- Germany into Nations League quarters, France and Italy win
- Nagelsmann lauds 'supercharged' Germany's 'best half of the year'
- 'Pandas are coming': Two new bears depart China for US capital
- Dodgers pitcher Kershaw plans to return for 2025
- Mbappe 'investigated for rape' in Sweden: report
- Revived Italy sweep past Israel in Nations League amid high security
- Trudeau slams India as tensions soar over Sikh separatist's murder
- Harris courts Black voters as Trump makes inroads
- Wall Street stocks hit fresh records as oil prices slide
- Nigerian team return home after boycotting AFCON qualifier in Libya
- Nigeria refuse to play in Libya as Algeria, Cameroon qualify
- Strike-hit Boeing leaves experts puzzled by strategy
- Leweling rockets Germany past Dutch and into Nations League quarterfinals
- Kolo Muani double fires France to win in Belgium
- Italy sweep past Israel in Nations League amid high security
- UN peacekeepers to 'stay in all positions' in Lebanon
- NASA launches probe to study if life possible on icy Jupiter moon
- 'Unique' Ronaldo an example to everyone, says Martinez
- New lawsuits against Sean Combs allege sex assault, including of minor
- Italy begins migrant transfers to Albania with first group of 16
- Google signs nuclear power deal with startup Kairos
- Carsley open to foreign England manager amid Guardiola links
- Pogba hungry to have his football cake after doping ban
- India and Canada expel top envoys in Sikh separatist killing row
- Mbappe says victim of 'fake news' after 'rape' report in Sweden
- Lebanon says 21 killed in strike on northern village
- Netanyahu vows no mercy after deadly Hezbollah drone strike
- Russia could be able to attack NATO by 2030: German intelligence
- EVs seek to regain sales momentum at Paris Motor Show
- Clarke backs Scotland to bounce back from 'tough' run
- Harris, Trump target crucial Pennsylvania as US vote looms
- NASA probe Europa Clipper lifts off for Jupiter's icy moon
- Lebanese Red Cross says 18 killed in strike in north
- Mendy borrowed money from Man City team-mates for legal fees
- Palestinian officials say Israeli forces kill two in West Bank
- Football leagues, unions file EU complaint against FIFA in calendar dispute
- Nigeria boycott AFCON qualifier in Libya after 'inhumane treatment'
- India to recall top envoy to Canada: foreign ministry
- Hezbollah, Israeli troops in 'violent clashes' after drone strike
- China insists won't renounce 'use of force' to take Taiwan as drills end
- Painkiller sale plan to US gives France major headache
- Italy begins landmark migrant transfers to Albania
- Russia jails French researcher for three years
- 'Unsustainable' housing crisis bedevils Spain's socialist govt
- Stocks shrug off China disappointment but oil slides
- New Zealand 4-0 up in America's Cup but British show signs of life
- Russian prosecutor demands 3 years prison for French researcher
- 'Innocent' British nerve agent victim caught in global murder plot: inquiry
- Afghan Taliban vow to implement media ban on images of living things
- Russian prosecutor demands 3 years, 3 months jail for French researcher
US arm of China mega-lender ICBC hit by ransomware attack
The US arm of China's largest bank said it was hit by a ransomware attack, forcing clients to reroute trades and disrupting the US Treasury market.
Ransomware attacks typically access vulnerable computer systems and encrypt or steal data, before sending a ransom note demanding payment in exchange for decrypting the data or not releasing it publicly.
The Industrial and Commercial Bank of China Financial Services (ICBC FS) said Thursday it "experienced a ransomware attack that resulted in disruption to certain (financial services) systems."
"Immediately upon discovering the incident, ICBC FS disconnected and isolated impacted systems to contain the incident," the New York-based bank said, adding that it was investigating the attack and working on recovery.
ICBC FS said it had successfully cleared US Treasury trades executed Wednesday and repurchasing (repo) financing trades Thursday.
Slack demand for $24 billion in 30-year US Treasury bonds that were auctioned Thursday came as a surprise to some analysts.
This sale "attracted very poor demand, one of the weakest I can remember," Karl Haeling of the bank LBBW told AFP.
But demand at this sale "might not have been as bad as advertised," said Patrick O'Hare of Briefing.com.
"That's because subsequent reports have indicated that the US financial services division of China's Industrial and Commercial Bank was hit by a ransomware cyberattack yesterday that disrupted trades in the Treasury market."
Richard Flax, chief investment officer at Moneyfarm, put it this way: "Finally, a large Chinese bank suffered a cyber-attack that impacted its ability to trade in US Treasuries. Some commentators argue that that, rather than weak demand, was behind the relatively poor US government bond auction."
Bloomberg reported that some trades handled by ICBC FS on Thursday were transported across Manhattan on a USB stick as messengers manually relayed required settlement details.
China's foreign ministry said Friday that "the business systems and office systems of the head office of ICBC and other domestic and foreign branches and subsidiaries within the group are normal."
"As far as we know, ICBC has paid close attention to this matter, and has done a good job in emergency handling and supervision and communication, striving to minimize the impact of risks and losses," foreign ministry spokesman Wang Wenbin said at a regular news briefing.
"At present, the business systems and office systems of the head office of ICBC and other domestic and foreign branches and subsidiaries within the group are normal."
US media reported that the hack was executed using software created by Lockbit, the Russian-speaking hacking group known for scrambling files on a host's computer and flashing up messages demanding cryptocurrency payment to resolve the issue.
US aircraft manufacturer Boeing was hit with an attack from Lockbit last week.
Last year, LockBit was "the most deployed ransomware variant across the world and continues to be prolific in 2023," according to the US Cybersecurity and Infrastructure Security Agency.
The US Justice Department said in May that LockBit ransomware had been used in more than 1,400 attacks globally.
LockBit has targeted critical infrastructure and large industrial groups, with ransom demands ranging from €5 million to €70 million.
The group attacked Britain's Royal Mail in early January and a Canadian children's hospital in December.
O.Norris--AMWN