Chinese regime waged cyberattack on IDB in 2019

The cyberattack came to a head when Latin American delegates arrived in Washington to celebrate the 60th anniversary of the Inter-American Development Bank.

On September 24, 2019, requests from more than 15,000 email addresses from across China flooded the bank’s portal, intermittently disabling parts of the service. To solve the problem, the bank cracked down and blocked all traffic from China.

But the attackers persisted, and while delegates gathered for a day of lectures with sportsmen, academics and television chiefs, the bombardment intensified.

Details of the attack, which had so far not been disclosed, are contained in an internal IDB document accessed by the Associated Press.

IDB Attack Did Not Generate Alarm Beyond Bank Itself, Experts Say. Last year, there were more than 10 million distributed denial of service (DDoS) attacks worldwide, according to digital security company NETSCOUT.

But the fact that it happened in the middle of the IDB celebration gave it special symbolism.

The celebration in Washington was hastily organized, six months after the Trump administration garnered enough support to cancel an IDB meeting in the Chinese city of Chengdu, which was to be something of a Chinese launch party a decade ago. after joining the bank.

The United States tried for months to derail that meeting, and the Chinese decision to deny a visa to a representative of Venezuelan opposition leader Juan Guaidó gave him the opportunity he needed.. The IDB, like the United States and much of Latin America, recognizes Guaidó as the legitimate leader of Venezuela, while China strongly supports the government of Nicolás Maduro.

Mauricio Claver-Carone, its current director, was the US official in charge of relations with China at the IDB. He was also the White House’s primary link to Latin America and the architect of “America Crece,” a program that sought to contain Chinese advances in Latin America, where China replaced the United States as the United States. main trading partner in countries like Argentina and Brazil. and Chile.

According to the IDB document, On September 19, 2019, traffic to the IDB portal quadrupled, disabling the main page and the publications page. The bank initially responded by disabling individual IP addresses.

But “the attackers have changed their tactics and started sending requests for more than 15,000 IP addresses from all over China,” according to the internal document. “By the night of Tuesday the 24th, all Chinese traffic was blocked, a decision that allowed us to restore the bank’s online service.”

The attackers insisted, this time using 180,000 IP addresses from different countries, including Japan and Singapore.. In all, the attack lasted for months, but was brought under control after three weeks, when the bank turned to Amazon to build a stronger firewall.

While there is no indication that the system was breached, “the downtime affected our digital presence and negatively impacted various communications activities,” the document states. “It also exposed our vulnerabilities to third parties, which could make us the target of further attacks and affect the reputation of the IDB.”

China has some of the best hackers in the world, but some experts aren’t sure they are behind the attack. Computers that are not well protected can be controlled from anywhere in the world and turned into botnets that launch DDoS attacks.

“Such a protracted attack is clearly financially or politically motivated. You don’t ride for three weeksSaid Tord Lundstrom, a digital security expert at Qurium, a Swedish non-profit organization. “But without additional digital forensic information, it’s difficult to determine if China was behind this, or was someone wanting to make it appear that it was.”

China’s Foreign Ministry did not respond to questions about whether the government was aware of what had happened to the IDB or if it had been involved, but said in a statement it strongly opposed cyber attacks.

“Linking cyber attacks directly to a government is a very sensitive political issueThe statement said. “All parties should jointly solve the piracy problem, through dialogue and cooperation, and avoid politicizing the problem.”

Claver-Carone withdrew from the talks and the IDB said it was not commenting on internal cybersecurity issues. However, three people from the bank told the AP that they remember that China was openly held responsible for the attacks during 2019 meetings on the repercussions of those efforts. People spoke on condition of not being identified to comment on internal deliberations.

China only owns 0.004% of the IDB’s voting shares, the smallest percentage among the bank’s 48 members. But its admission is an inexpensive way to expand its presence in Latin America. Chinese companies were able to participate in tenders for IDB-funded projects, rub shoulders with political leaders, and gain valuable economic information that would have been difficult to obtain by other means.

China, on the other hand, is the second largest non-credit shareholder of IDB Invest., the branch of the bank that offers private loans, with nearly 6% of the shares, thanks to a reorganization of 2015, in which the Obama administration refused to offer additional resources and the participation of the United States was reduced to 13%.

The IDB also manages a $ 2 billion fund, produced entirely by contributions from China. Over the years, the IDB has organized more than a dozen business meetings to connect Latin American companies and Chinese investors.

“For too long, the IDB has enjoyed very cordial relations with the Chinese Communist PartySaid Runde. “The bank and its shareholders did not hold China responsible when it ruined the IDB’s 60th anniversary. This close relationship must end ”.

China does not hide its strained relationship with Claver-Carone. In a symbolic rejection, Yi Gang, the head of China’s central bank, abstained from voting at last year’s special meeting in which Claver-Carone was elected, according to a person who attended. the meeting and asked not to be tagged as commenting. on a closed meeting.

With AP information

KEEP READING: