Skip to main content

International Monetary Fund suffers a cyber hack attack

The International Monetary Fund (IMF) has reportedly become the target of a concerted hack attack.

The resulting breach was severe enough for the economic development agency to temporarily suspend network connections with the World Bank, as a precaution. The link was quickly restored.

According to internal emails leaked to Bloomberg the precautionary disconnection followed the detection of “suspicious file transfers”. “[A] subsequent investigation established that a Fund desktop computer had been compromised and used to access some Fund systems. At this point, we have no reason to believe that any personal information was sought for fraud purposes.”


The IMF reported told staff on or around 8 June that it planned to replace RSA SecurID tokens used for remote authentication. RSA last week publicly offered to replace two factor authentication token after defence contractor Lockheed Martin said it had come under attack from hackers using information gleaned from an earlier high-profile attack on RSA back in March.

However an IMF staffer told the New York Times that the attack on its systems is not linked to the earlier RSA breach. Unconfirmed reports suggest that the IMF was the target of a spear phishing attack designed to plant malware inside its systems.

If so – and it’s a big if – then the IMF has come under the type of attack previously faced by both a French economics ministry and its Canadian counterpart over recent months. Both the Canadian and French hack coincided with international government leader conferences.

The IMF itself is saying little about the attack other than to confirm that it is under investigation. The motives, much less the identity of attackers, remain unclear.

David Beesley, managing director of security consultancy Network Defence, said that targeted (spear phishing) attacks of the type that might have been launched can be very tricky but not impossible to thwart.

“Spear phishing is difficult to defend against because it primarily targets users not PCs, and the information that attackers can gather from social networking sites makes the phishing emails look very convincing,” Beesley said. “As we’ve seen, it makes these attacks effective against any size of organisation.”

“Really, firms need to use a mix of user education and layered security solutions to defend themselves. Employees should be aware that even plausible-looking emails should be treated with suspicion, and IT teams should look at their AV and anti-spam solutions to try and stop malware propagating,” he added.
Labels:

Comments

Post a Comment

Leave ur Comment Please :)

Popular posts from this blog

Defenders of Internet Freedom

From Politicians and professors to computer scientists and the first programmer, take a look at the champions of open internet. Julian Assange    Editor-In-Cheif, Wikileaks Assange has directed the publication of secret documents on the afghan wars and Guantanamo Bay Prisoner files and US Cables and also disclosed many facts which were unknown to world. He defaced many big companies and reiceved many death threads and became a Bad person in the eyes of the world. Sir Tim Berners-Lee Inventor of the world wide web Tim is instrumental pushing open data at high level to governments around the world and is a campingner against two tier internet. He also strongly supported a group putting pressure on the US government over the proposed US PIPA Act, which aims to impose restrictions and censorship on the internet. Jimmy Wales Chairman, Wikipedia Jimmy Wales is the man behind wikipedia wales participated in an internet blackout, closing the site for a day, in protest against the pro
4 comments
Read More

What is Steganography

Steganography is the art and science of hiding messages. Steganography is often combined with cryptography so that even if the message is discovered it cannot be read. The word steganography is derived from the Greek words “steganos” and “graphein”, which mean “covered” and “writing.” Steganography, therefore, is covered writing. Historical stenganography involved techniques such as disappearing ink or microdots. Modern steganography involves hiding data in computer files. It is fairly easy to hide a secret message in a graphic file without obviously altering the visible appearance of that file. Steganography software OutGuess is a universal steganographic tool that allows the insertion of hidden information into the redundant bits of data sources. The nature of the data source is irrelevant to the core of OutGuess. The program relies on data specific handlers that will extract redundant bits and write them back after modification. In this version the PNM and JP
1 comment
Read More

Windows Basic Security tutorial

Hey guys, I just wanted to quickly write a tutorial about some basic computer security. First, you have Windows 7 installed freshly with no current infections. A fresh install is best. Second, you are a moderate user of the internet. Basic Security Applications You are going to want a few applications to help you out along the way. First off, you will need two (2) anti-malware programs. This is to ensure that if one misses something, you have a second one to make sure. I personally use Microsoft Security Essentials (MSE) and Malwarebytes Anti-Malware (MBAM). Update these as often as they need to be. Run both of these every single day. Once a week minimum, but daily is far more advantageous. If you torrent, you will want PeerBlock . PeerBlock basically blocks your peers, especially RIAA, the govt, and other unsavory sorts from tracking who you are and what you're downloading. If you don't use PeerBlock, you can almost guarantee getting cau
1 comment
Read More