The International Monetary Fund (IMF) says that they have been targeted by a “sophisticated cyber attack”.
The IMF officials gave a few details but said the attack earlier this year had been “a very major breach” of its systems, the New York Times reports. It is believed that the hack was designed to install software that would have created a “digital insider presence”.
The cyber attack took place over several months, and happened before former IMF chief Dominique Strauss-Kahn was arrested over sexual assault charges.
The New York Times said IMF staff had been told of the intrusion on Wednesday by e-mail, but that the Fund had not made a public announcement. The e-mail warned that “suspicious file transfers” had been detected and that an investigation had shown a desktop at the Fund had been “compromised and used to access some Fund systems”.
There was “no reason to believe that any personal information was sought for fraud purposes,” it said.
A cyber security expert told Reuters the infiltration had been a targeted attack which installed software designed to give a nation state a “digital insider presence” at the IMF.
“The code was developed and released for this purpose,” said Tom Kellerman, who has worked for the Fund.
The IMF holds many pieces of sensitive and private economic data about various countries and according to the BBC, the attack was itself connected to a foreign government, although it is expected to be very hard to trace.
The World Bank said it briefly cut its network connection with the Fund out “an abundance of caution”.
“The World Bank Group, like any other large organisation, is increasingly aware of potential threats to the security of our information system and we are constantly working to improve our defences,” said spokesman Rich Mills.