12 Jun 2011

IMF falls victim to cyber attack

The International Monetary Fund was targeted by a sophisticated cyber attack earlier this year which infiltrated the intergovernmental group which overseas the global financial system.

The International Monetary Fund, which brings together 187 member states, has become the latest known target of a significant cyber hack.

A cybersecurity expert who has worked for both the IMF and the World Bank, its sister institution, said the intruders’ goal had been to install software that would give a nation state a “digital insider presence” on the IMF network.

Such a presence could yield a trove of non-public economic data used by the IMF to promote exchange rate stability, support balanced international trade and provide resources to remedy members’ balance-of-payments crises.

“It was a targeted attack,” said Tom Kellerman, who has worked for both international financial institutions and who serves on the board of a group known as the International Cyber Security Protection Alliance.

The code used in the IMF incident was developed specifically for the attack on the institution, said Kellerman, formerly responsible for cyber-intelligence within the World Bank’s treasury team and now chief technology officer at AirPatrol, a cyber consultancy.

According to reports the attack happened before the 14 May arrest of former IMF chief Dominique Strauss-Kahn on sexual assault charges.

High-profile companies attacked

The attack is the latest in a number of cyber break-ins that have targeted high-profile companies and institutions, often to steal secrets with potentially far-reaching economic implications.

The list of victims includes Lockheed Martin Corp, Sony Corp and Citigroup Inc.

IMF falls victim to cyber attack

IMF spokesman David Hawley said Saturday the Fund was “fully functional,” despite the attack.

“I can confirm that we are investigating an incident,” he said, adding that he was not in a position to elaborate on the extent of it. He declined to respond to requests for comment on Kellerman’s conclusion about the intruders’ goal.

The FBI is helping to investigate the attack.

A World Bank official said the Bank had cut its network connection with the IMF out of “caution” even though the information shared on that link was “non sensitive.”

Experts say cyber threats are increasing worldwide. CIA Director Leon Panetta told the US Congress this week the United States faced the “real possibility” of a crippling cyber attack.

The New York Times cited computer experts as saying the IMF’s board of directors was told of the attack on Wednesday, though the assault had lasted several months.

An Internal IMF memo issued on Wednesday warned employees to be on their guard.

“Last week we detected some suspicious file transfers, and the subsequent investigation established that a Fund desktop computer had been compromised and used to access some Fund systems,” said the email to employees from Chief Information Officer Jonathan Palmer.