Is the World Bank a victim of Keystroke Spying?

Ceres · #1 (**permalink**) 10-12-2008, 03:27 PM

Fox News reports that the World Bank's network has been the subject of keystroke spying, and that as many as 40 of their servers have been penetrated.

One of alleged intruders is Satyam Computer Services, one of India's biggest IT companies.

Quote:

After a forensic analysis of the treasury breach, bank investigators discovered that spy software was covertly installed on workstations inside the bank's Washington headquarters ? allegedly by one or more contractors from Satyam Computer Services, one of India's largest IT companies.

The software ? which operates through a method known as keystroke logging ? enabled every character typed on a keyboard to be transmitted to a still-unknown location via the Internet.

Upon its discovery, insiders report, bank officials shut off the data link between Washington and Chennai, India, where Satyam has long operated the bank's sole offshore computer center responsible for all of the bank's financial and human resources information.

Satyam was also banned from any future work with the bank. "I want them off the premises now," Zoellick reportedly told his deputies. But at the urging of CIO De Poerck, Satyam employees remained at the bank as recently as Oct. 1 while it engaged in "knowledge transfer" with two new India-based contractors.

The World Bank denies the Fox News story, and states that their network has not been compromised:

Quote:

Like other public and private institutions, the World Bank has repeatedly experienced hacking attacks on its computer systems and is constantly updating its security to defeat these. But at no point has a hacking attack accessed sensitive information in the World Bank's Treasury, procurement, anti-corruption or human resources departments.

Source: FOXNews.com - World Bank Under Cyber Siege in 'Unprecedented Crisis'

vlada · #2 (**permalink**) 10-15-2008, 07:56 AM

Quote:

Originally Posted by Ceres

Fox News reports that the World Bank's network has been the subject of keystroke spying, and that as many as 40 of their servers have been penetrated.

One of alleged intruders is Satyam Computer Services, one of India's biggest IT companies.

The World Bank denies the Fox News story, and states that their network has not been compromised:

Source: FOXNews.com - World Bank Under Cyber Siege in 'Unprecedented Crisis'

I think that everything may be under the heavens! But I understand the position of the World Bank. It is very unpleasant to admit that servers have been penetrated.

Ceres · #3 (**permalink**) 12-26-2008, 12:58 AM

UPDATE: The World Bank has issued a statement. They've declared Indian IT company Satyam ineligible to receive direct contracts from the World Bank for 8 years.

The World Bank states there is no evidence that Satyam was involved in malicious attacks on their servers.

The reason given for the debarment: Satyam provided improper benefits to Bank staff and failed to maintain documentation to support fees charged for its subcontractors.

Ceres · #4 (**permalink**) 01-12-2009, 01:45 PM

More companies have been debarred:

Quote:

The World Bank said it barred Megasoft from bidding for contracts for four years in December 2007 for "participating in a joint venture with Bank staff while also conducting business with the Bank," as part of its new disclosure policy.

Quote:

Wipro Technologies has been barred for four years for providing improper benefits to the Bank's staff.

Source: Megasoft shares dive on World Bank contract ban | Business News | Reuters