ransomware attack that disrupted trades in the US Treasury market on Thursday, the latest in a string of victims ransom-demanding hackers have claimed this year.
ICBC Financial Services, the US unit of China's largest commercial lender by assets, said it was investigating the attack that disrupted some of its systems, and making progress toward recovering from it.
China's foreign ministry said on Friday the lender is striving to minimise risk impact and losses after the attack.
«ICBC has been closely monitoring the matter and has done its best in emergency response and supervisory communication,» ministry spokesperson Wang Wenbin told a regular news conference.
Wang added businesses remained normal at ICBC head office and other branches and subsidiaries across the globe.
Hackers lock up a victim organisation's systems in such attacks and demand ransom for unlocking it, often also stealing sensitive data for extortion.
Several ransomware experts and analysts said an aggressive cybercrime gang named Lockbit was believed to be behind the hack, although the gang's dark web site where it typically posts names of its victims did not mention ICBC as a victim as of Thursday evening. Lockbit did not respond to a request for comment sent via a contact address posted on its site.
«We don't often see a bank this large get hit with this disruptive of a ransomware attack,» said Allan Liska, a ransomware expert at the cybersecurity firm Recorded Future.
Liska,