Analysis: Who might be behind attempted IMF data hacking?
LONDON/WASHINGTON (Reuters) - A national government is the most likely culprit in an apparent cyber attack on the International Monetary Fund, say experts, given the complexity of the assault and its targeting of the organization's secrets.
With the IMF leadership up for grabs as it mulls Eurozone bailouts and global financial reform, there are no shortage of states who might like to read its mail.
Any confirmation of a country's involvement would become a major diplomatic incident.
"For what we can tell, the aim ... appears to be to gather intelligence rather than cause disruption," said John Bassett, a former senior official at Britain's signals intelligence agency GCHQ and now a senior fellow at the Royal United Services Institute.
"The intrusion appears to be sophisticated and well executed at an operational level (suggesting) that it originates from or is sponsored by a state."
For many, China topped the list of suspects. Chinese hackers have been suspected of being behind several recent data theft attempts including one aimed at breaching the security of Google's Gmail on accounts belonging to activists, US officials and others. Beijing angrily denies any government link.
But experts say almost every sophisticated state indulges in electronic snooping, whilst independent hackers potentially working for militant groups or even banks or investment funds could also be in the frame.
Philip Blank, an expert on security, risk and fraud at San Francisco-based Javelin Strategy and Research said the IMF "would be an extraordinarily attractive target." Other financial industry insiders agreed.
"Given how central the IMF is at the moment, there are plenty of people who would like to know what it is thinking," said one London-based currency markets veteran, asking not to be named because of the sensitivity of the issue.
"They range from the world's largest reserve holders -- which are the key emerging economies like China -- to brokerages and funds to the Eurozone governments themselves."
Access to IMF files might give a hacker access to not only details of its own policy of thoughts and internal debates but also those of other major powers, he said.
The most immediately time and market sensitive information would relate to Greece, he said, with the IMF and EU needing to offer new bailouts by the end of the month to avoid default.
Other issues of interest might include the latest thinking on the creation of a global reserve currency and the latest maneuvering to replace former IMF chief Dominique Strauss-Kahn, he said. Strauss-Kahnresigned after being accused of a sexual assault on a domestic worker in a New York hotel room.
Rick Dakin, CEO and senior security strategist at IT audit and compliance firm Coalfire Systems, speculated the hacking attempt might be an effort by unidentified terrorists or militants to undermine the IMF and global system.
"The IMF provides a path to improve the living conditions in nations who are struggling to break free from the bonds of the past and move to the future," he said.
"If the credibility and reliability of the IMF can be jeopardized, the terrorists can protect their safe havens and prevent economies from joining the rest of the western world."
Larry Wortzel, a commissioner on the congressionally created U.S.-China Economic and Security Review Commission, said he suspected Chinese authorities had sought to pierce IMF networks to get inside information before meetings in Beijing last week with French Finance Minister Christine Lagarde, the frontrunner to replace Strauss-Kahn.
The bipartisan commission has accused Chinese hackers of infiltrating both the US and other international computer systems to gain information for commercial and strategic gain.
"You don't have to be Inspector Clouseau to figure this out," Wortzel, a retired U.S. Army colonel who served two tours as a military attache in China, said in a telephone interview, referring to the fictional French police detective. Wortzel said he did not have any forensic information to back his speculation. "To me, this is just practical common sense."
Wang Baodong, a spokesman for the Chinese embassy in Washington, did not immediately respond to a request for comment but Beijing steadfastly dismisses such charges.
"As a victim itself, China is firmly against hacking activities and strongly for international cooperation on this front," the Chinese spokesman said last month after Lockheed Martin Corp, the Pentagon's No. 1 supplier by sales, said it had thwarted a "significant" cyber attack on its network that some officials said had likely originated in China.
But Alexander Klimburg, a cyber security expert at the Austrian Institute for International affairs, said the source of the attacks could just as likely be from Russia.
Some security experts say both Moscow and Beijing in particular deliberately turn a blind eye to the activities of hackers in their territory providing they only attack foreign targets outside their borders.
Such hackers are believed to occasionally carry out work on behalf of governments as well as trading information for cash.
During the brief 2008 war between Georgia and Russia over breakaway South Ossetia, attacks disabled and took offline websites in all the countries involved.
Global coordination was key to countering the attacks, Klimburg said.
"This is potentially a great opportunity to launch a "communal" investigation into an attack on a "communal" institution," he said. "If the fingers can be pointed, they should be pointed. The only way to stop such attacks is "naming and shaming" and in this case... there is a clear global interest at stake."