The International Monetary Fund (IMF) has been subject to a ‘sustained’ cyberattack, it emerged on Friday. The Fund underwent an attempt to install a digital insider presence and a ‘large quantity’ of documents and emails were stolen. News of the attack, alleged by an insider to be ‘state based’, followed an internal warning on June 1st about a surge in phishing-type attacks on IMF employees’ email.
Frank Kenney, VP for Global Strategy at Ipswitch File Transfer, and former senior Gartner analyst, said: “Document formats are not secure. Email is definitely not secure. Without controls over who sees what and when, within an organisation, a digital insider can have free rein over data. And if employees are putting sensitive data in emails, other controls are gravely undermined.”
“The message of these attacks is simple. Secure data at rest and in transit, and implement a policy to control who sees what and when. Don’t entrust anything you wouldn’t want made public to email attachments.”