ICBC's Ransomware Incident Highlights the Potential Exposure of Financial Institutions to Cyber Risks

Banking Organizations, Insurance Organizations


DBRS Morningstar published a commentary discussing Industrial and Commercial Bank of China’s (ICBC or the Bank) ransomware incident and the potential exposure of financial institutions to cyber risks.

Key highlights include the following:

-- ICBC suffered a ransomware attack that prevented the Bank from settling U.S. treasuries and equity trades.

-- Although ICBC’s cyber incident is not material enough to disrupt the U.S. treasuries market, it highlights the potential effect of a major disruption of the global payment system.

-- The widespread use of cyber insurance policies by banking institutions has increased the risk of a systemic cyber event for the insurance industry.

“At this point, ICBC has not disclosed the notional amount of trades affected by the ransomware attack. Still, it is not material enough to disrupt the overall functioning of the U.S. treasury market”, said Marcos Alvarez, Global Head of Insurance. “However, we expect this ransomware attack to raise reputational and vulnerability concerns for ICBC, given its position as the only Chinese bank with a securities clearing licence in the United States”.