News / International
Complex hack attacks on IMF's computer system
12 Jun 2011 at 08:08hrs | Views
The International Monetary Fund's computer system has been targeted in a cyber attack which sought to gain an 'insider presence' in the organisation's network.
An IMF spokesperson said on Saturday that the network was hacked and much information was stolen prior to the May 14 arrest of former IMF chief Dominique Strauss-Kahn, but would not release more details about what was taken.
"The fund is fully functional," said David Hawley, the IMF spokesperson.
"I can confirm that we are investigating an incident. I am not in a position to elaborate further on the extent of the cybersecurity incident."
"This was a very major breach," a senior official with knowledge of the attack told the New York Times.
According to a cybersecurity expert who has worked for both the IMF and World Bank, the goal of the attack was to install software that would give a nation-state a "digital insider presence" on the network.
Probing the attack
No reliable source has yet identified what government orchestrated the hack, but the United States' Federal Bureau of Investigation is involved in an investigation of the cyber attack, according to a US Defense Department spokesperson.
The IMF, which has sensitive information on the economies of many nations, was hit during the last several months by what computer experts described as a large and sophisticated cyber attack, The New York Times reported.
The newspaper said the IMF's board of directors was told on Wednesday about the attack.
Internal IMF memos had warned employees to be on their guard.
"Last week we detected some suspicious file transfers, and the subsequent investigation established that a Fund desktop computer had been compromised and used to access some Fund systems," said the June 8 email to employees from Chief Information Officer Jonathan Palmer.
"At this point, we have no reason to believe that any personal information was sought for fraud purposes," the message to employees said.
'Increasing threat'
Cybersecurity experts say it is very difficult to trace a sophisticated cyber break-in to its ultimate source.
An official with the World Bank, the IMF's sister institution in Washington, said the World Bank had cut its network connection with the IMF out of "caution".
The information shared on that link was "non sensitive info," the official added.
"The World Bank Group, like any other large organisation, is increasingly aware of potential threats to the security of our information system and we are constantly working to improve our defenses," said World Bank spokesperson Rich Mills.
Experts say cyber threats are increasing worldwide.
CIA Director Leon Panetta told the US Congress this week the United States faces the "real possibility" of a crippling cyber attack.
"The next Pearl Harbor that we confront," he said, could be a cyber attack that "cripples our power systems, our grid, our security systems, our financial systems, our governmental systems."
"This is a real possibility in today's world," Panetta told his June 9 confirmation hearing in his bid to become the next US defense secretary.
The incident comes as attacks on computer networks are said by experts to be on the rise - notably those targeting major companies and potentially compromising government security and customer information.
For instance, Lockheed Martin Corp, the Pentagon's top military supplier by sales and the biggest information technology provider to the US government, disclosed two weeks ago that it had thwarted a "significant" cyber attack and said it was a "frequent target of adversaries around the world."
Also hit recently have been Citigroup Inc, Sony Corp and Google.
The attack on Lockheed followed the compromise of "SecurID" electronic keys issued by EMC's Ltd RSA Security division.
SecurIDs are widely used electronic keys to computer systems, designed to thwart hackers by requiring two passcodes: one that is fixed and another that is automatically generated every few seconds by the security system.
SecurIDs are used at the World Bank for remote log-ins.
As an extra precaution, employees receive an automatic email each time they log in from outside, to flag the operation in case it was originated fraudulently by someone else, a World Bank staff member said.
An IMF spokesperson said on Saturday that the network was hacked and much information was stolen prior to the May 14 arrest of former IMF chief Dominique Strauss-Kahn, but would not release more details about what was taken.
"The fund is fully functional," said David Hawley, the IMF spokesperson.
"I can confirm that we are investigating an incident. I am not in a position to elaborate further on the extent of the cybersecurity incident."
"This was a very major breach," a senior official with knowledge of the attack told the New York Times.
According to a cybersecurity expert who has worked for both the IMF and World Bank, the goal of the attack was to install software that would give a nation-state a "digital insider presence" on the network.
Probing the attack
No reliable source has yet identified what government orchestrated the hack, but the United States' Federal Bureau of Investigation is involved in an investigation of the cyber attack, according to a US Defense Department spokesperson.
The IMF, which has sensitive information on the economies of many nations, was hit during the last several months by what computer experts described as a large and sophisticated cyber attack, The New York Times reported.
The newspaper said the IMF's board of directors was told on Wednesday about the attack.
Internal IMF memos had warned employees to be on their guard.
"Last week we detected some suspicious file transfers, and the subsequent investigation established that a Fund desktop computer had been compromised and used to access some Fund systems," said the June 8 email to employees from Chief Information Officer Jonathan Palmer.
"At this point, we have no reason to believe that any personal information was sought for fraud purposes," the message to employees said.
'Increasing threat'
An official with the World Bank, the IMF's sister institution in Washington, said the World Bank had cut its network connection with the IMF out of "caution".
The information shared on that link was "non sensitive info," the official added.
"The World Bank Group, like any other large organisation, is increasingly aware of potential threats to the security of our information system and we are constantly working to improve our defenses," said World Bank spokesperson Rich Mills.
Experts say cyber threats are increasing worldwide.
CIA Director Leon Panetta told the US Congress this week the United States faces the "real possibility" of a crippling cyber attack.
"The next Pearl Harbor that we confront," he said, could be a cyber attack that "cripples our power systems, our grid, our security systems, our financial systems, our governmental systems."
"This is a real possibility in today's world," Panetta told his June 9 confirmation hearing in his bid to become the next US defense secretary.
The incident comes as attacks on computer networks are said by experts to be on the rise - notably those targeting major companies and potentially compromising government security and customer information.
For instance, Lockheed Martin Corp, the Pentagon's top military supplier by sales and the biggest information technology provider to the US government, disclosed two weeks ago that it had thwarted a "significant" cyber attack and said it was a "frequent target of adversaries around the world."
Also hit recently have been Citigroup Inc, Sony Corp and Google.
The attack on Lockheed followed the compromise of "SecurID" electronic keys issued by EMC's Ltd RSA Security division.
SecurIDs are widely used electronic keys to computer systems, designed to thwart hackers by requiring two passcodes: one that is fixed and another that is automatically generated every few seconds by the security system.
SecurIDs are used at the World Bank for remote log-ins.
As an extra precaution, employees receive an automatic email each time they log in from outside, to flag the operation in case it was originated fraudulently by someone else, a World Bank staff member said.
Source - Aljazeera
