Skip to main content

Hackers breach IMF with ‘sophisticated cyberattack’ [update]

Image used with permission by copyright holder

Hackers have hit the International Monetary Fund with a “large and sophisticated cyberattack,” reports The New York Times. The IMF oversees the global financial system, and has highly confidential records about the economies of nations around the world. IMF staff and its board of directors learned of the attack on Wednesday, but no public pronouncement about the breach has yet been made, besides a vague statement by an IMF spokesman that all but ignores the incident.

Recommended Videos

“The fund is fully functional,” IMF spokesman David Hawley said in a statement to Reuters. “I can confirm that we are investigating an incident. I am not in a position to elaborate further on the extent of the cybersecurity incident.”

An unnamed IMF “official” who spoke with the Times describes the breach as “very major,” though exact details about what information, if any, was compromised remains unknown. Because the IMF has played an integral role in the bailouts of economically fragile countries like Portugal, Greece and Ireland, its databases contain agreements between various world governments that one fund official described as “political dynamite in many countries.” It is not yet clear whether this information was compromised in the breach.

One official indicated that the attack took place over the last few months, before Dominique Strass-Kahn, a French politician who ran the fund, was arrested in New York for allegedly sexually assaulting a hotel maid.

The attack on the IMF follows a wave of similar digital assaults on a variety of other entities, including Sony, Google, Citibank and prominent US defense contractor Lockheed Martin. The fund reportedly told the Times that it “did not believe” that the intrusion into their system was related to the Lockheed breach.

Those with knowledge of the IMF attack believe that hackers used a technique known as “spear phishing” — tricking a user to click on a malicious link or download spyware that reveals their private credentials — to carry out the intrusion. For the Lockheed breach, on the other hand, hackers broke into the systems of RSA Security and stole data that made it possible to duplicate their SecurID encryption keys, which are used to login to a wide variety of sensitive computer systems around the world.

As the near-constant high-profile attacks that have taken place over the past months shows us, no computer system is 100 percent safe. And because of that, this is far from the last time such an attack will take place. Prepare  yourself, people; it’s about to get interesting.

UPDATE: Bloomberg reports that “hackers believed to be connected to a foreign government” carried out the IMF attack. Nearly every time a “foreign government” has been implicated in a cyberattack recently, that government is China’s. That’s not to say China carried out this attack — we have no idea — but you can bet your dollars they are on the short list.

Andrew Couts
Former Digital Trends Contributor
Features Editor for Digital Trends, Andrew Couts covers a wide swath of consumer technology topics, with particular focus on…
Hacker sent to jail for huge 2020 Twitter breach
A Twitter logo graphic.

A British man who took part in a high-profile Twitter hack in 2020 was handed a five-year jail term by a New York federal court on Friday.

Joseph O’Connor, 24, had pled guilty in May to four counts of computer hacking, wire fraud, and cyberstalking. He was also ordered to pay $794,000, the amount that he nabbed in the crypto crime.

Read more
Chinese hackers targeting critical U.S. infrastructure, Microsoft warns
chinese hackers caught targeting vital us infrastructure china flags

State-sponsored hackers based in China have been working to compromise critical infrastructure in the U.S., Microsoft said on Wednesday. It’s thought the attacks could lead to the disruption of important communications between the U.S. and its interests in Asia during future crises.

Notable target sites include Guam, a small island in the Pacific with an important U.S. army base that could play an important role in any clash with China over Taiwan.

Read more
Hackers may have stolen the master key to another password manager
Open padlock cybersecurity

The best password managers are meant to keep all your logins and credit card info safe and secure, but a major new vulnerability has just put users of the KeePass password manager at serious risk of being breached.

In fact, the exploit allows an attacker to steal a KeePass user’s master password in plain text -- in other words, in an unencrypted form -- simply by extracting it from the target computer’s memory. It’s a remarkably simple hack, yet one that could have worrying implications.

Read more