The IMF Has Been Hacked

The International Monetary Fund (IMF) has been hacked  The IMF has described the event as an "IT incident."  Computer experts have describe the 'cyber attack' on the IMF as serious, large and sophisticated, with unknown dimensions. It has potentially puts sensitive, confidential data about national economies at risk of exposure. The IMF holds highly confidential data about the fiscal conditions of its members. It is currently at the centre of the economic bailout programs for Portugal, Greece and Ireland. In response to the IMF hack, the World Bank severed the electronic link that allows the two institutions to share non-public data. Reports initially indicated the hack could have been a response to the Dominique Strauss-Kahn matter, although officials from the IMF have denied this, in fact saying multiple cyber attacks on the IMF had been occurring for several months.

The attacks were likely to have been made possible by a technique known as "spear phishing," in which an individual is fooled by a hacker into clicking on a malicious Web link or running a program that allows open access to the recipient's network. It is also possible that the attack was less specific, a case in which an intruder was testing the system merely to see what was available. Hackers refer to those who digitally intrude. They have the technical expertise to access electronic systems, perhaps to expose their abilities or to expose the unscrupulous actions of corporations, governments or international institutions. This is referred to as "hackitvism", and may be the case in relation to the IMF.

Corporations and public institutions are often hesitant to describe publicly the nature or success of attacks on their computer systems, partly for fear of providing information that would be useful to the individuals or countries mounting the efforts.  The IMF went to great lengths to initially deny the cyber attack and went to further efforts to deny it had anything to do with a digital break in at RSA Security that took place in March 2011.  Information stolen from RSA Security was later used to gain access to computers and networks at the Lockheed Martin Corporation, America's largest military contractor. The Lockheed Martin hack was described as a "massive cyber attack". Lockhead Martin described it as "significant", adding security had "detected the attack almost immediately and took aggressive actions to protect all systems and data." But not quickly or aggressively enough, it seems.

An RSA statement described the initial hack in the category of an Advanced Persistent Threat (APT). The RSA confirmed that information was extracted from RSA systems, specifically data related to RSA's SecurID two-factor authentication products." RSA SecurID two-factor authentication is based on something you know (a password or PIN) and something you have (an authenticator). It product affects emails as well as intranets and extranets and web servers. It was this that allowed the hack on Lockheed Martin.

Hackers have also recently penetrated 100 million Sony PlayStation accounts, the customer email databases of a company that does marketing for Best Buy and Target stores in the U.S. About 200,000 Citibank credit card customers in North America had their names, account numbers and email addresses stolen. U.S. Senator Democrat Robert Menendez has recently introduced bi-partisan amendments to the Cybersecurity Enhancement Act (2010) following cyber attacks on the Nasdaq Stock Market. Amendments to the Act, according to Menendez, are needed because: "We cannot allow security breaches to undermine our trust in the U.S. economy."

Tim Berners-Lee, creator of the World Wide Web in 1990, says the Web demonstrates a profound concept: that any person could share information with anyone else, anywhere. As Berners-Lee says: "The web is critical not merely to the digital revolution but to our continued prosperity, and even our liberty. Like democracy itself, it needs defending."

This view of the Web contrasts to that of the U.S. Cyber Consequences Unit (US-CCU). It provides assessments of the strategic and economic consequences of possible cyber attacks, investigates the likelihood of such attacks, and examines the cost-effectiveness of possible counter-measures.  While it estimates of the costs of ordinary hacker mischief and white-collar crime, its primary concern is the sort of larger scale attacks that could be mounted by criminal organizations, terrorist groups, rogue corporations, and nation states.

With national security increasing becoming the rationale to impinge on liberties, freedoms and rights, unfettered access to the Web is now more critical to free speech than any other medium. Web users should be free from being snooped on, filtered, censored and disconnected, especially in uncertain times. The consequences of the IMF hack attack remain to be seen, but as an institution near the core of the world financial system, the attack may foreshadow both serious damage and oppressive countermeasures.

Dr Jo Coghlan is a lecturer in Politics and International Relations at the School of Social Sciences and International Studies at the University of New South Wales, Sydney, Australia. She regularly contributes to Online Opinion, Australia's premier e-journal of social and political debate.

The International Monetary Fund (IMF) has been hacked  The IMF has described the event as an "IT incident."  Computer experts have describe the 'cyber attack' on the IMF as serious, large and sophisticated, with unknown dimensions. It has potentially puts sensitive, confidential data about national economies at risk of exposure. The IMF holds highly confidential data about the fiscal conditions of its members. It is currently at the centre of the economic bailout programs for Portugal, Greece and Ireland. In response to the IMF hack, the World Bank severed the electronic link that allows the two institutions to share non-public data. Reports initially indicated the hack could have been a response to the Dominique Strauss-Kahn matter, although officials from the IMF have denied this, in fact saying multiple cyber attacks on the IMF had been occurring for several months.

The attacks were likely to have been made possible by a technique known as "spear phishing," in which an individual is fooled by a hacker into clicking on a malicious Web link or running a program that allows open access to the recipient's network. It is also possible that the attack was less specific, a case in which an intruder was testing the system merely to see what was available. Hackers refer to those who digitally intrude. They have the technical expertise to access electronic systems, perhaps to expose their abilities or to expose the unscrupulous actions of corporations, governments or international institutions. This is referred to as "hackitvism", and may be the case in relation to the IMF.

Corporations and public institutions are often hesitant to describe publicly the nature or success of attacks on their computer systems, partly for fear of providing information that would be useful to the individuals or countries mounting the efforts.  The IMF went to great lengths to initially deny the cyber attack and went to further efforts to deny it had anything to do with a digital break in at RSA Security that took place in March 2011.  Information stolen from RSA Security was later used to gain access to computers and networks at the Lockheed Martin Corporation, America's largest military contractor. The Lockheed Martin hack was described as a "massive cyber attack". Lockhead Martin described it as "significant", adding security had "detected the attack almost immediately and took aggressive actions to protect all systems and data." But not quickly or aggressively enough, it seems.

An RSA statement described the initial hack in the category of an Advanced Persistent Threat (APT). The RSA confirmed that information was extracted from RSA systems, specifically data related to RSA's SecurID two-factor authentication products." RSA SecurID two-factor authentication is based on something you know (a password or PIN) and something you have (an authenticator). It product affects emails as well as intranets and extranets and web servers. It was this that allowed the hack on Lockheed Martin.

Hackers have also recently penetrated 100 million Sony PlayStation accounts, the customer email databases of a company that does marketing for Best Buy and Target stores in the U.S. About 200,000 Citibank credit card customers in North America had their names, account numbers and email addresses stolen. U.S. Senator Democrat Robert Menendez has recently introduced bi-partisan amendments to the Cybersecurity Enhancement Act (2010) following cyber attacks on the Nasdaq Stock Market. Amendments to the Act, according to Menendez, are needed because: "We cannot allow security breaches to undermine our trust in the U.S. economy."

Tim Berners-Lee, creator of the World Wide Web in 1990, says the Web demonstrates a profound concept: that any person could share information with anyone else, anywhere. As Berners-Lee says: "The web is critical not merely to the digital revolution but to our continued prosperity, and even our liberty. Like democracy itself, it needs defending."

This view of the Web contrasts to that of the U.S. Cyber Consequences Unit (US-CCU). It provides assessments of the strategic and economic consequences of possible cyber attacks, investigates the likelihood of such attacks, and examines the cost-effectiveness of possible counter-measures.  While it estimates of the costs of ordinary hacker mischief and white-collar crime, its primary concern is the sort of larger scale attacks that could be mounted by criminal organizations, terrorist groups, rogue corporations, and nation states.

With national security increasing becoming the rationale to impinge on liberties, freedoms and rights, unfettered access to the Web is now more critical to free speech than any other medium. Web users should be free from being snooped on, filtered, censored and disconnected, especially in uncertain times. The consequences of the IMF hack attack remain to be seen, but as an institution near the core of the world financial system, the attack may foreshadow both serious damage and oppressive countermeasures.

Dr Jo Coghlan is a lecturer in Politics and International Relations at the School of Social Sciences and International Studies at the University of New South Wales, Sydney, Australia. She regularly contributes to Online Opinion, Australia's premier e-journal of social and political debate.

RECENT VIDEOS