Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

World Bank cut connection to IMF after "major" cyberattack

Leaderless organisation penetrated by hackers
Hackers - <i>Image credit: [[xref:http://chasness.wordpress.com/2008/07/15/top-five-hacking-movies/|Chas Andrews' Movie Blog]]</i>

Hackers - Image credit: Chas Andrews' Movie Blog

The International Monetary Fund (IMF) has admitted to being the victim of a cyberattack so serious that its global partner the World Bank temporarily decided to cut all computer links between the two organisations.

The precise nature of the attack and when it happened was not revealed to the New York Times, which broke the story, but is believed to have been some months before its now deposed head, Dominique Strauss-Kahn, was accused of the sexual assault on a New York hotel chambermaid.

This much can be gleaned from the coded details revealed in the outline story; this was most likely an utterly standard targeted attack that started with one or more individuals in the organisation receiving an email, apparently from a trusted contact, which asked them to run an attachment.

Once run, the target for any malware executed at that point would, presumably, have been unencrypted confidential documentation, including emails, hosted elsewhere on the network. Exactly how successful the attack was has not, of course, been stated but it was severe enough for one unnamed official to be quoted as describing it "as a very major breach."

After being discovered, the World Bank, headquartered only yards from the IMF in Washington DC, disconnected itself from the latter to avoid becoming a collateral victim. That suggests the malware had an unsurprising ability to spread.

This style of attack is identical to those sweeping over every organisation in the world of any political or economic significance as evidenced by a clutch of recent high-profile attacks. It is becoming easier to state who has not been attacked than who has, including the UK Government, Google, Sony, defence contractor Lockheed Martin, and most seriously or all, RSA Security.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: etwork, Google, IMF, International Monetary Fund, Lockheed Martin, RSA, Sony, World Bank
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: Personal Tech, security
Latest Blog Posts
Whitepapers
  • Eliminating Tape
    When it comes to storage and backup, the old tape may not ‘cut the mustard’ in today’s world. But how does one move on from tape? This Computerworld Australia Guide, sponsored by EMC, examines whether the Cloud will provide a viable long-term archiving option to magnetic tape. This guide also looks at eliminating tape by examining storage and backup alternatives, taking examples of organisations that have managed to overcome problems with tape. Read more.
    Learn more »
  • Stella Travel Services embarks on a strategic refresh of print operations
    Stella Travel Services embraces Managed Print Services (MPS) to deliver savings, centralise and consolidate print operations in order to gain control of print costs and streamline IT support. Read more.
    Learn more »
  • 10 Mobile Security Requirements for the Bring Your Own Device (BYOD) Enterprise
    An enterprise mobility strategy needs to include more than the provisioning and security services available through mobile application and MDM solutions. To meet the mobility and security requirements of mobile users, enterprises need to look at deploying a solution for mobile content management (MCM) that supports BYOD policies. Read this whitepaper to learn: Why provisioning for mobile users has become more complex; Ten requirements to consider when selecting a mobile content security solution.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments