Saturday

19th Oct 2019

Hackers break into OECD computer system

  • OECD ministerial meeting. The body's spokesman said: 'What we know is it's quite a sophisticated attack' (Photo: oecd.org)

The OECD, the Paris-based club of the world's 33 richest countries, has been successfully hacked by people looking for sensitive information on money laundering, high-level corruption and tax evasion.

OECD spokesman Stephen Di Biasio told EUobserver by phone from France on Thursday (4 November) that the body first detected "unusual" activity in its IT network in August and is still battling to get malware out of its computers three months later despite calling in help from the French security services and private cyber-defence companies.

Read and decide

Join EUobserver today

Support quality EU news

Get instant access to all articles — and 18 year's of archives. 30 days free trial.

... or join as a group

"We've got a team trying to close down their points of entry, but we're not in a position today to say we've cleared them out of our system," he said.

"What we know is it's quite a sophisticated attack. We've got quite high levels of security protocols at the OECD and this has been able to bypass those security measures ... What we are seeing is that it's not a destructive attack. It's obviously fishing for information. Because the OECD works in such a broad array of areas, they are searching around to see what they can get."

Mr Di Biasio said the malware appears to have got in via a USB memory stick and that the attacks are coming from "different geographical areas, quite a few points in Asia." He was unable to say if the assault involves a government or a private entity.

"The suspicion is it came in via USB keys. Our agents travel around the world. They often go to conferences - there are exchanges of information, exchanges of USB keys."

The OECD describes itself as a body which "brings together the governments of countries committed to democracy and the market economy." It collects economic data and conducts inter-governmental talks on issues including high-level government and corporate corruption, money laundering and tax evasion. Its members include 20 EU countries, as well as Canada, Israel, Japan, Switzerland, Turkey and the US.

News of the hack first came out in the specialist, Paris-based publication Intelligence Online on Wednesday, one day before a major EU cyber-security exercise.

The EU simulation, Cyber Europe 2010, is being organised by Enisa, the EU's Crete-based information security agency, and the Joint Research Centre, the European Commission's science wing in Brussels. Modeled on the larger US exercise, Operation Cyber Storm III, launched earlier this year, the EU project is billed as the first-ever pan-European effort of its type.

The exercise began at 10am Brussels time on Thursday and is to last until the evening of the same day. It consists of attempts to install and block fake malware on "critical online services" by around 130 experts sitting at their computers in an operations centre in Crete and in remote locations around Europe.

The exercise involves 20 EU countries plus Norway and Switzerland. EU member states Bulgaria, Cyprus, Luxembourg, Malta, Poland, Slovenia and Spain, as well as non-EU country Iceland, are taking part as observers. The UK's Office of Cyber Security and CERT, the Computer Emergency Response Team in Estonia, are among those at the heart of the exercise.

"We will have electronic elections in March, so we have also been conducting our own internal exercises concerning that," CERT spokeswoman Katrin Pargmae told this website.

Commenting on the outcome of Thursday's experiment, Enisa spokesman Ulf Bergrstrom noted: "If we do find holes and gaps in procedures and channels we will firstly need to plug these holes before we can reveal where they need to be plugged."

Asked if Nato was involved in this simulation, since it is active in the field of cyber defence, Jonathan Todd, a spokesman for the EU commission said: "No. This is the first time such an exercise is being organised, but in future we may look at more complex scenarios."

The European Commission in September proposed a new law to put hackers in jail for up to five years and to give Enisa new powers to fight internet crime.

US to put tariffs on European whiskies, cheese

After a 15-year legal battle, the US was given the green light to impose tariffs on EU products. The EU is threatening countermeasures but wants to negotiate. Transatlantic ties have suffered another blow.

News in Brief

  1. Macron: Nato's inability to react to Turkey a 'mistake'
  2. EU: US can expect counter measures after tariff move
  3. Almost 7,500 people forcibly returned to Libya in 2019
  4. Puigdemont released after responding to arrest warrant
  5. Commission: Facebook's Libra needs international approach
  6. Italian PM: denial of accession talks a 'historic mistake'
  7. Catalan president blames clashes on 'infiltrators'
  8. US imposes €6.7bn new tariffs on European products

Opinion

Why von der Leyen must put rights at core of business

Ursula von der Leyen's in-tray must include those European executives on trial for systematic workplace harassment, the break-up of European slavery rings, and allegations of European companies' abuse in palm oil, including child labour, land grabs, and deforestation.

Stakeholders' Highlights

  1. Nordic Council of MinistersBrussels welcomes Nordic culture
  2. UNESDAUNESDA appoints Nicholas Hodac as Director General
  3. UNESDASoft drinks industry co-signs Circular Plastics Alliance Declaration
  4. FEANIEngineers Europe Advisory Group: Building the engineers of the future
  5. Nordic Council of MinistersNew programme studies infectious diseases and antibiotic resistance
  6. UNESDAUNESDA reduces added sugars 11.9% between 2015-2017
  7. International Partnership for Human RightsEU-Uzbekistan Human Rights Dialogue: EU to raise key fundamental rights issues
  8. Nordic Council of MinistersNo evidence that social media are harmful to young people
  9. Nordic Council of MinistersCanada to host the joint Nordic cultural initiative 2021
  10. Vote for the EU Sutainable Energy AwardsCast your vote for your favourite EUSEW Award finalist. You choose the winner of 2019 Citizen’s Award.
  11. Nordic Council of MinistersEducation gets refugees into work
  12. Counter BalanceSign the petition to help reform the EU’s Bank

Stakeholders' Highlights

  1. UNICEFChild rights organisations encourage candidates for EU elections to become Child Rights Champions
  2. UNESDAUNESDA Outlines 2019-2024 Aspirations: Sustainability, Responsibility, Competitiveness
  3. Counter BalanceRecord citizens’ input to EU bank’s consultation calls on EIB to abandon fossil fuels
  4. International Partnership for Human RightsAnnual EU-Turkmenistan Human Rights Dialogue takes place in Ashgabat
  5. Nordic Council of MinistersNew campaign: spot, capture and share Traces of North
  6. Nordic Council of MinistersLeading Nordic candidates go head-to-head in EU election debate
  7. Nordic Council of MinistersNew Secretary General: Nordic co-operation must benefit everybody
  8. Platform for Peace and JusticeMEP Kati Piri: “Our red line on Turkey has been crossed”
  9. UNICEF2018 deadliest year yet for children in Syria as war enters 9th year
  10. Nordic Council of MinistersNordic commitment to driving global gender equality
  11. International Partnership for Human RightsMeet your defender: Rasul Jafarov leading human rights defender from Azerbaijan
  12. UNICEFUNICEF Hosts MEPs in Jordan Ahead of Brussels Conference on the Future of Syria

Join EUobserver

Support quality EU news

Join us