For Recent Cyberattacks, Motivations Vary The most recent attacks have targeted institutions, such as the International Monetary Fund, whose computer systems were thought to be relatively secure. The people hacking into these networks can be classified into hacktivists, cybercriminals and cyberspies.

For Recent Cyberattacks, Motivations Vary

  • Download
  • <iframe src="" width="100%" height="290" frameborder="0" scrolling="no" title="NPR embedded audio player">
  • Transcript


Here are some of the institutions hit by cyberattacks in the last few months: Lockheed Martin, Sony, the International Monetary Fund, Citibank, the U.S. Senate, and just yesterday the CIA. It's been a cyber-barrage. Some of the attacks are believed to have been carried out by activists with a political agenda. Others fit the classic pattern of espionage: governments or companies stealing secrets from each other for competitive advantage. NPR's Tom Gjelten has more.

TOM GJELTEN: There's nothing new about computer attacks. PandaLabs, headquartered in Spain, has been researching cyber-threats for more than 20 years. But Luis Gorrons, the company's technical director, says the latest are what he calls first-class attacks.

Mr. LUIS GORRONS (Technical Director, PandaLabs): We were always seeing different attacks to smaller or medium companies, but now we are seeing that many big companies are being targeted and are being successfully attacked.

GJELTEN: The people hacking into these big computer networks are for the most part highly sophisticated, with advanced tools and software. But their motivations vary. There are, for example, the hacktivists who break into networks largely just to disrupt them and make a political point. The recent penetration of U.S. Senate computers fit this pattern. Last night, hackers claimed to have hit the CIA website.

There are cyber-criminals out for money, through Citibank, for example. And then there are the cyber-spies who want to steal military secrets from a defense contractor like Lockheed Martin, or financial data from the IMF. Anup Ghosh is chief executive of InVINcea, a cybersecurity firm.

Mr. ANUP GHOSH (Chief Executive, InVINcea): If someone is breaching a defense contractor, it's probably at the behest of a foreign nation. If someone is breaching the IMF, it's probably at the behest of a foreign nation who's looking for competitive intel on what's going on.

GJELTEN: The International Monetary Fund decides which governments deserve financial bailouts, under what conditions, and the fund's actions have enormous implications for the global economy. So Tom Kellerman, chief technology officer for AirPatrol Corporation, has no trouble imagining why a cyber-spy would want to access IMF data.

Mr. TOM KELLERMAN (Chief Technology officer, AirPatrol Corporation): If I can jump into the pool of water that is the IMF system, I can not only read the minds of the central banking community, but I can also manipulate currency and bond markets around the world.

GJELTEN: He'd know ahead of time which country's currency is likely to rise or fall in value, which government debts are likely to get paid off and which aren't. And he'd know what negotiating stance IMF officials will take with a member government. Those are important secrets. Kellerman, who used to manage cybersecurity at the World Bank, says the IMF has long favored physical security over the protection of its computer networks.

Mr. BELLERMAN: The most important thing was protecting the executives and the decision makers and the conference rooms wherein they made serious global decisions that had implications on the global financial markets.

GJELTEN: But Kellerman says the fund security officers neglected to protect against cyber intrusions; as a consequence, hackers were able to penetrate, in his words, the inner sanctums of the institution and capture what they saw there.

It's not clear who might have been responsible for the IMF attack. Governments would probably have the greatest interest in IMF data and confidential information. But Anup Ghosh of InVINcea says some well-financed private groups are engaged in what he calls widespread and indiscriminate looting of secret data, perhaps on behalf of some government.

Mr. AHUP GHOSH (InVINcea): The IMF, as an example, was breached in sort of this wild indiscriminate looting. The person who's gathering that data may try to sell it in underground markets to sort of the highest bidder.

GJELTEN: Breaking into the IMF computer system to grab secret data that governments can use to promote their own economic interest - one example of how cyberattacks are now occurring on a level previously unimaginable.

Tom Gjelten, NPR News, Washington.

Copyright © 2011 NPR. All rights reserved. Visit our website terms of use and permissions pages at for further information.

NPR transcripts are created on a rush deadline by Verb8tm, Inc., an NPR contractor, and produced using a proprietary transcription process developed with NPR. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.