‘Cyber Crime on IMF May Point to RSA Security Breach’
A security expert at Sophos has claimed the recent cyber crime that hit security firm RSA may have been linked to the latest attack against the International Monetary Fund (IMF).
Late last week, the IMF admitted to an attack that compromised some of its systems and exposed internal data to unauthorized parties. The inter-governmental group that oversees the global financial system deemed the attack to be serious enough to have prompted the World Bank to cut its computer connection with the IMF.
Fortunately for the World Bank, no attack has taken place and the connection has been immediately restored.
Senior technology consultant at Sophos, Graham Cluley, said the March 2011 cyber crime that hit RSA, where its two-factor identification products were hacked, may give rise to speculation that the attack on the IMF has been connected to the said security breach.
On June 8, the IMF announced the replacement of its RSA SecurID tokens used for authentication.
At the same time, IMF’s chief information officer, Jonathan Palmer, told the staff in a memo that his team has spotted a suspicious transfer of files and that a desktop computer “had been compromised and used to access some Fund systems.”
Palmer, however, watered down speculations the fraud was meant to compromise any personal information.
The cyber crime took place one month after RSA launched its CyberCrime Intelligence Service. The attack was categorized as an Advanced Persistent Threat, an attack vector that refers to foreign nations attempting to persistently target a specific entity.
However, a source from the IMF denied allegations that the RSA attack is connected to the IMF cyber crime.
According to Tom Kellermann, a cyber security specialist at IMF and in charge of cyberintelligence in the World Bank’s treasury team, the cyber crime could have exposed non-public information used by the IMF to promote stability of exchange rate, help balance the international trade, and provide resources to alleviate the balance-of-payments crises of its members.
Kellermann described the cyber crime as a “targeted attack,” saying the code used to compromise the Fund systems of IMF was developed specifically to attack certain institutions.
On the other hand, Cluley said: “It seems a single day can’t pass without a well-known institution making the headlines for being the victim of a hacking attack or loss of sensitive data.
“All organisations need to take the seemingly growing tide of internet attacks as a warning sign, and ensure that they have strong defences in place and that every member of staff has been trained in best practices to reduce the risk.”
Earlier this month, a phishing scam allegedly coming from China has targeted specific individuals, including senior US government officials, Chinese political activists, officials in several Asian countries (predominantly South Korea), military personnel, and journalists. The cyber crime took place as Gmail accounts of these individuals were hacked.