World Bank Under Cyber Siege in 'Unprecedented Crisis'
The crisis comes at an awkward moment for World Bank president Robert Zoellick, who runs the world's largest and most influential anti-poverty agency, which doles out $25 billion a year, and whose board represents 185 member nations. This weekend, the bank holds its annual series of meetings in Washington — and just in advance of those sessions, Zoellick called for a radical revamping of multilateral organizations in light of the global economic meltdown.
Zoellick is positioning himself and the bank as an institution that can help chart a new path toward global financial stability. But that reputation, more than ever, depends on the bank's stable information infrastructure.
The fact that the information vaults of the World Bank have been repeatedly pried open won't help Zoellick's case.
more sources below the fold...
From miliary.com discussion boards:
The World Bank Group's computer network — one of the largest repositories of sensitive data about the economies of every nation — has been raided repeatedly by outsiders for more than a year, FOX News has learned.
It is still not known how much information was stolen. But sources inside the bank confirm that servers in the institution's highly-restricted treasury unit were deeply penetrated with spy software last April. Invaders also had full access to the rest of the bank's network for nearly a month in June and July.
In total, at least six major intrusions — two of them using the same group of IP addresses originating from China — have been detected at the World Bank since the summer of 2007, with the most recent breach occurring just last month.
In a frantic midnight e-mail to colleagues, the bank's senior technology manager referred to the situation as an "unprecedented crisis." In fact, it may be the worst security breach ever at a global financial institution. And it has left bank officials scrambling to try to understand the nature of the year-long cyber-assault, while also trying to keep the news from leaking to the public.
More from the Foxnews.com article:
In reality, the situation is serious enough that federal investigators have been called in. "We're not talking about hackers playing games or messing up our website," insists a senior member of the bank's IT department at its Washington headquarters. "It's about the FBI coming last summer and saying, 'You should take a look at your systems because we think something weird is going on.' It's about the intruders knowing what information they wanted — and getting to it whenever they wanted to. They took our existing data stores and organized them in a way that they could be easily accessed at will."
In plainspeak: "They had access to everything," says the source. "They had the keys to every room at the bank. And we can't say whether they still do or don't until we fully and openly address what's happening here."
:: :::
There are two pdf's linked to in the Fox article.
From WorldBankDoc1.pdf:
The list of servers represents the severity and scope of the incident. A minimum of 18 servers have been compromised.
...
Upon review it was noted that the breach was associated with a Senior System's Administrator account. The person was on leave at the time of the incident. After contacting the individual it was determined that the incident was indeed the result of a compromised, privileged account.
...
As of 9/9/08 it was determined that 5 of the compromised servers contain sensitive data and care must be taken to determine the amount of information that may have been transmitted out side of the World Bank Group.
From DePoerkmemo.pdf:
As reported on the security updates on July 18 and August 6, an external attempt was made to compromise the Bank's information network.
:: :::
Caveat:
UPDATE: After FOX News published its story, a World Bank spokesman issued the following statement:
"The Fox News story is wrong and is riddled with falsehoods and errors. The story cites misinformation from unattributed sources and leaked emails that are taken out of context.
"Like other public and private institutions, the World Bank has repeatedly experienced hacking attacks on its computer systems and is constantly updating its security to defeat these. But at no point has a hacking attack accessed sensitive information in the World Bank's Treasury, procurement, anti-corruption or human resources departments."
Caveat on the caveat:
Despite the gravity of the break-ins, the bank is trying hard to pretend to outsiders it didn't happen.
...
Meanwhile, the bank's treasurer, Kenneth G. Lay, has been briefing Zoellick's senior management team regularly on the situation since April.
Other bank officials are also sleuthing. The bank's chief information officer, Guy De Poerck, has engaged Price Waterhouse Coopers to do a confidential million-dollar assessment that is expected to tell him what's going on in his own department. And a 22-page internal report by a computer security company named MANDIANT, dated August 18, fleshes out many details of the June-July breaches. But very few people have ever seen the report, and nobody has been permitted to retain a paper copy.
I will comment more at a later time, as the story develops.
:: ::
[The comments in the discussion section below are unrelated, but if you want to make a comment on the hacking, please pile in or join the discussion here.]