The New York Times reported this weekend on a potentially serious breach at the International Monetary Fund (I.M.F.). The Times reports that the breach occurred perhaps several months ago, yet the fund only disclosed this to internal staff and board members on Wednesday. Other than the report from the Times, there is not a lot of available information about the incident. The I.M.F. itself has made no public statement about the breach. Surprising for an organization that is capable of a half-dozen news releases in a single day.
The Times mentions spear phishing, but this is only speculation at this point. While spear phishing might be top-of-mind considering that it was the keystone attack vector in the RSA breach, we have not yet seen any specific reports on the attack vector.
What’s astounding is the seemingly endless acceleration of the breach incidents this year. Sony (I lost count at a dozen incidents), Lockheed Martin, RSA, Citigroup, …
It will be interesting to see how this story develops.