FP Explainer

Why Would Someone Hack the IMF?

To see how the sausage is made.

In addition to finding a new managing director and awaiting the prosecution of its most recent one, the IMF now has a serious cybersecurity breach to deal with. The New York Times reported over the weekend that the organization had been hit by "a large and sophisticated cyberattack whose dimensions are still unknown." The fund declined to provide details to the Times about the nature of the breach, but it was apparently serious enough that the World Bank immediately severed its computer links to the IMF. But besides Dominique Strauss-Kahn's emails, what's worth stealing from the IMF?

Not as much as there used to be, but still potentially a lot. The IMF now makes a lot of information public that used to be kept secret, such as the terms of loan arrangements with recipient countries. But as with the State Department cables released by WikiLeaks last year, the juicy material may not be so much what policies the IMF is following toward given countries as how it's talking about them in private.

The minutes of IMF executive board meetings are not made public until several years after they take place. Meetings of the board presumably include candid discussions about the financial solvency of countries requesting bailouts. In both meeting minutes and informal remarks over email, officials often discuss countries' internal politics and economic policies in terms they would never use in public documents. It's not exactly unheard of for countries to misrepresent their economic data. If IMF officials were shown to be privately questioning member countries' official figures, it would certainly have the power to move markets.

Like any multilateral organization, IMF members also seek to push their own interests, and it's certainly possible that major shareholders like the United States and Britain may advocate for more favorable loan terms for allies. Again, this isn't exactly secret, but it isn't the sort of thing governments want to see dissected in the media.

Of course, not all cyberattacks are aimed at stealing information or orchestrating WikiLeaks-style data dumps. Sometimes, they're just done to prove a point -- as in the recent attacks by the mysterious group LulzSec on Sony, Fox News, PBS, and others. In fact, just two weeks ago, the IMF received a threat from the "hacktivist" collective Anonymous in retaliation for the fund's activities in Greece. "The overreaching powers of the European Union (EU) and the IMF will not go unnoticed or unopposed by the global community who stand in solidarity with their brothers and sisters of Greece," read a statement attributed to the group.

Despite the threat, there's no indication that the recent attack was carried out by Anonymous. One hacker advising the U.S. Department of Homeland Security told Reuters that the intruder was likely working on behalf of a nation-state looking to steal sensitive information for economic advantage or to simply embarrass the organization.

With an organization as controversial as the IMF, the list of suspects is long. On the other hand, it's not as if a country could exactly issue a news release containing secret IMF data (though it could potentially invest in a country about to receive a loan). This may turn out to be a case in which using the information may prove just as difficult as stealing it.

Thanks to James Vreeland, associate professor of foreign service and government at Georgetown University.


FP Explainer

Is It Legal to Try to Kill Qaddafi?


NATO has escalated its bombing campaign around the Libyan capital of Tripoli in an effort to bring the conflict to a close and has destroyed one of Muammar al-Qaddafi's favored retreats. A senior NATO military official told CNN on June 9 that Qaddafi was a legitimate target of the bombing campaign, but declined to comment on whether he was being deliberately targeted. Is it legal to deliberately try to kill the leader of a sovereign state?

The law is vague. The long-standing reluctance of militaries to engage in the targeted killing of heads of state is based more on custom than codified regulation. (It's not really in the interest of presidents and prime ministers for that sort of thing to become common practice.)

The closest thing in international law to a ban on assassination is the 1907 Hague Convention on the laws of war, which prohibits signatories from attempting "To kill or wound treacherously individuals belonging to the hostile nation or army." Treachery is a tough thing to prove in court and in any case, might not apply to this situation: Qaddafi has been given ample warning and a clear message that NATO and the United Nations want him out.

Moreover, Security Council Resolution 1973 authorizing the Libya intervention allows U.N. member states to "take all necessary measures ... to protect civilians and civilian populated areas under threat of attack in the Libyan Arab Jamahiriya." While coalition forces haven't yet declared Qaddafi an official target as part of these measures, they've also made it clear that his personal safety is not a consideration. As British Defense Minister Liam Fox put it, "There's a difference between someone being a legitimate target and whether you would go ahead with targeting." The official who spoke with CNN described Qaddafi as being part of the "command and control" structure of the Libyan military, meaning that taking him out would fall under the mandate of protecting civilians.

What about U.S. law? An executive order signed by President Ronald Reagan in 1981 -- updating an earlier order by President Gerald Ford -- states that "No person employed by or acting on behalf of the United States Government shall engage in, or conspire to engage in, assassination." (The order followed embarrassing revelations of CIA plots to kill foreign leaders such as Congolese President Patrice Lumumba and Cuban leader Fidel Castro.) But the order doesn't define "assassination" and, in truth, hasn't had much effect on U.S. policy. Since 9/11, the United States has repeatedly targeted senior al Qaeda leaders for assassination, culminating in May's raid in Abbottabad, Pakistan.

Even before the war on terror began, the targeting of foreign leaders was hardly unheard of. Reagan himself targeted one of Qaddafi's compounds during airstrikes on Libya in 1986, killing the Libyan leader's adopted daughter. U.S. airstrikes targeted Saddam Hussein's compounds during the early days of the Iraq war.

The deliberately vague "command and control" language is also not new. In 1999, following an airstrike on Serbian President Slobodan Milosevic's Belgrade residence, Eric Holder then U.S. deputy attorney general, argued that it did not violate the rule against assassination: "Bombs are dropped on command and control facilities," he said in a news conference quoted by Canada's Globe and Mail. "There has not been any attempt on the part of the United States to target any particular individual."

So while the killing of foreign leaders is generally frowned upon and rarely admitted to, Qaddafi probably shouldn't be counting on the law to protect him.

Thanks to Micah Zenko, fellow for conflict prevention at the Council on Foreign Relations, and Matthew Waxman, associate professor at Columbia Law School.