Skip Navigation

Close and don't show again.

Your browser is out of date.

You may not get the full experience here on National Journal.

Please upgrade your browser to any of the following supported browsers:

Hack of IMF Data Raises Global Worries Hack of IMF Data Raises Global Worries

This ad will end in seconds
Close X

Want access to this content? Learn More »

Forget Your Password?

Don't have an account? Register »

Reveal Navigation



Hack of IMF Data Raises Global Worries


The logo of the International Monetary Fund (IMF) at the organization's headquarters in Washington, DC, May 16, 2011. The organization's director, Dominique Strauss-Kahn, faced arraignment in New York earlier Monday on allegations of sexual assault. AFP PHOTO / Saul LOEB (Photo credit should read SAUL LOEB/AFP/Getty Images)(SAUL LOEB/AFP/Getty Images)

As world leaders grapple with the news that unidentified hackers have infiltrated the International Monetary Fund and obtained a large quantity of data, some computer security and financial services experts speculated that such an attack on U.S. financial regulatory agencies would not likely originate in China.

Various media outlets, including Bloomberg, have implied that the Chinese government is responsible for the IMF breach. Data about financially strapped countries and advanced information about monetary policies could be valuable to political adversaries, including China. The fund, which tracks the economic stability of its 187 members by studying statistics on each nation's financial risk, currently is embroiled in politically controversial bailouts of European countries as it seeks to replace IMF chief Dominique Strauss-Kahn, whose abrupt departure last month in the wake of sexual assault charges sparked an international competition to fill the vacancy.


As for the potential of a similar intrusion at the Treasury or Commerce departments, or the Federal Reserve, "if you're looking at a foreign nation state like China, they will wait a generation before launching a full-blown attack" against federal agencies that regulate the U.S. financial system, because that might trigger a war, said Charles Dodd, a national security consultant on offensive cyberoperations. Dodd noted that while China possesses significant offensive cybercapabilities, it lacks the military force to respond should a cyberattack lead to conventional war with the United States.

But should that day ever come, it would be easy to undermine the U.S. economy and consumer confidence by corrupting those agencies' networks, he said.

"If you can manipulate the data and gain an advantage—that is the path of least resistance," Dodd said. "If they hack into a defense contractor and steal the avionics [designs], they still have to sell that information, there's still a broker involved. If they just go in there and manipulate what's in the Federal Reserve and Treasury... they get that benefit very quickly."


China has been blamed for numerous cyberincidents over the past few years. Most recently, operatives apparently based in China targeted the Gmail accounts of hundreds of users, including the personal accounts of senior federal officials, to steal their e-mail passwords and presumably read their contents, Google officials said on June 1.

Darren Hayes, a computer forensics specialist who spent a decade advising financial services companies, said that right now the Chinese government has less motive to compromise U.S. financial regulators' systems because it is wary of disturbing the American market's integrity.

"China does have a vested interest in the U.S. financial systems, given the amount of money they've invested in U.S. treasuries and the amount of debt they've purchased," he said."Attacking a critical infrastructure like that could be detrimental to their investments," if people unload treasuries, for example.

But Treasury and Federal Reserve computers have been and will continue to be vulnerable to people seeking insider information, other security experts said.


"Both these organizations contain highly confidential market-moving kinds of data," such as loan program policies, said Ashar Aziz, chief executive officer of computer security firm FireEye, which helped take down the Rustock spamming network. "An early view of the policies would allow any organization or individual to take financial advantage of this knowledge."

IMF officials did not respond to requests for information.

Stay up-to-date with federal technology news alerts and analysis—sign up for Nextgov's email newsletters.
comments powered by Disqus