The International Monetary Fund (IMF) said it is investigating a cybersecurity breach which led to the compromise of several internal email accounts.
The Washington-headquartered UN financial agency revealed in a brief statement on Friday that the incident was first detected on February 16.
“A subsequent investigation, with the assistance of independent cybersecurity experts, determined the nature of the breach, and remediation actions were taken,” it added.
“The investigation determined that 11 IMF email accounts were compromised. The impacted email accounts were re-secured. We have no indication of further compromise beyond these email accounts at this point in time. The investigation into this incident is continuing.”
Focused on sustainable growth for its 190 member countries, the US-led IMF could be a popular target for a cyber-espionage attack by state-sponsored actors – especially those working for countries receiving or negotiating debt bailouts from the fund.
However, a spokesperson told Reuters that no senior managers were impacted by the incident.
“The MD and her top leadership team were not targeted,” they reportedly said.
The IMF last suffered a major compromise back in 2011, when hackers exfiltrated data following a sophisticated spear phishing attack. That incident was so severe that its sister organization, the World Bank, was forced to cut its secure network links to the fund.
A source familiar with the matter told Reuters that the IMF took the decision to publicize the February 2024 attack to underline its commitment to transparency and as a reminder to employees to stick to internal cybersecurity policy.
According to a DTEX report published in September 2023, the average annual cost of insider risk-related incidents rose 40% over the previous four years to $16.2m.
“The IMF takes prevention of, and defense against, cyber incidents very seriously and, like all organizations, operates under the assumption that cyber incidents will unfortunately occur,” the fund’s statement concluded.
“The IMF has a robust cybersecurity program in place to respond quickly and effectively to such incidents.”
Image credit: Poetra.RH / Shutterstock.com