Ion Group, a Dublin-based software company that helps financial institutions automate their critical business processes, has been hit by a ransomware attack that forced several European and U.S. banks to revert to manual processes.
The cyberattack, which TechCrunch learned about on Tuesday, affected Ion’s Cleared Derivatives division, which provides software for automating the trading lifecycle and the derivatives clearing process. Unlike physical assets, derivatives are financial products that derive value from a relationship to another underlying asset. Common types of derivatives include currencies, stocks, bonds and commodities.
Ion said in a short statement that it “experienced a cybersecurity event” on Tuesday that affected some of its services. “The incident is contained to a specific environment, all the affected servers are disconnected, and remediation of services is ongoing.”
Ion spokesperson Suezelle D’Costa declined to share further details, such as the nature of the incident or how the organization was compromised. However, a memo from Ion obtained by Bloomberg confirms the attack was the work of the Russian-linked LockBit ransomware gang, which last month hit U.K. postal giant Royal Mail, forcing the mail service to suspend international deliveries.
LockBit claimed responsibility for the attack and is threatening to leak data stolen from the company on February 4 unless a ransom demand is paid, according to the ransomware gang’s dark web site and seen by TechCrunch. It’s not yet known how much and what types of data were stolen. Ion spokesperson D’Costa declined to comment.
The impact of the incident also remains unclear, but Bloomberg reports that the attack affected at least 42 of Ion’s clients and forced several European and U.S. financial institutions to process some derivative trades manually. A person with knowledge of the incident told TechCrunch that many commercial banks worldwide are experiencing issues, such as the ability to get quotes, following the ransomware attack.
The Futures Industry Association, a U.S.-based industry advocacy group for the futures, options and cleared derivatives markets, said in a statement that the incident is “impacting the trading and clearing of exchange-traded derivatives by Ion customers across global markets.”
The FIA added that it is working with impacted members to assess the extent of the impact.
Meanwhile, the U.S. Treasury said it’s monitoring the situation and downplayed the risk to U.S. financial markets.
In a statement provided to TechCrunch, Treasury senior cybersecurity official Todd Conklin said the Treasury is aware of the ransomware attack but said that the incident is isolated to a small number of smaller and mid-size firms.
“The issue does not pose a systemic risk to the financial sector,” said Conklin. “We remain connected with key financial sector partners, and will advise of any changes to this assessment.”
Ion told clients on Thursday that its systems won’t be fully operational until February 6, according to email correspondence seen by Bloomberg.
https://techcrunch.com/
It’s time to start changing your passwords assword manager giant LastPass has confirmed that cybercriminals stole its customers’ encrypted password vaults, which store its customers’ passwords and other secrets, in a data breach earlier this year. In an updated blog post on its disclosure, LastPass CEO Karim Toubba said the intruders took a copy of […]
British newspaper The Guardian has confirmed that cybercriminals accessed the personal details of U.K. staff members during a ransomware attack last month. The Guardian confirmed the data breach in an update emailed to staff on Wednesday, which the newspaper reported shortly after. The email, signed by the news outlet’s chief executive Anna Bateson and editor-in-chief […]
Small and medium businesses have become a growing target for malicious online hackers in recent years, currently accounting for between 43% and 61% of all security breaches and some $7 billion annually in related losses, according to different estimates. Today, a startup called Guardz is emerging from stealth with a two-part offering aimed at protecting them: a SaaS-based set of low-code […]
Leave a Reply