IMF hacked through phishing

Powered by SC Magazine
 

Spear phishing fingered in attack.

The International Monetary Fund was hacked in an attack that led a spooked World Bank to cut a network link to the organisation.

The IMF, which informed its directors of the incident on Wednesday, had not provided public details on the attack including if the highly sensitive data it held on the fiscal state of nations was compromised.

One official who spoke to the New York Times described the attack as a "very major breach" which had occurred over several months.

The World Bank "out of an abundance of caution" had cut a link with the IMF used to share less sensitive information and briefly terminated external access to its systems.

While the IMF hack did not exploit RSA's compromised SecurID tokens, both companies were attacked via spear phishing.

RSA annunced the attack on SecurID in March which was launched by sending a spear phishing email that contained a compromised Adobe file. Once an RSA staffer had opened the file, the attackers were able to launch exploits and eventually gain access to the company's network.

McAfee chief security officer Brett Whalin said the use of spear phishing had increased.

"To accentuate the damage of [sophisticated attacks] is to exploit social engineering".

He advised organisations to educate their staff about the dangers of talking to strangers or those not authorised to receive information.

Copyright © SC Magazine, Australia


IMF hacked through phishing
 
 
 
Top Stories
Myer CIO named retailer's new chief executive
Richard Umbers to lead data-driven retail strategy.
 
Empty terminals and mountains of data
Qantas CIO Luc Hennekens says no-one is safe from digital disruption.
 
BoQ takes $10m hit on Salesforce CRM
Regulatory hurdles end cloud pilot.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  35%
 
Your insurance company
  5%
 
A technology company (Google, Facebook et al)
  9%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  4%
 
A Federal Government agency (ATO, Centrelink etc)
  18%
 
An Australian law enforcement agency (AFP, ASIO et al)
  15%
 
A State Government agency (Health dept, etc)
  7%
TOTAL VOTES: 4012

Vote
Do you support the abolition of the Office of the Information Commissioner?

   |   View results
I support shutting down the OAIC.
  27%
 
I DON'T support shutting the OAIC.
  73%
TOTAL VOTES: 1371

Vote