LockBit claims responsibility for ransomware attack on ION Trading

LockBit claims responsibility for ransomware attack on ION Trading

Posted on



The LockBit ransomware gang has claimed responsibility for an attack on financial services company ION Trading UK Ltd. that has resulted in derivatives traders resorting to manually processing trades.

In a statement, ION described the attack as a “cybersecurity event” that commenced on Jan. 31 that affected some services in the ION Cleared Derivatives division. The incident is said to have been contained to a specific environment, affected servers disconnected and the remediation of services is underway.

According to Reuters, the attack has left scores of brokers unable to process derivatives trades, with attempts to remediate the situation possibly taking days.

While ION did not disclose the form of attack, enter LockBit, which has claimed responsibility for the attack on its dark web leaks site – see picture above.  While the listing does not provide details on how LockBit gained access to ION’s network, the ransomware gang is threatening to release all the data they stole from the company on Feb. 4 if their demands are not met.

LockBit does not say what its demands are, but given its usual modus operandi, it will be demanding that ION pay a ransom payment for a decryption key and a promise not to release the stolen data. Bleeping Computer notes that if LockBit does indeed have stolen data from ION, leaking it may expose sensitive information belonging to large investors, causing significant financial and organizational damage.

Notable ION customers who may be affected by the data theft include ABN Amro Bank N.V. and Italy’s largest bank Intesa Sanpaolo s.P.A.

Authorities on both sides of the Atlantic are said to be investigating, including the U.K. Financial Conduct Authority, the Prudential Regulation Authority and the U.S. Federal Bureau of Investigation.

“This is a reminder not only of third party and supply chain risks but also that large, well-known organizations that invest heavily in cyber security” can also be targeted, Javvad Malik, security awareness advocate at security awareness training company KnowBe4 Inc., told SiliconANGLE. “It’s why conducting thorough risk assessments is important in order to identify what business processes are important so that the appropriate controls and resilience can be built into the system.”

After bizarrely apologizing for a ransomware attack on a children’s hospital at the beginning of January, LockBit was more recently in the news following an attack on Royal Mail Group Ltd. on Jan. 12. The LockBit attack disrupted computer systems used by Royal Mail to process overseas deliveries, causing severe disruption.

Image: LockBit

Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *