The computer systems of the International Monetary Fund (IMF) have been the target of a months-long hack attack, according to a cybersecurity expert who said the goal of the infiltration appeared to be to establish a presence within the system and gain inside information.
Reuters reported Monday that, although the IMF was told Wednesday about the attack, it had been going on for several months. On Sunday cybersecurity expert Mohan Koo, who is also the managing director of Dtex Systems, U.K., said in a statement, "The IMF attack was clearly designed to infiltrate the IMF with the intention of gaining sensitive 'insider privileged information.'"
The IMF’s Chief Information Officer Jonathan Palmer told staff that suspicious file transfers had been discovered, and that a desktop computer "had been compromised and used to access some Fund systems. At this point, we have no reason to believe that any personal information was sought for fraud purposes."
The IMF has said that it remains fully functional; it would disclose neither the nature of the attack nor the apparent goal of the hackers. According to Tom Kellerman, a cybersecurity expert who has worked for both the IMF and the World Bank, the hackers had attempted software installation on the IMF’s system that would provide a "digital insider presence" on the IMF’s network for a nation-state.
Jeff Moss, a self-described computer hacker and member of the Department of Homeland Security Advisory Committee, theorized that the intruders were working for a nation-state that wanted either to steal sensitive information about the IMF’s work or to embarrass the organization with the goal of reducing its power. Moss, chief security officer for ICANN, said in the report, "If they can't catch them, I'm afraid it might embolden others to try."