ICBC pumps funds into US unit after ransomware attack to pay US$9 billion for unsettled trades, hires cybersecurity firm

by
ICBC pumps funds into US unit after ransomware attack to pay US billion for unsettled trades, hires cybersecurity firm

ICBC’s US unit told market participants on Friday it was hoping to finish the cyber review over the weekend, but the sources said they expected it would spill into next week. Meanwhile, the bank is using manual processes to trade, they said.

The details, including the cash injection for unsettled trades, have not been previously reported.

The ransomware attack was claimed by cybercrime gang LockBit, a widely deployed ransomware first seen on Russian-language-based cybercrime forums in January 2020. It is the latest in a string of ransom demands by hackers this year.

Ransomware attack on ICBC unit disrupts US Treasury market trades

The cyberattack sent ripples through the US Treasuries market, where ICBC acts as a broker for hedge funds and other market participants, helping them trade in the securities. While the extent of disruption to market was limited, it brought into focus the resilience of a market that underpins global finance.

When the hack happened earlier this week, ICBC was unable to access its systems, leaving it temporarily owing BNY US$9 billion for unsettled trades, two of the sources said. The custody bank is the sole settlement agent for Treasuries.

The Chinese parent then injected capital into the US unit, allowing it to settle the trades and pay back BNY Mellon, the sources said. That has now happened, they said.

ICBC did not respond to a request for comment. ICBC Financial Services, the bank’s US unit, has said it was investigating the attack that disrupted some of its systems, and making progress toward recovering from it.

Industrial and Commercial Bank of China near Pudong South Road, Shanghai. ICBC says it hopes to complete the assessment of its systems as soon as this weekend after a ransomware attack. Photo: Future Publishing via Getty Images

ICBC’s representatives told market participants on a call organised by the Securities Industry and Financial Markets Association (SIFMA), a trade group, on Friday afternoon that they had hired a cybersecurity firm to do an assessment to ensure that its systems are safe, three sources familiar with the matter said.

ICBC said it hopes to be done as soon as this weekend, the sources said, noting that it could take longer, given the complexity of the task. They also told market participants about the capital injection but did not disclose the amount or the reason for it, the sources said.

Meanwhile, ICBC’s computer systems have been isolated from the rest of Wall Street, the sources said. But alternative systems have been put in place to enable trading by ICBC, which involve moving information manually, including by carrying USB sticks with information, two of the sources said.

SIFMA declined to comment.

Yellen, Chinese counterpart begin talks to lay groundwork for Biden-Xi meeting

Global regulators on Friday were monitoring the impact. US Treasury Secretary Janet Yellen said on Friday that she and China Vice Premier He Lifeng spoke about the issue during talks in San Francisco this week. She said the hack had not interfered with the market for US government debt.

Rumours about the hack started to circulate in the market on Wednesday afternoon, but one of the sources close to a major marketmaker said it was not clear to most people on Wall Street what was going on until Thursday morning.

As news of the hack spread, other firms started removing any connectivity between ICBC’s computer systems and their own, the source said. SIFMA, the trade group, organised calls for market participants with updates, the sources said.

ICBC is not among the top-tier firms that deal in Treasuries, including the primary dealers that trade directly with the New York Federal Reserve, which limited the impact it had on the market, the sources said.

ICBC chosen as bookrunner for Saudi Arabia’s US$11 billion syndicated loan

Still, Scott Skyrm, who works at money market trading firm Curvature Securities, said overnight rates in the repo market were volatile and closed Thursday at levels lower than would have otherwise been the case. There was a rise in the number of firms that failed to return bonds they had borrowed.

US Treasury fails, the value of Treasury securities that were not delivered to fulfil a trade contract, rose to US$62.2 billion on Thursday, the highest since March, up from US$25.5 billion a day earlier, according to Depository Trust & Clearing Corp.

To give the market more time to settle trades, the Federal Reserve’s system for moving cash through the financial system said it had extended the closing time for certain customers on Friday.

“These cyberattacks are scary,” said Jack McIntyre, a fixed-income portfolio manager at Brandywine. “The good news would be that I guarantee you primary dealers are having (a) discussion to make sure this cannot happen to them. I’m sure everybody’s doing a deep dive on their security systems.”

ICBC’s Hong Kong-listed shares ended Friday down 0.8 per cent, compared to a 1.13 per cent drop in a Hong Kong index of mainland Chinese banks. Its Shanghai-listed shares closed flat.

FOLLOW US ON GOOGLE NEWS

Read original article here

Denial of responsibility! Chronicles Live is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – chronicleslive.com. The content will be deleted within 24 hours.

Leave a Comment