{"id":604155,"date":"2023-02-03T07:49:17","date_gmt":"2023-02-03T13:49:17","guid":{"rendered":"https:\/\/news.sellorbuyhomefast.com\/index.php\/2023\/02\/03\/suspected-lockbit-ransomware-attack-causes-havoc-in-city-of-london\/"},"modified":"2023-02-03T07:49:17","modified_gmt":"2023-02-03T13:49:17","slug":"suspected-lockbit-ransomware-attack-causes-havoc-in-city-of-london","status":"publish","type":"post","link":"https:\/\/newsycanuse.com\/index.php\/2023\/02\/03\/suspected-lockbit-ransomware-attack-causes-havoc-in-city-of-london\/","title":{"rendered":"Suspected LockBit ransomware attack causes havoc in City of London"},"content":{"rendered":"<div>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.computerweekly.com\/visuals\/ComputerWeekly\/HeroImages\/City-of-London-conorcrowe-adobe_searchsitetablet_520X173.jpg\" data-credit=\"conorcrowe - stock.adobe.com\"  width=\"520\" height=\"173\" alt><\/p>\n<p>conorcrowe &#8211; stock.adobe.com<\/p>\n<\/p><\/div>\n<div id=\"content-header\">\n<h2>A suspected LockBit ransomware attack on trading software firm Ion has caused chaos for City of London traders<\/h2>\n<\/div>\n<div id=\"content-center\">\n<ul>\n<li><i data-icon=\"1\"><\/i><\/li>\n<li><i data-icon=\"2\"><\/i><\/li>\n<\/ul>\n<div id=\"contributors-block\">\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/Alex-Scroxton-CW-Contributor-2022.jpg\" alt=\"Alex Scroxton\">\n\t\t\t\t\t<\/p>\n<p><span>By<\/span><\/p>\n<ul>\n<li>\n\t\t\t\t\t<a href=\"https:\/\/www.techtarget.com\/contributor\/Alex-Scroxton\">Alex Scroxton,<\/a><br \/>\n\t\t\t\t\t\t<span>Security Editor<\/span>\n\t\t\t\t\t\t<\/li>\n<\/ul>\n<p>\n\tPublished: <span>02 Feb 2023 11:55<\/span>\n<\/p>\n<\/div>\n<section id=\"content-body\">\n<p>A ransomware attack on trading software supplier <a href=\"https:\/\/iongroup.com\/\">Ion Group<\/a> \u2013 potentially the work of the infamous LockBit cartel \u2013 has caused chaos for City of London traders, leaving them unable to perform key duties.<\/p>\n<p>Ion is a critical component of the UK\u2019s financial system, with its software playing a vital role in the trading of debt, derivatives and shares around the world.<\/p>\n<p><a href=\"https:\/\/www.telegraph.co.uk\/business\/2023\/02\/01\/city-london-traders-hit-russia-linked-cyber-attack\/\">According to the <em>Telegraph<\/em><\/a>, the incident has affected more than 40 clients, with some forced to resort to pen and paper to process their trades.<\/p>\n<p>The incident has caused additional stress coming at the end of the first calendar month of the year, when many traders would have been busy putting together end-of-month reports.<\/p>\n<p>In a brief statement, Ion confirmed that a cyber attack had taken place, but offered no further details.<\/p>\n<p>A spokesperson said: \u201cIon Cleared Derivatives, a division of Ion Markets, experienced a cyber security event commencing on 31 January 2023 that has affected some of its services.<\/p>\n<p>\u201cThe incident is contained to a specific environment, all the affected servers are disconnected, and remediation of services is ongoing. Further updates will be posted when available.\u201d<\/p>\n<p>At the time of writing, the involvement of LockBit has not been officially confirmed, merely alleged. There are also suggestions that the incident may have begun <a href=\"https:\/\/www.thetradenews.com\/ion-suffers-cyber-attack-on-derivatives-platform\/\">via the exploitation of vulnerabilities in VMware servers<\/a>, again unconfirmed.<\/p>\n<p>Rebecca Moody, head of data research at <a href=\"https:\/\/comparitech.com\/\">Comparitech<\/a>, commented: \u201cAt the moment, there are two key concerns here. Firstly, is the impact the downtime will have across a multitude of organisations around the world. As we\u2019ve seen with the recent Royal Mail attack, disruptions are still ongoing over two weeks later.<\/p>\n<p>\u201cSecondly, is the high risk of sensitive data being leaked by the hackers. While ransomware attacks used to focus on encryption tactics, the majority are now stealing data as well. Ion Group has said the attack is \u2018contained to a specific environment\u2019, so we will have to hope they are able to minimise the impact of the attack and that no key data has been stolen.\u201d<\/p>\n<p>According to analysis of incident data collated by the UK Information Commissioner\u2019s Office (ICO) and analysed by <a href=\"https:\/\/www.cybsafe.com\/\">CybSafe<\/a>, the financial services and insurance sector accounted for 12% of total cyber attacks in the 2021-22 financial year.<\/p>\n<p>\u201cMore notably,\u201d said CybSafe founder and CEO Oz Alashe, \u201cthe number of ransomware attacks has increased by 12% to represent 35% of all cyber attacks within the sector. The frequency of these attacks is, unfortunately, a trend likely to continue in 2023.\u201d<\/p>\n<section data-menu-title=\"Ransomware resurgence\">\n<h3><i data-icon=\"1\"><\/i>Ransomware resurgence<\/h3>\n<p>Indeed, after something of a slowdown towards the end of 2022, ransomware attacks now appear to be on the up again early in 2023, a trend that is not in and of itself out of the ordinary, as operators are well-known to <a href=\"https:\/\/www.computerweekly.com\/news\/252527830\/Latest-LockBit-ransomware-versions-have-wormable-capabilities\">take frequent breaks to regroup, retool<\/a>, and even go on holiday.<\/p>\n<p>LockBit itself has remained a highly prolific actor, accounting for a significant percentage <a href=\"https:\/\/www.computerweekly.com\/news\/252526278\/Ransomware-crews-regrouping-as-LockBit-rise-continues\">of all disclosed ransomware incidents<\/a> in supplier reporting metrics. It is currently suspected of being behind the January 2023 attack on Royal Mail, <a href=\"https:\/\/www.computerweekly.com\/news\/252529173\/LockBit-cartel-suspected-of-Royal-Mail-cyber-attack\">an incident that is still ongoing<\/a>.<\/p>\n<\/section>\n<\/section>\n<section id=\"DigDeeperSplash\">\n<h4>\n\t\t\t<i data-icon=\"m\"><\/i>Read more on Hackers and cybercrime prevention<\/h4>\n<ul>\n<li><a id=\"DigDeeperItem-1\" href=\"https:\/\/www.techtarget.com\/searchsecurity\/news\/365530004\/Ransomware-attacks-on-public-sector-persist-in-January\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/onlineimages\/ransom_g886701618_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/cdn.ttgtmedia.com\/rms\/onlineimages\/ransom_g886701618_searchsitetablet_520X173.jpg 960w,https:\/\/cdn.ttgtmedia.com\/rms\/onlineimages\/ransom_g886701618.jpg 1280w\" alt ><\/p>\n<h5>Ransomware attacks on public sector persist in January<\/h5>\n<div>\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/onlineimages\/waldman_arielle.jpg\" alt=\"ArielleWaldman\">\n\t\t\t\t\t\t\t\t\t<\/p>\n<p><span>By: <span>Arielle\u00a0Waldman<\/span><\/span>\n\t\t\t\t\t\t\t<\/p>\n<\/div>\n<p>\t\t\t\t<\/a><\/li>\n<li><a id=\"DigDeeperItem-2\" href=\"https:\/\/www.computerweekly.com\/news\/365530199\/Arnold-Clark-customer-data-was-stolen-in-Play-ransomware-attack\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero Images\/Fotolia-cars_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero%20Images\/Fotolia-cars_searchsitetablet_520X173.jpg 960w,https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero%20Images\/Fotolia-cars.jpg 1280w\" alt ><\/p>\n<h5>Arnold Clark customer data was stolen in Play ransomware attack<\/h5>\n<div>\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/Alex-Scroxton-CW-Contributor-2022.jpg\" alt=\"AlexScroxton\">\n\t\t\t\t\t\t\t\t\t<\/p>\n<p><span>By: <span>Alex\u00a0Scroxton<\/span><\/span>\n\t\t\t\t\t\t\t<\/p>\n<\/div>\n<p>\t\t\t\t<\/a><\/li>\n<li><a id=\"DigDeeperItem-3\" href=\"https:\/\/www.computerweekly.com\/news\/365529954\/Royal-Mail-recovers-more-International-Tracked-services\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero Images\/Royal-Mail-postbox-adobe_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero%20Images\/Royal-Mail-postbox-adobe_searchsitetablet_520X173.jpg 960w,https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero%20Images\/Royal-Mail-postbox-adobe.jpg 1280w\" alt ><\/p>\n<h5>Royal Mail recovers more International Tracked services<\/h5>\n<div>\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/Alex-Scroxton-CW-Contributor-2022.jpg\" alt=\"AlexScroxton\">\n\t\t\t\t\t\t\t\t\t<\/p>\n<p><span>By: <span>Alex\u00a0Scroxton<\/span><\/span>\n\t\t\t\t\t\t\t<\/p>\n<\/div>\n<p>\t\t\t\t<\/a><\/li>\n<li><a id=\"DigDeeperItem-4\" href=\"https:\/\/www.computerweekly.com\/news\/252529609\/Royal-Mail-resumes-some-international-parcel-services-from-UK\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero Images\/parcels-distribution-packaging-online-shopping-adobe_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero%20Images\/parcels-distribution-packaging-online-shopping-adobe_searchsitetablet_520X173.jpg 960w,https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero%20Images\/parcels-distribution-packaging-online-shopping-adobe.jpeg 1280w\" alt ><\/p>\n<h5>Royal Mail resumes some international parcel services from UK<\/h5>\n<div>\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/Alex-Scroxton-CW-Contributor-2022.jpg\" alt=\"AlexScroxton\">\n\t\t\t\t\t\t\t\t\t<\/p>\n<p><span>By: <span>Alex\u00a0Scroxton<\/span><\/span>\n\t\t\t\t\t\t\t<\/p>\n<\/div>\n<p>\t\t\t\t<\/a><\/li>\n<\/ul>\n<\/section>\n<\/div>\n<p><a href=\"https:\/\/www.computerweekly.com\/news\/365530214\/Suspected-LockBit-ransomware-attack-causes-havoc-in-City-of-London\" class=\"button purchase\" rel=\"nofollow noopener\" target=\"_blank\">Read More<\/a><br \/>\n Leigha Mongold<\/p>\n","protected":false},"excerpt":{"rendered":"<p>conorcrowe &#8211; stock.adobe.com A suspected LockBit ransomware attack on trading software firm Ion has caused chaos for City of London traders By Alex Scroxton, Security Editor Published: 02 Feb 2023 11:55 A ransomware attack on trading software supplier Ion Group \u2013 potentially the work of the infamous LockBit cartel \u2013 has caused chaos for City<\/p>\n","protected":false},"author":1,"featured_media":604156,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[36389,1506,46],"tags":[],"class_list":["post-604155","post","type-post","status-publish","format-standard","has-post-thumbnail","category-lockbit","category-suspected","category-technology"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/604155","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/comments?post=604155"}],"version-history":[{"count":0,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/604155\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media\/604156"}],"wp:attachment":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media?parent=604155"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/categories?post=604155"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/tags?post=604155"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}