Data taken in IMF hack 'political dynamite'

Foreign government suspected in targeted attack

The FBI is investigating a major computer security breach at the International Monetary Fund that resulted from a targeted attack possibly launched by a foreign government and that went on for months before being detected.

The IMF, an organization of 187 countries, is focused on ensuring the stability of the international monetary and financial system. The organization provided $91.7 billion in emergency loans last year, including one-third of the bailout packages in Europe, reported Bloomberg. It also is involved in promoting exchange rate stability.

Exposure of the IMF’s sensitive country financial information could alter world markets, and behind-the-scenes loan negotiations by national leaders is “political dynamite in many countries,” a fund official told the New York Times.

Related coverage:

Rising tide of cyberattacks threatens all boats

Another major defense contractor hacked; RSA tokens likely involved

A security expert working on the case said the hack, which resulted in the theft of a large quantity of data, was orchestrated by a foreign government, but did not say which country, reported Bloomberg.

The breach likely began with a spear-phishing attack, in which a user is enticed to click on a link that downloads malicious code onto a PC, the BBC reported. A security expert who has worked for IMF told Reuters the malware included code written specifically to give a nation state a "digital insider presence" on IMF’s network. Anup Ghosh, cited in the Bloomberg article, said spear-phishing is a common espionage tactic.

The IMF’s chief information officer, Jonathan Palmer, alerted IMF staff of the hack via an e-mail June 1, reported Bloomberg. No evidence of personal data was taken from the hack, which lasted for several months. A senior official at the organization described it as “a very major breach,” reported the New York Times. It occurred before Dominique Strauss-Kahn, the former head of the IMF, was arrested on charges of sexually assaulting a maid in a New York hotel.

In response to the breach, the World Bank, sister organization to IMF, cut its computer link to IMF. A spokesperson for the international economic development agency said the move was taken out of “an abundance of caution,” the New York Times reported. The link will remain severed until the severity and nature of the attack is understood.

The IMF has not made a public announcement on the breach. David Hawley, spokesperson for the IMF, said the organization is “investigating an incident, and the fund is fully functional,” reported the New York Times.

About the Author

Kathleen Hickey is a freelance writer for GCN.


  • Russia prying into state, local networks

    A Russian state-sponsored advanced persistent threat actor targeting state, local, territorial and tribal government networks exfiltrated data from at least two victims.

  • Marines on patrol (US Marines)

    Using AVs to tell friend from foe

    The Defense Advanced Research Projects Agency is looking for ways autonomous vehicles can make it easier for commanders to detect and track threats among civilians in complex urban environments without escalating tensions.

Stay Connected