reported successfully clearing Treasury trades from Wednesday and repurchase agreements (repo) financing trades from Thursday.
The Treasury market seemed to operate normally on Thursday, indicating a swift recovery from the disruption.

Some history of Ransomware attack:

The first ever recorded use of ransomware occurred as early as 1989 in the form of the AIDS Trojan,
However, this method gained prominence only after the unleashing of the WannaCry Ransomware in 2017. This was a massive attack that affected more than 200,000 systems in some 150 countries and accounted for a loss of several million dollars.
Since then, the use of ransomware attacks has seen an upward trend for committing cyber-crime.

What are some safeguards available in India against Cyber Threats

Information Technology Act, 2000 (Amended in 2008): It is the main law for dealing with cybercrime and digital commerce in India.
National Critical Information Infrastructure Protection Centre (NCIIPC) was created under Section 70A of IT Act 2000 to protect Cyber infrastructure.
CERT-In (Cyber Emergency Response Team, India): It is National Nodal Agency for Cyber Security and is Operational since 2004
National Cyber Security Policy, 2013: The policy provides the vision and strategic direction to protect the national cyberspace.
Cyber Swachhta Kendra: Cyber Swachhta Kendra helps users to analyse and keep their systems free of various viruses, bots/ malware, Trojans,
Indian Cyber Crime Coordination Centre (I4C): Launched in 2018, It is an apex coordination center to deal with cybercrimes.
Cyber Surakshit Bharat: It was launched by the Ministry of Electronics and Information Technology in 2018 with the aim to spread awareness about cybercrime and building capacity for safety measures for Chief Information Security Officers and frontline IT staff across all government departments.
The Cyber Warrior Police Force: It was organised on the lines of the Central Armed Police Force in 2018.