Hackers have hit the International Monetary Fund with a “large and sophisticated cyberattack,” reports The New York Times. The IMF oversees the global financial system, and has highly confidential records about the economies of nations around the world. IMF staff and its board of directors learned of the attack on Wednesday, but no public pronouncement about the breach has yet been made, besides a vague statement by an IMF spokesman that all but ignores the incident.
“The fund is fully functional,” IMF spokesman David Hawley said in a statement to Reuters. “I can confirm that we are investigating an incident. I am not in a position to elaborate further on the extent of the cybersecurity incident.”
An unnamed IMF “official” who spoke with the Times describes the breach as “very major,” though exact details about what information, if any, was compromised remains unknown. Because the IMF has played an integral role in the bailouts of economically fragile countries like Portugal, Greece and Ireland, its databases contain agreements between various world governments that one fund official described as “political dynamite in many countries.” It is not yet clear whether this information was compromised in the breach.
One official indicated that the attack took place over the last few months, before Dominique Strass-Kahn, a French politician who ran the fund, was arrested in New York for allegedly sexually assaulting a hotel maid.
The attack on the IMF follows a wave of similar digital assaults on a variety of other entities, including Sony, Google, Citibank and prominent US defense contractor Lockheed Martin. The fund reportedly told the Times that it “did not believe” that the intrusion into their system was related to the Lockheed breach.
Those with knowledge of the IMF attack believe that hackers used a technique known as “spear phishing” — tricking a user to click on a malicious link or download spyware that reveals their private credentials — to carry out the intrusion. For the Lockheed breach, on the other hand, hackers broke into the systems of RSA Security and stole data that made it possible to duplicate their SecurID encryption keys, which are used to login to a wide variety of sensitive computer systems around the world.
As the near-constant high-profile attacks that have taken place over the past months shows us, no computer system is 100 percent safe. And because of that, this is far from the last time such an attack will take place. Prepare yourself, people; it’s about to get interesting.
UPDATE: Bloomberg reports that “hackers believed to be connected to a foreign government” carried out the IMF attack. Nearly every time a “foreign government” has been implicated in a cyberattack recently, that government is China’s. That’s not to say China carried out this attack — we have no idea — but you can bet your dollars they are on the short list.