Several European and U.S. banks were forced to resort to manual operations after a ransomware assault on Ion Group, a Dublin-based software company that helps financial institutions automate their core business processes.
Cleared Derivatives, a branch of Ion that makes trading lifecycle automation and derivatives clearing software, was hit by a hack on Tuesday. Derivatives are different from traditional assets in that their value is based on their connection to another asset. Derivatives may be found in a wide variety of currencies, equities, bonds, and commodities.
In a brief statement released on Tuesday, Ion explained that the company “had a cybersecurity event” that disrupted some of its services. All impacted servers have been shut down, and work is underway to restore service.
Suezelle D’Costa, a representative for Ion, declined to elaborate on the nature of the event or the method by which the company was breached. A letter from Ion seen by Bloomberg, however, indicates that the attack was carried out by the Russian-linked LockBit ransomware group, which last month targeted U.K. postal behemoth Royal Mail, prompting the mail service to cease international deliveries.
The ransomware gang’s dark web site, where they claimed credit for the assault and stated that they would release stolen corporate data on February 4 unless a ransom demand was met. Exactly how much information was compromised or what kinds of information were taken is now unknown. Ion’s spokeswoman D’Costa was unwilling to elaborate.
Still unknown is the full extent of the damage caused by the hack, which Bloomberg says prompted certain European and American banks to conduct some derivative contracts by hand but affected at least 42 of Ion’s customers. Numerous commercial banks around the world are having trouble after the ransomware assault, including the inability to acquire quotations.
The event is “impacting the trading and clearing of exchange-traded derivatives by Ion clients across worldwide markets,” according to a statement released by the Futures Industry Association, a U.S.-based industry advocacy group for the futures, options, and cleared derivatives markets.
The FIA also said that it is collaborating with affected members to determine the full scope of the problem.
As this is going on, the U.S. Treasury has stated that it is keeping an eye on developments and has minimised the threat to American financial markets.
Senior Treasury cybersecurity officer Todd Conklin said in a statement that the Treasury is aware of the ransomware assault but that it has only affected a “limited number” of small and medium-sized businesses.
Conklin affirmed that the problem did not threaten the stability of the financial system as a whole. We’re keeping in touch with our major partners in the financial sector and will update you if our current evaluation changes.
According to emails acquired by Bloomberg, Ion informed customers on Thursday that the full functionality of its systems would not be achieved until February 6.
Subtly charming pop culture geek. Amateur analyst. Freelance tv buff. Coffee lover