23rd Mar 2018

Hackers break into OECD computer system

  • OECD ministerial meeting. The body's spokesman said: 'What we know is it's quite a sophisticated attack' (Photo:

The OECD, the Paris-based club of the world's 33 richest countries, has been successfully hacked by people looking for sensitive information on money laundering, high-level corruption and tax evasion.

OECD spokesman Stephen Di Biasio told EUobserver by phone from France on Thursday (4 November) that the body first detected "unusual" activity in its IT network in August and is still battling to get malware out of its computers three months later despite calling in help from the French security services and private cyber-defence companies.

Thank you for reading EUobserver!

Subscribe now for a 30 day free trial.

  1. €150 per year
  2. or €15 per month
  3. Cancel anytime

EUobserver is an independent, not-for-profit news organization that publishes daily news reports, analysis, and investigations from Brussels and the EU member states. We are an indispensable news source for anyone who wants to know what is going on in the EU.

We are mainly funded by advertising and subscription revenues. As advertising revenues are falling fast, we depend on subscription revenues to support our journalism.

For group, corporate or student subscriptions, please contact us. See also our full Terms of Use.

If you already have an account click here to login.

"We've got a team trying to close down their points of entry, but we're not in a position today to say we've cleared them out of our system," he said.

"What we know is it's quite a sophisticated attack. We've got quite high levels of security protocols at the OECD and this has been able to bypass those security measures ... What we are seeing is that it's not a destructive attack. It's obviously fishing for information. Because the OECD works in such a broad array of areas, they are searching around to see what they can get."

Mr Di Biasio said the malware appears to have got in via a USB memory stick and that the attacks are coming from "different geographical areas, quite a few points in Asia." He was unable to say if the assault involves a government or a private entity.

"The suspicion is it came in via USB keys. Our agents travel around the world. They often go to conferences - there are exchanges of information, exchanges of USB keys."

The OECD describes itself as a body which "brings together the governments of countries committed to democracy and the market economy." It collects economic data and conducts inter-governmental talks on issues including high-level government and corporate corruption, money laundering and tax evasion. Its members include 20 EU countries, as well as Canada, Israel, Japan, Switzerland, Turkey and the US.

News of the hack first came out in the specialist, Paris-based publication Intelligence Online on Wednesday, one day before a major EU cyber-security exercise.

The EU simulation, Cyber Europe 2010, is being organised by Enisa, the EU's Crete-based information security agency, and the Joint Research Centre, the European Commission's science wing in Brussels. Modeled on the larger US exercise, Operation Cyber Storm III, launched earlier this year, the EU project is billed as the first-ever pan-European effort of its type.

The exercise began at 10am Brussels time on Thursday and is to last until the evening of the same day. It consists of attempts to install and block fake malware on "critical online services" by around 130 experts sitting at their computers in an operations centre in Crete and in remote locations around Europe.

The exercise involves 20 EU countries plus Norway and Switzerland. EU member states Bulgaria, Cyprus, Luxembourg, Malta, Poland, Slovenia and Spain, as well as non-EU country Iceland, are taking part as observers. The UK's Office of Cyber Security and CERT, the Computer Emergency Response Team in Estonia, are among those at the heart of the exercise.

"We will have electronic elections in March, so we have also been conducting our own internal exercises concerning that," CERT spokeswoman Katrin Pargmae told this website.

Commenting on the outcome of Thursday's experiment, Enisa spokesman Ulf Bergrstrom noted: "If we do find holes and gaps in procedures and channels we will firstly need to plug these holes before we can reveal where they need to be plugged."

Asked if Nato was involved in this simulation, since it is active in the field of cyber defence, Jonathan Todd, a spokesman for the EU commission said: "No. This is the first time such an exercise is being organised, but in future we may look at more complex scenarios."

The European Commission in September proposed a new law to put hackers in jail for up to five years and to give Enisa new powers to fight internet crime.

Merkel in Paris for eurozone reform talks

Angela Merkel - who started her fourth term as Germany's chancellor earlier this week - is wasting no time on big issues like eurozone reforms. On Friday she is meeting Emmanuel Macron where the two will seek common ground.

EU insists on US tariffs exemption

Europe is "an ally, not a threat", the EU Commission says - as the US is poised to impose duties in steel and aluminium. Common action on Chinese steel overcapacity could help diffuse the crisis.

Trump starts countdown to EU trade war

EU sales of steel to US to face 25 percent tariff from 23 March, with Europe to hit back on motorbikes and bourbon in looming trade war.

VW dismisses complaints on Dieselgate fix

'I think customers who want to get information (...) are able to receive information if they want," VW management board member Hiltrud Werner told EUobserver. Consumer groups disagree.

News in Brief

  1. EU will be exempted from tariffs, says US minister
  2. Malmstroem: EU 'hopes' for US tariffs exemption
  3. Parliament must publish 'trilogue' documents, court says
  4. Italy's centre-right set to share top posts with 5-star movement
  5. Brussels condemns tear gas in Kosovo parliament
  6. Finland pays billionaire €400,000 in EU farm subsidies
  7. 44 leaders sign up for Africa free trade area deal
  8. British 'blue' passports to be made in EU

Stakeholders' Highlights

  1. EUobserverStart a Career in EU Media. Apply Now to Become Our Next Sales Associate
  2. EUobserverHiring - Finance Officer With Accounting Degree or Experience - Apply Now!
  3. ECR GroupAn Opportunity to Help Shape a Better Future for Europe
  4. Counter BalanceControversial Turkish Azerbaijani Gas Pipeline Gets Major EU Loan
  5. World VisionSyria’s Children ‘At Risk of Never Fully Recovering', New Study Finds
  6. Macedonian Human Rights MovementMeets with US Congress Member to Denounce Anti-Macedonian Name Negotiations
  7. Martens CentreEuropean Defence Union: Time to Aim High?
  8. UNESDAWatch UNESDA’s President Toast Its 60th Anniversary Year
  9. AJC Transatlantic InstituteAJC Condemns MEP Ana Gomes’s Anti-Semitic Remark, Calls for Disciplinary Action
  10. EPSUEU Commissioners Deny 9.8 Million Workers Legal Minimum Standards on Information Rights
  11. ACCAAppropriate Risk Management is Crucial for Effective Strategic Leadership
  12. EPSUWill the Circular Economy be an Economy With no Workers?

Latest News

  1. EU summit takes hard look at Russia
  2. Germany casts doubt on Austrian intelligence sharing
  3. EU leaders set for 'stormy debate' on digital tax at summit
  4. EU praises Turkey on migrant deal despite Greek misery
  5. Judicial reforms 'restore balance', Poland tells EU
  6. Whistleblower fears for life as US arrests Malta bank chair
  7. Behind the scenes at Monday's EU talks on Russia
  8. US yet to push on Nord Stream 2 sanctions

Stakeholders' Highlights

  1. European Jewish CongressThe 2018 European Medal of Tolerance Goes to Prince Albert II of Monaco
  2. FiscalNoteGlobal Policy Trends: What to Watch in 2018
  3. Human Rights and Democracy NetworkPromoting Human Rights and Democracy in the Next Eu Multiannual Financial Framework
  4. Mission of China to the EUDigital Cooperation a Priority for China-EU Relations
  5. ECTACompetition must prevail in the quest for telecoms investment
  6. European Friends of ArmeniaTaking Stock of 30 Years of EU Policy on the Nagorno-Karabakh Conflict: How Can the EU Contribute to Peace?
  7. ILGA EuropeCongratulations Finland!
  8. UNICEFCyclone Season Looms Over 720,000 Rohingya Children in Myanmar & Bangladesh
  9. European Gaming & Betting AssociationEU Court: EU Commission Correct to Issue Guidelines for Online Gambling Services
  10. Mission of China to the EUChina Hopes for More Exchanges With Nordic, Baltic Countries
  11. Macedonian Human Rights MovementCondemns Facebook for Actively Promoting Anti-Macedonian Racism
  12. Nordic Council of MinistersGlobal Seed Vault: Gene Banks Gather to Celebrate 1 Million Seed Collections