When hackers infiltrate the International Monetary Fund and steal a "large quantity" of data, it's a big deal. Especially ahead of the fund's nomination of a managing director and the ongoing turmoil involving European bailouts and global financial reform. Whoever did it may have gained invaluable information.  "Access to IMF files might give a hacker access to not only details of its own policy of thoughts and internal debates but also those of other major powers," said a London-based currency markets insider, speaking to Reuters. So who did it? Unlike previous cyber attacks on Sony and Citigroup, this latest attack smacks of state-sponsored involvement, say analysts. Still, not everyone agrees. Here are the five leading theories.

A state-sponsored attack  Security analysts speaking with the BBC are convinced the attack came from a country. "Any attack that shows money, time and resources went on it points to a state attack. States and their intelligence agencies have far more resources than criminal gangs," said Graham Titherington, a security analyst with research firm Ovum.  "For what we can tell, the aim ... appears to be to gather intelligence rather than cause disruption," said John Bassett, a former senior official at Britain's signals intelligence agency speaking with Reuters. "The intrusion appears to be sophisticated and well executed at an operational level (suggesting) that it originates from or is sponsored by a state."

A non-state actor  Others say blaming the attack on a state actor is just a ploy to downplay weaknesses inherent in the IMF's security system. "It is easier for organisations to hide under this excuse when really it is something lacking in their defences," said Tal Be'ery, a web Research Team Leader at the Application Defense Center, speaking with the BBC. "It is just as likely to be a lone hacker acting out of curiosity." Getting really creative, Rick Dakin, a security strategist at Coalfire Systems, suspects a terrorist group is involved in a plot to undermine development work. "The IMF provides a path to improve the living conditions in nations who are struggling to break free from the bonds of the past and move to the future," he said. "If the credibility and reliability of the IMF can be jeopardized, the terrorists can protect their safe havens and prevent economies from joining the rest of the western world."

China  So far, most of the predictions are that China carried out the raid. “China is a state that is very aggressive at collecting intelligence through these means,” said Mike Hayden, a former director of the CIA, speaking to Bloomberg. "Larry Wortzel, a commissioner on the congressionally created U.S.-China Economic and Security Review Commission, said he suspected Chinese authorities had sought to pierce IMF networks to get inside information before meetings in Beijing last week with French Finance Minister Christine Lagarde, the frontrunner to replace Strauss-Kahn," reports Reuters. "The bipartisan commission has accused Chinese hackers of infiltrating both the US and other international computer systems to gain information for commercial and strategic gain."

Greece  A London-based currency markets insider tells Reuters that Greece has the most to gain by launching an attack. "The most immediately time and market sensitive information would relate to Greece," he said, "with the IMF and EU needing to offer new bailouts by the end of the month to avoid default."

Russia  Alexander Klimburg, a cyber security expert at the Austrian Institute for International affairs, points to an unusual relationship between Russia and its hackers. "Some security experts say both Moscow and Beijing in particular deliberately turn a blind eye to the activities of hackers in their territory providing they only attack foreign targets outside their borders," Reuters reports. "Such hackers are believed to occasionally carry out work on behalf of governments as well as trading information for cash. During the brief 2008 war between Georgia and Russia over breakaway South Ossetia, attacks disabled and took offline websites in all the countries involved."