Below is a summary and the link to the Fox News article titled “World Bank Under Cyber Siege in ‘Unprecedented Crisis,” describing a deeply troubling series of at least six sophisticated and very successful attacks on the entire global technology network of the World Bank over a one years’ period of time.  http://www.foxnews.com/story/0,2933,435681,00.html.  What is particularly troubling about the attacks is that the World Bank was fully aware of the problem from the beginning and was not able to stop it from happening at least five more times over the next year.  One of the quotes in the article points to one serious issue if true, that “Despite the vast sums that the Bank spends on data and data storage, its information systems are deeply in disarray” (no doubt they are not alone in this regard).  Some of the attack methods and major resources compromised follow:

¨        The treasury unit was deeply penetrated with spyware in April ’07 and the attackers had full access to the bank’s network for nearly a month in June/July ’07.

¨        A minimum of 18 servers were compromised (as many as 40 by another account) including some of the bank’s most sensitive systems such as the bank’s security and password server and a Human Resources server.

¨        The attackers organized the bank’s data stores in a way so that they could be easily accessed at will.

¨        “They had access to everything.”

¨        The first breach originated out of the Johannesburg hub of the International Finance Corp. (IFC) and the attackers “gained full and total access to all of IFC’s worldwide information … for at least six months.  “They were downloading everything and anything.””

¨        The Johannesburg hub was also a “common data store” where the all of bank’s data was replicated and backed up.

¨        The bank’s treasury network in Washington which manages $75 billion in assets for 25 clients including the central banks of some countries, runs an active bond-trading desk and does everything from currency trading to capital markets financing.

¨        Spy software was covertly installed on workstations at the bank’s headquarters—“allegedly by one or more contractors from Satyam Computer Services” a $2 billion revenue IT company in India that had a $100 million five-year “sole source” contract to design, write and maintain all of the World Bank’s information systems.

¨        Satyam has been banned from any future work with the bank.

¨        The bank was again breached in June/July ’08 and the attackers broke into another server and were able to acquire passwords, including the password for the systems administrator.  That allowed them to get into the servers at the bank’s giant insurance arm where they “captured the security administrators password as he was logging onto his computer.”

¨        This time it took ten days for bank officials to detect that they had been attacked.  “By the end of July the invaders “had completely mapped out the topography of the bank’s information systems, … where everything was, the types of servers, and the types of files on the servers.”

The amount of detail in the article and the copies of internal memos linked to in the article validate the report and belie the Bank’s assurance that no sensitive information was compromised.  One has to ask, if the World Bank can’t secure their computers, who can?  Some of the memos indicate a rather superficial response to some of the attacks (have people change their passwords, but they may be doing that on computers that have been compromised and the attackers would get the new password).  Other steps that were taken should have helped, but the fact remains that despite their best efforts, they were not (and still may not be) able to prevent these attacks.

Clearly, there is a critical need for security products that really work and that will prevent this kind of nightmare from happening.  InfoScape products will do just that.