Sunday

23rd Feb 2020

Hackers break into OECD computer system

  • OECD ministerial meeting. The body's spokesman said: 'What we know is it's quite a sophisticated attack' (Photo: oecd.org)

The OECD, the Paris-based club of the world's 33 richest countries, has been successfully hacked by people looking for sensitive information on money laundering, high-level corruption and tax evasion.

OECD spokesman Stephen Di Biasio told EUobserver by phone from France on Thursday (4 November) that the body first detected "unusual" activity in its IT network in August and is still battling to get malware out of its computers three months later despite calling in help from the French security services and private cyber-defence companies.

Read and decide

Join EUobserver today

Support quality EU news

Get instant access to all articles — and 20 years of archives. 14-day free trial.

... or join as a group

"We've got a team trying to close down their points of entry, but we're not in a position today to say we've cleared them out of our system," he said.

"What we know is it's quite a sophisticated attack. We've got quite high levels of security protocols at the OECD and this has been able to bypass those security measures ... What we are seeing is that it's not a destructive attack. It's obviously fishing for information. Because the OECD works in such a broad array of areas, they are searching around to see what they can get."

Mr Di Biasio said the malware appears to have got in via a USB memory stick and that the attacks are coming from "different geographical areas, quite a few points in Asia." He was unable to say if the assault involves a government or a private entity.

"The suspicion is it came in via USB keys. Our agents travel around the world. They often go to conferences - there are exchanges of information, exchanges of USB keys."

The OECD describes itself as a body which "brings together the governments of countries committed to democracy and the market economy." It collects economic data and conducts inter-governmental talks on issues including high-level government and corporate corruption, money laundering and tax evasion. Its members include 20 EU countries, as well as Canada, Israel, Japan, Switzerland, Turkey and the US.

News of the hack first came out in the specialist, Paris-based publication Intelligence Online on Wednesday, one day before a major EU cyber-security exercise.

The EU simulation, Cyber Europe 2010, is being organised by Enisa, the EU's Crete-based information security agency, and the Joint Research Centre, the European Commission's science wing in Brussels. Modeled on the larger US exercise, Operation Cyber Storm III, launched earlier this year, the EU project is billed as the first-ever pan-European effort of its type.

The exercise began at 10am Brussels time on Thursday and is to last until the evening of the same day. It consists of attempts to install and block fake malware on "critical online services" by around 130 experts sitting at their computers in an operations centre in Crete and in remote locations around Europe.

The exercise involves 20 EU countries plus Norway and Switzerland. EU member states Bulgaria, Cyprus, Luxembourg, Malta, Poland, Slovenia and Spain, as well as non-EU country Iceland, are taking part as observers. The UK's Office of Cyber Security and CERT, the Computer Emergency Response Team in Estonia, are among those at the heart of the exercise.

"We will have electronic elections in March, so we have also been conducting our own internal exercises concerning that," CERT spokeswoman Katrin Pargmae told this website.

Commenting on the outcome of Thursday's experiment, Enisa spokesman Ulf Bergrstrom noted: "If we do find holes and gaps in procedures and channels we will firstly need to plug these holes before we can reveal where they need to be plugged."

Asked if Nato was involved in this simulation, since it is active in the field of cyber defence, Jonathan Todd, a spokesman for the EU commission said: "No. This is the first time such an exercise is being organised, but in future we may look at more complex scenarios."

The European Commission in September proposed a new law to put hackers in jail for up to five years and to give Enisa new powers to fight internet crime.

No breakthrough at EU budget summit

EU leaders failed to reach agreement on the EU's long-term budget, as richer states and poorer 'cohesion countries' locked horns. The impasse continues over how to fund the Brexit gap.

EU leaders struggling to break budget deadlock

Cuts to innovation, space, neighbourhood and other programme-spending push down the latest budget proposal on the table of EU leaders. Rebates could stay on, to win the support of the net-payers for a deal.

Unhappy EU leaders begin budget haggle

EU leaders arriving at the Brussels summit criticised the budget proposal of EU Council president Charles Michel, as richer member states insisted holding onto their rebates, while poorer countries wanted to avoid deep cuts to their subsidies.

News in Brief

  1. Bulgarian PM investigated over 'money laundering'
  2. Greenpeace breaks into French nuclear plant
  3. Germany increases police presence after shootings
  4. NGO: US and EU 'watering-down' tax reform prior to G20
  5. Iran: parliamentary elections, conservatives likely to win
  6. Belgian CEOs raise alarm on political crisis
  7. Germans voice anger on rise of far-right terrorism
  8. EU leaders' budget summit drags on overnight

Vietnam sent champagne to MEPs ahead of trade vote

A trade deal with Vietnam sailed through the European Parliament's international trade committee and after its embassy sent MEPs bottles of Moet & Chandon Imperial champagne over Christmas.

Feature

Promises and doubts: Africa's free-trade adventure

The EU is hoping that a continent-wide free trade agreement in Africa will help lift millions out of poverty and help solve issues of security and migration. But its message of values and equal partnership do not resonate with everyone.

Stakeholders' Highlights

  1. Nordic Council of MinistersScottish parliament seeks closer collaboration with the Nordic Council
  2. UNESDAFrom Linear to Circular – check out UNESDA's new blog
  3. Nordic Council of Ministers40 years of experience have proven its point: Sustainable financing actually works
  4. Nordic Council of MinistersNordic and Baltic ministers paving the way for 5G in the region
  5. Nordic Council of MinistersEarmarked paternity leave – an effective way to change norms
  6. Nordic Council of MinistersNordic Climate Action Weeks in December

Latest News

  1. No breakthrough at EU budget summit
  2. EU leaders struggling to break budget deadlock
  3. German ex-commissioner Oettinger lands Orban job
  4. How big is Germany's far-right problem?
  5. Plastic and carbon proposals to help plug Brexit budget gap
  6. Sassoli repeats EU budget rejection warning
  7. Why Miroslav Lajčák is the wrong choice for EU envoy
  8. Unhappy EU leaders begin budget haggle

Join EUobserver

Support quality EU news

Join us