IMF Hit by Hackers Sometime in May

The New York Times reported yesterday that the International Monetary Fund (IMF) suffered what one unnamed official there called a "very major breach." The Times said, however, that an IMF spokesperson "declined to provide details or talk about the scope or nature of the intrusion."

The incident reportedly caused the IMF as a precaution to cut the computer link it has to the World Bank with which it shares some information.

A Bloomberg News story today reported that a security expert supposedly familiar with the attack claimed that it was directed by an unnamed foreign government. The attack, this person says, accessed emails and a "large quantity of data."

The person also claimed that the attack took place before the 14th of May. Internal IMF memos that Bloomberg was able to review say that on the 1st of June, the IMF IT department sent memos to employees warning them of virus attacks aimed against IMF computer systems.

On the 8th of June, Bloomberg reports that the IMF Chief Information Officer Jonathan Palmer wrote in a memo to IMF employees that:

"Last week we detected some suspicious file transfers, and the subsequent investigation established that a Fund desktop computer had been compromised and used to access some Fund systems... At this point, we have no reason to believe that any personal information was sought for fraud purposes."

The information in these internal IMF memos don't seem to line up with the claim that the breach occurred before 14 May, however. The memos make it look like there was another successful attack in early June. Maybe more details will emerge in the next few days to clarify the timeline.

Another thing that was a bit strange was this Reuters report from last night that quoted a US Department of Defense spokesperson as saying that the US Federal Bureau of Investigation had been called into investigate. Why a DoD spokesperson would be speaking about what the FBI was or was not investigating is unusual, to say the least. 

Furthermore, the FBI wouldn't confirm its involvement in investigating the IMF cyber attack according to today's Bloomberg story.

This IMF attack seems to be following a familiar pattern of targeting government-related financial information. In January , Canada's Treasury Board and Department of Finance were fending off cyber attacks. The attacks forced the two departments off the Internet for weeks.

In March, the French government admitted that the Finance Ministry had been breached by a hacking attack late in 2010, allegedly targeting information related to France's presidency of the G20.

Also in March, Australian Prime Minister Julia Gillard's email and the emails of as many as 10 other government ministers, including the Foreign and Defense ministers, were reportedly successfully hacked for most of the month February.

The speculation that all three of these attacks originated in China, which the Chinese government has denied.

PHOTO: iStockPhoto

Related Stories

Risk Factor

IEEE Spectrum's risk analysis blog, featuring daily news, updates and analysis on computing and IT projects, software and systems failures, successes and innovations, security threats, and more.

Contributor
Willie D. Jones
 

Newsletter Sign Up

Sign up for the ComputerWise newsletter and get biweekly news and analysis on software, systems, and IT delivered directly to your inbox.

Advertisement
Advertisement