IMF targeted in cyberattack, extent not disclosed
Saturday, June 11, 2011
NEW YORK (AP) — The International Monetary Fund, already reeling from last month's arrest of its former leader, is investigating an attack on its computer system.
IMF spokesman David Hawley said the organization is fully functional. He declined to provide further details on what he termed an "IT incident," including its scope or nature and whether any sensitive data were taken. The IMF has confidential information on countries in financial trouble.
The New York Times cited unnamed IMF officials as saying the attack was sophisticated and serious.
The IMF told staffers about it on Wednesday but hasn't made a public announcement.
The IMF is already facing a public-relations headache after the arrest of Dominique Strauss-Kahn, who resigned as IMF managing director last month after being accused of sexually assaulting a maid in a New York hotel.
French Finance Minister Christine Lagarde, Mexican central bank chief Agustin Carstens and others are vying for the top job. Stanley Fischer, Israel's central bank chief, emerged as a candidate Saturday.
It's not clear if hackers were targeting the IMF. Hackers sometimes try to distribute malicious software code widely and see which organizations it can infect.
But they can also choose targets. Using a technique called "spear phishing," for instance, they can trick employees of a specific organization into clicking a link that then gives hackers access to its computer systems.
Dave Jevans, chairman of computer security firm IronKey Inc., said he's concerned by an uptick in "hacktivism," where groups target organizations for political purposes.
It's possible the IMF was the victim of such hacktivism. However, one official cited by the Times said the attack occurred over the last several months, before the troubles involving Strauss-Kahn.
Concerns about the IMF attack were great enough that the World Bank cut a computer link that allows the two organizations to share non-sensitive information, according to a bank official. The move was taken out of "an abundance of caution," said the official, who spoke on condition of anonymity because of the security issues around the incident.
The IMF attack follows a string of major data breaches.
In recent months, hackers have penetrated 100 million Sony PlayStation accounts, the networks of Lockheed Martin and the customer email databases of a company that does marketing for Best Buy and Target stores.
Google has accused Chinese hackers of targeting the Gmail accounts of U.S. government officials.
About 200,000 Citibank credit card customers in North America had their names, account numbers and email addresses stolen.