Friday, June 17, 2011

Analysis: Who Might Be Behind Attempted IMF Data Hacking?

Via Reuters (June 13, 2011) -

A national government is the most likely culprit in an apparent cyber attack on the International Monetary Fund, say experts, given the complexity of the assault and its targeting of the organization's secrets.

With the IMF leadership up for grabs as it mulls Eurozone bailouts and global financial reform, there are no shortage of states who might like to read its mail.

Any confirmation of a country's involvement would become a major diplomatic incident.

"For what we can tell, the aim ... appears to be to gather intelligence rather than cause disruption," said John Bassett, a former senior official at Britain's signals intelligence agency GCHQ and now a senior fellow at the Royal United Services Institute.

"The intrusion appears to be sophisticated and well executed at an operational level (suggesting) that it originates from or is sponsored by a state."

For many, China topped the list of suspects. Chinese hackers have been suspected of being behind several recent data theft attempts including one aimed at breaching the security of Google's Gmail on accounts belonging to activists, US officials and others. Beijing angrily denies any government link.

But experts say almost every sophisticated state indulges in electronic snooping, whilst independent hackers potentially working for militant groups or even banks or investment funds could also be in the frame.

Philip Blank, an expert on security, risk and fraud at San Francisco-based Javelin Strategy and Research said the IMF "would be an extraordinarily attractive target." Other financial industry insiders agreed.

"Given how central the IMF is at the moment, there are plenty of people who would like to know what it is thinking," said one London-based currency markets veteran, asking not to be named because of the sensitivity of the issue.

"They range from the world's largest reserve holders -- which are the key emerging economies like China -- to brokerages and funds to the Eurozone governments themselves."

Access to IMF files might give a hacker access to not only details of its own policy of thoughts and internal debates but also those of other major powers, he said.


Larry Wortzel, a commissioner on the congressionally created U.S.-China Economic and Security Review Commission, said he suspected Chinese authorities had sought to pierce IMF networks to get inside information before meetings in Beijing last week with French Finance Minister Christine Lagarde, the frontrunner to replace Strauss-Kahn.

The bipartisan commission has accused Chinese hackers of infiltrating both the US and other international computer systems to gain information for commercial and strategic gain.

"You don't have to be Inspector Clouseau to figure this out," Wortzel, a retired U.S. Army colonel who served two tours as a military attache in China, said in a telephone interview, referring to the fictional French police detective. Wortzel said he did not have any forensic information to back his speculation. "To me, this is just practical common sense."


But Alexander Klimburg, a cyber security expert at the Austrian Institute for International affairs, said the source of the attacks could just as likely be from Russia.

Some security experts say both Moscow and Beijing in particular deliberately turn a blind eye to the activities of hackers in their territory providing they only attack foreign targets outside their borders.

Such hackers are believed to occasionally carry out work on behalf of governments as well as trading information for cash.

During the brief 2008 war between Georgia and Russia over breakaway South Ossetia, attacks disabled and took offline websites in all the countries involved.

Global coordination was key to countering the attacks, Klimburg said.

"This is potentially a great opportunity to launch a "communal" investigation into an attack on a "communal" institution," he said. "If the fingers can be pointed, they should be pointed. The only way to stop such attacks is "naming and shaming" and in this case... there is a clear global interest at stake."

No comments:

Post a Comment