Cyber Threat Radar – Ransomware group Hunters International has allegedly taken over 5.2 million files from the London division of the Industrial and Commercial Bank of China (ICBC), a state-owned Chinese bank and financial services entity.
Hunters International had imposed September 13 as the now passed deadline for the release of the data, contingent upon the fulfillment of their ransom demands.
The Largest Bank Globally In Terms Of Assets
ICBC stands as the largest bank globally in terms of assets, holding $6.3 trillion as of mid-2024, and generating an annual revenue of $113 billion.
The ransomware-as-a-service operation reportedly stole 6.6 TB of data from the bank’s network and has threatened to release the information unless ICBC complies with their demands for payment.
Banks Are Prime Targets
Banks and financial institutions are prime targets for ransomware groups and various financially motivated criminals due to their management of extensive sensitive financial information. In the eyes of these extortionists, this makes banks more inclined to meet high ransom demands to safeguard this data from public disclosure, which could lead to customer dissatisfaction, damage to the bank’s reputation, and potential loss of revenue.
The international financial community is now closely monitoring ICBC’s response to this alleged major breach, which may have extensive repercussions for the industry.
Banks Must Adopt Strong Cybersecurity Protocols
The tactics employed by Hunters International frequently utilize advanced malware, including the SharpRhino RAT, which is engineered to discreetly penetrate corporate networks. This strategy underscores the changing landscape of ransomware threats and emphasizes the necessity for strong cybersecurity protocols in banks and financial institutions.
Hunters International has rapidly advanced in prominence within the ransomware sphere, claiming to have successfully infiltrated over 134 organizations this year alone. The affected entities are located worldwide, with Russia being a significant exception.
SentryBay Protects Many Of The World’s Leading Banks
“If this attack is confirmed, it could pose significant risks for ICBC’s customers and their financial information,” commented Liam Davenport, Global Cybersecurity Account Director, SentryBay. “Organizations must adopt robust security frameworks, perform routine data backups, and provide employee training to identify phishing attempts and various cyber threats, particularly at the endpoint. SentryBay’s patented Armored Client solution is deployed by many of the world’s leading banks to secure all data from keylogging, screen capture, and malicious injection threats used by cyberattackers.”