THE INTERNATIONAL Monetary Fund is investigating a serious cyber-attack, in which some of its systems were compromised and used to access internal data.
Security experts said the source seemed to be a “nation state” aiming to gain a “digital insider presence” on the network of the IMF, the inter-governmental group that oversees the global financial system.
Tom Kellermann, a cyber-security specialist who has worked for the IMF and was in charge of cyberintelligence in the World Bank’s treasury team, said the intrusion could have yielded a treasure trove of non-public economic data used by the IMF to promote exchange rate stability, support balanced international trade, and provide resources to remedy members’ balance-of-payments crises.
“It was a targeted attack,” said Mr Kellermann, who also serves on the International Cyber Security Protection Alliance.
The attack will increase concerns over low-level cyberwarfare waged by governments for economic and industrial espionage purposes, which have grown in recent weeks.
Earlier this year it was revealed computers at France’s finance ministry had been hacked and were silently redirecting data to websites in China, apparently in an effort to steal documents relating to February’s G20 summit.
The code used in the IMF incident was developed specifically for the attack on the institution, said Mr Kellermann, now chief technology officer at cyber-consultancy AirPatrol.
The World Bank said it had cut its network connection with the IMF out of caution, even though the information shared over the link was “non-sensitive”. The IMF insists that it remains “fully functional” while the FBI investigates the attack.
An internal memo issued on June 8th from the IMF’s chief information officer, Jonathan Palmer, told staff that suspicious file transfers had been detected and that an investigation had shown a desktop computer “had been compromised and used to access some fund systems”. Significantly, he said that he had “no reason to believe that any personal information was sought for fraud purposes”.
Lockheed Martin Corp, the Pentagon’s biggest supplier by sales and the biggest information technology provider to the US government, disclosed two weeks ago that it had thwarted a “significant” cyber attack.
It said it had become a “frequent target of adversaries around the world”.
Also hit recently have been Citigroup Inc, Sony Corp and Google Inc. – (Guardian Service, Reuters)
:quality(70)/cloudfront-eu-central-1.images.arcpublishing.com/sandbox.irishtimes/GW3FWAURWFGM7FF4RMYJLBG7ZI.png)