IMF: We wuz hacked (boingboing) The New York Times reports that the International Monetary Fund (IMF) has been hit with what is described as “a large and sophisticated cyberattack whose dimensions are still unknown.” The breach happened before the IMF’s managing director was accused of trying to rape a hotel worker.
The fund, which manages financial crises around the world and is the repository of highly confidential information about the fiscal condition of many nations, told its staff and its board of directors about the attack on Wednesday. But it did not make a public announcement.Several senior officials with knowledge of the attack said it was both sophisticated and serious. “This was a very major breach,” said one official, who said that it had occurred over the last several months, even before Dominique Strauss-Kahn, the French politician who ran the fund, was arrested on charges of sexually assaulting a chamber maid in a New York hotel.
by Xeni Jardin
IMF hit by ‘very major’ cyber security attack (bbc.co.uk) (…) High profile breaches A cyber security expert told Reuters the infiltration had been a targeted attack which installed software designed to give a nation state a “digital insider presence” at the IMF.
“The code was developed and released for this purpose,” said Tom Kellerman, who has worked for the Fund.
Bloomberg quoted an unnamed security expert as saying the hackers were connected to a foreign government. However, such attacks are very difficult to trace.
The World Bank said it briefly cut its network connection with the Fund out “an abundance of caution”.
International Monetary Fund Reportedly Hacked (threatpost.com) (…) The organization is also a user of RSA’s SecurID tokens and informed employees on June 8 that it would be replacing their tokens following the security breach at RSA. There is no indication that the hack of the IMF computers was linked to the breach at RSA.
Recent weeks have brought a slew of reports of attacks against high profile Western corporations, government and quasi governmental organizations. They include a breach at Citibank that netted credit card information on 200,000 customers, as well as attacks on L3 Communications and Lockheed Martin. The latter attack is believed to have resulted from the theft of information used to program SecurID tokens, RSA said.