When the New York arm of China’s largest bank was hit by a ransomware attack in November, disrupting the $25tn US Treasury bond market, it proposed sending a runner across Manhattan to US bank BNY Mellon armed with a USB stick of data to help settle trades.
For an industry that has long been known as one of the most resilient, well-resourced and highly regulated in terms of cyber security, the hacking of ICBC revealed the alarming fragility of interconnected financial systems — and the lack of sophisticated contingency planning for a crisis.
And it was not the only big cyber attack to hit the sector in 2023. Dublin-based technology group Ion Markets was also targeted by ransomware earlier that year, which knocked out parts of the financial plumbing that underlies the vast derivatives trading industry — forcing customers, at one point, to revert to old-fashioned paper ledgers.