Image: IMF nameplate in Washington
Jonathan Ernst  /  Reuters
The Federal Bureau of Investigation is helping to investigate the cyberattack targeting the IMF, according to a Defense Department spokeswoman.
msnbc.com news services
updated 6/12/2011 5:52:54 AM ET 2011-06-12T09:52:54

The International Monetary Fund has become the latest known target of a significant cyber attack.

A cybersecurity expert who has worked for both the Washington-headquartered IMF and the World Bank, its sister institution, said the intruders' goal had been to install software that would give a nation-state a "digital insider presence" on the IMF network.

Such a presence could yield a trove of non-public economic data used by the fund to promote exchange rate stability, support balanced international trade and provide resources to remedy members' balance-of-payments crises. The intergovernmental group oversees the global financial system and brings together 187 member nations.

"It was a targeted attack," said Tom Kellerman, who has worked for both international financial institutions and who serves on the board of a group known as the International Cyber Security Protection Alliance.

Story: US underwrites Internet detour around censors

The code used in the IMF incident was developed specifically for the attack on the institution, said Kellerman, formerly responsible for cyber-intelligence within the World Bank's treasury team and now chief technology officer at AirPatrol, a cyber consultancy.

Jeff Moss, a self-described computer hacker and member of the Department of Homeland Security Advisory Committee, also said he believed the attack was conducted on behalf of a nation-state looking to either steal sensitive information about key IMF strategies or embarrass the organization to undermine its clout.

'IT incident'
IMF spokesman David Hawley said the organization is fully functional. He declined to provide further details on what he termed an "IT incident," including its scope or nature and whether any sensitive data were taken.

He also declined to respond to requests for comment on Kellerman's conclusion about the intruders' goal.

  1. Only on NBCNews.com
    1. OWN via Getty Images
      From belief to betrayal: How America fell for Armstrong
    2. pool via Reuters file
      US to Syria neighbors: Be ready to act on WMDs
    3. China: One-child policy is here to stay
    4. NRA: Practice Range
      New 'Practice Range' shooter game says it’s from NRA
    5. 'Gifted' priest indicted in crystal meth case
    6. AFP - Getty Images
      China's state media admits to air pollution crisis
    7. AFP - Getty Images
      French to send 1,000 more troops to Mali

The New York Times cited unnamed IMF officials as saying the attack was sophisticated and serious. The assault reportedly lasted several months.

The Federal Bureau of Investigation is helping to investigate the incident, according to a Defense Department spokeswoman.

The IMF told staffers about the attack on Wednesday.

Story: Teen held over cyber attacks targeting US government

Cybersecurity experts cautioned it might be difficult for investigators to prove which nation was behind the attack.

"Even developing nations are able to leverage the Internet in order to change their standing and ability to influence," said Jeffrey Carr, author of the book, "Inside Cyber Warfare."

"It's something they never could have done before without gold or without military might," Carr said.

Computer link cut
The IMF is already facing a public-relations headache after the arrest of Dominique Strauss-Kahn, who resigned as IMF chief last month after being accused of sexually assaulting a maid in a New York hotel.

Concerns about the IMF attack were great enough that the World Bank cut a computer link that allows the two organizations to share non-sensitive information, according to a bank official. The move was taken out of "an abundance of caution," said the official, who spoke on condition of because of the security issues around the incident.

The IMF attack follows a string of major data breaches.

In recent months, hackers have penetrated 100 million Sony PlayStation accounts and the customer email databases of a company that does marketing for Best Buy and Target stores.

Google has accused Chinese hackers of targeting the Gmail accounts of U.S. government officials.

Video: Big firms, customers fall victim to hackers (on this page)

About 200,000 Citibank credit card customers in North America had their names, account numbers and email addresses stolen.

'The next Pearl Harbor'
Lockheed Martin Corp, the Pentagon's No. 1 supplier by sales and the biggest information technology provider to the U.S. government, also disclosed two weeks ago that it had thwarted a "significant" cyber attack. It said it had become a "frequent target of adversaries around the world."

Experts say cyber threats are increasing worldwide. CIA Director Leon Panetta told the U.S. Congress this week the United States faced the "real possibility" of a crippling cyber attack.

"The next Pearl Harbor that we confront," he said, could be a cyber attack that "cripples our power systems, our grid, our security systems, our financial systems, our governmental systems."

"This is a real possibility in today's world," Panetta told a June 9 confirmation hearing in his bid to become the next U.S. defense secretary.

The Associated Press and Reuters contributed to this report.

Video: Big firms, customers fall victim to hackers

Discuss:

Discussion comments

,

Most active discussions

  1. votes comments
  2. votes comments
  3. votes comments
  4. votes comments