Last week's compromise of the Industrial & Commercial Bank of China's U.S. subsidiary ICBC Financial Services claimed by the LockBit ransomware operation has prompted increased vigilance within the financial sector, CNN reports.
Information-sharing activities regarding the attack have been commenced by the Financial Services-ISAC, which has urged members to ensure system protections and immediately remediate vulnerabilities. Potential system availability disruptions have made intelligence sharing "critical" during cyberattacks, according to an FS-ISAC spokesperson. Other finance executives noted that they have been watching the ICBC Financial Services attack closely.
"We're taking a look at the response and the broader impact given ICBC's size and role in the global financial sector," said a senior cybersecurity official from a major U.S. financial organization.
Meanwhile, Recorded Future ransomware expert Allan Liska noted that the attack by Russia-linked LockBit could prompt more scrutiny from the Chinese government.
"If China sees this as a black eye, they may demand action from the Russian government. The team behind LockBit has benefited greatly from the poor relations between the United States and Russia," said Liska.
BleepingComputer reports that Knight ransomware was observed by KELA threat analysts to have the third iteration of its source code posted for sale by the operation's representative, Cyclops, on RAMP forums.