Reports Say Russian LockBit Group Carried Out Attack on Trading Software Firm
Attackers this week locked up the business of London-based ION Cleared Derivatives, a software firm that supports derivatives trading, forcing major European banks to process trades manually and prompting a major futures exchange to delay the settlement of trades for two hours.
See Also: Live Webinar | Navigating the Difficulties of Patching OT
ION Cleared Derivatives, part of ION Group which offers software designed to automate the complete trade lifecycle and the derivatives clearing process, said in a statement on its website late Tuesday that a “cybersecurity event” affected some of its services and that “the incident is contained to a specific environment, all the affected servers are disconnected, and remediation of services is ongoing.”
The attack originated from Russian ransomware gang LockBit, according to a memo from ION obtained by Bloomberg.
The Futures Industry Association on Wednesday
FIA says in a statement Wednesday that it is coordinating communication and information sharing through regular calls with relevant parties, “assessing the firms impacted, how firms can work together to mitigate the disruption and seeking clarity over concerns about affected regulatory obligations and reporting.”
Meanwhile, the ICE Futures Exchange, which handles soft markets in London, announced Wednesday that it extended the cutoff time for position maintenance from 10 a.m. to noon.
The exchange warned that the extension “will result in delayed publication of open interest and the potential for misstated open interest on the days impacted by the vendor issue.”
The settlement of derivatives investments is time sensitive because buyers contract to sell goods or livestock to a counterparty who agrees to buy those goods or livestock at a specific price on a specific date. Often, derivative investments involve buying options based on the movement of the prices or swaps with other counterparties to hedge potential losses.
ION Cleared Derivatives did not immediately respond to requests from Information Security Media Group for an interview.
LockBit is a prolific ransomware group that has been active since late 2019. The group was recently linked to the attack on Royal Mail, which disrupted international mail service. The group is often considered the winner of the contest to succeed Conti as the world’s most recognized digital extortion gang.
