World Bank Under Cybersiege In "Unprecedented Crisis"

← Back to Stories (view on slashdot.org)

World Bank Under Cybersiege In "Unprecedented Crisis"

Posted by kdawson on Friday October 10, 2008 @04:34AM from the wolf-really dept.

JagsLive sends in a Fox News report on large-scale and possibly ongoing security breaches at the World Bank. "The World Bank Group's computer network — one of the largest repositories of sensitive data about the economies of every nation — has been raided repeatedly by outsiders for more than a year, FOX News has learned. It is still not known how much information was stolen. But sources inside the bank confirm that servers in the institution's highly-restricted treasury unit were deeply penetrated with spy software last April. Invaders also had full access to the rest of the bank's network for nearly a month in June and July. In total, at least six major intrusions — two of them using the same group of IP addresses originating from China — have been detected at the World Bank since the summer of 2007, with the most recent breach occurring just last month. In a frantic midnight e-mail to colleagues, the bank's senior technology manager referred to the situation as an 'unprecedented crisis.' In fact, it may be the worst security breach ever at a global financial institution. And it has left bank officials scrambling to try to understand the nature of the year-long cyber-assault, while also trying to keep the news from leaking to the public." Update: 10/11 01:15 GMT by T : Massive spyware infestations might be good cause to reevaluate the TCO of non-Windows systems on the desktop.

50 of 377 comments (clear)

This was bound to happen. by Anonymous Coward · 2008-10-10 04:35 · Score: 5, Insightful

These days financial institutions consider IT (and other) security as something that costs them money, without giving them any benefit.
Will this wake them up?
I hear the question "Can we afford"? when talking about security in IT shops. The question that I am coming back with is "Can we afford not to"?
Just how many more banks machines are compromised? How about Federal and Local Government's machines and networks.
If you had enough financial data somebody could cause an economic collapse - I wonder what it would look like.
1. Re:This was bound to happen. by g0es · 2008-10-10 04:52 · Score: 5, Insightful
  
  These days financial institutions consider IT (and other) security as something that costs them money, without giving them any benefit.
  Will this wake them up?
  I hear the question "Can we afford"? when talking about security in IT shops. The question that I am coming back with is "Can we afford not to"?
  Just how many more banks machines are compromised? How about Federal and Local Government's machines and networks.
  If you had enough financial data somebody could cause an economic collapse - I wonder what it would look like.
  For most financial institutions their primary goal when it comes to information assurance is to pass audits. As you stated security is usually a cost center and they do what ever they can to keep that cost down. This generally means doing just enough work to make them compliant and as well all know, compliant != secure. I do not beleive these incidents will change anything unless the financial institutions are forced to a higher standard. I will continue to hope that they will see the light.
2. Re:This was bound to happen. by wkk2 · 2008-10-10 05:08 · Score: 5, Insightful
  
  Why wasn't all traffic limited to white listed addresses and that traffic limited to VPN connections using tamper resistant encryption hardware?
3. Re:This was bound to happen. by ScrewMaster · 2008-10-10 05:14 · Score: 3, Interesting
  
  If you had enough financial data somebody could cause an economic collapse - I wonder what it would look like.
  Probably something like this.
  
  --
  The higher the technology, the sharper that two-edged sword.
4. Re:This was bound to happen. by ScrewMaster · 2008-10-10 05:31 · Score: 5, Insightful
  
  Because bankers are traditionally among the cheapest bastards on the planet. Rich people frequently are ... it's part of why they got to be rich in the first place. Furthermore, in the modern world the contents of a bank's hard drives are much more valuable than what's in their steel-lined vaults. I don't think they've fully come to grips with that, or they'd have spent more money on information security.
  
  --
  The higher the technology, the sharper that two-edged sword.
5. Re:This was bound to happen. by Skal+Tura · 2008-10-10 05:56 · Score: 4, Interesting
  
  Doesn't help if a whitelisted host is aswell infected. No single technique, or category of security is enough, it needs multi-tiered, multi-level security in cases such as this. All task specific.
  Furthermore, there shouldn't be a single "full access" account, except for "root", and anyone working on root access would need to be required to work as a team of 2 or 3 persons, all coming from separate divisions/offices/departments, no prior contact, randomly chosen. Why?
  Humans are always the weakest link in security, and if someone is being watched when working on a server maintenance, the second fellow could report such an incident. Offer an prize for bringing up if there's a suspicion, immediately bringing that server down, and even if it was a failed suspicion, there should be somekind of reward for just being suspicious.
  This data is too critical to let any single person to have access in privacy. every action taken on the server should be logged, and automatic heuristic analysis done on it. Aswell, for all data in and out, network or removable media. It is all doable, given the right persons to do it, it's even cost-effective.
  Automation is the key to cut costs.
  There's plenty of methods to do something with high security, given creatively, sane, suspicious people planning for all of it.
  My 2 cents.
  
  --
  Pulsed Media Seedboxes
6. Re:This was bound to happen. by TubeSteak · 2008-10-10 06:13 · Score: 4, Insightful
  
  Furthermore, in the modern world the contents of a bank's hard drives are much more valuable than what's in their steel-lined vaults. I don't think they've fully come to grips with that, or they'd have spent more money on information security.
  Insurance companies act as private regulators in a 'free' market.
  Banks buy insurance for the contents of their vault, meaning their insurance company effectively dictates the minimum requirements for the bank's physical security. Higher cost security is balanced against lower insurance rates.
  Physical security is a mature field.
  Internet security is not and probably will not be for some time.
  
  --
  [Fuck Beta]
  o0t!
7. Re:This was bound to happen. by jvkjvk · 2008-10-10 06:50 · Score: 3, Insightful
  
  Furthermore, in the modern world the contents of a bank's hard drives are much more valuable than what's in their steel-lined vaults.
  Yes, but valuable to who? Do the banks lose any money if the info is hacked? If there is no financial cost to these break ins at the institutions where they happen why in the world would such a profit oriented institution spend any money beyond the bare minimum to ensure they aren't jailed for malfeasance (although I would argue that doing so in itself is malfeasance)?
  
  I don't think they've fully come to grips with that, or they'd have spent more money on information security.
  They will only spend more money on information security when it becomes DIRECTLY more costly or DIRECTLY more risky (e.g. probability of COST) to hold off. This news does nothing to counter my viewpoint - no actual loss occurred (no fines, no assets moved, no nothing) to the Bank itself. All actual loss occurred to the groups that had their data stolen. As long as institutions can say "Whoops!" and everything goes along it's merry way nothing will change.
8. Re:This was bound to happen. by TubeSteak · 2008-10-10 08:22 · Score: 3, Insightful
  
  This news does nothing to counter my viewpoint - no actual loss occurred (no fines, no assets moved, no nothing) to the Bank itself. All actual loss occurred to the groups that had their data stolen. As long as institutions can say "Whoops!" and everything goes along it's merry way nothing will change.
  Reputation is an asset, especially in banking.
  Banks and Corporations spend millions on advertising to build up their brand.
  The World Bank has been having some rough times recently, Wolfowitz last year and now this.
  When they get publicly embarrassed/humiliated/[adjective] it damages their reputation.
  Though their reputation is intangible, the cost to repair the damage is not.
  
  --
  [Fuck Beta]
  o0t!
9. Re:This was bound to happen. by bertok · 2008-10-10 11:08 · Score: 5, Interesting
  
  When I was studying computer science at university, I had read about all these fancy cryptographic techniques, and I imagined that banks were these encrypted, firewalled fortresses of IT security, monitored by the most competent, most vigilant administrators.
  I was very wrong.
  Let me tell you about my experience of IT security in banks.
  A couple of years ago, I was sent to one of Australians largest banks. I was there for a 1 week engagement to install the latest virus scanner software on some servers. It sounded like a great opportunity to have a look at some high-end systems and see how they were managed. So I turn up in the morning, and start unpacking my laptop, when the project manager warns me:
  "Don't plug your laptop into the network. We have to make sure you have the latest patches and AV first."
  I fully understood his position, of course, they couldn't just let some random guy plug some a laptop into the network. It was a bank after all, security matters. I was Wrong. He corrected me:
  "Oh no.. that's for your own protection! There's hundreds of viruses on this network, if you plug an unpatched machine into it, it'll be infected in seconds."
  I was stunned. He wasn't even joking. I did plug my laptop in (which was well patched), and ran Ethereal for a few minutes, during which time I saw several viruses attempting to hack my machine. It was incredible. I've never seen that kind of attack rate anywhere, and I've been to large, unfirewalled university networks and school networks.
  In fact, I didn't even really need to plug myself in. There was a WiFi connection available, with an easily recognisable SSID (the name of the bank). Of course, it was unencrypted, unsecured, and plugged directly into the desktop LAN.
  Next, I got a tour of the data center, which was an eye-popping experience in itself. The bank had recently invested in fancy new retina-scanning door locks. It looked like it was straight out of a James Bond movie. However, it was taking too long to program in every person who needed access into the system, so they had simply propped the door open with a bucket. The inside of the room was just as scary. I walked past DOS machines, Windows 95 "servers", and I saw at least one NT 3.x machine. This was in 2005.
  Eventually, I got around to planning the AV software upgrade. Except it wasn't. It was first-time-install, because the majority of their servers had no AV. The amount of work required to verify compatibility during for a the rollout was deemed too expensive, and I never did get to install the AV software. They did buy the licenses though, so it's entirely possible they installed it themselves. It's possible, but I wouldn't bet on it.
Well . . . by arizwebfoot · 2008-10-10 04:38 · Score: 5, Funny

while also trying to keep the news from leaking to the public

Oops

--
Oh Well, Bad Karma and all . . .

--
Beer is proof that God loves us and wants us to be happy.
so the chinese orchestrated the market meltdown by circletimessquare · 2008-10-10 04:39 · Score: 4, Funny

previously, i thought the markets were melting down due to gay marriage
perhaps this is the obvious run up to 2012 and the end of the mayan calendar
paranoid schizophrenics, want to help me out here?

--
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Funny the Email is referencing External webmail by phantomcircuit · 2008-10-10 04:41 · Score: 5, Informative

Well of course I can't be certain but this appears to be ntohing more than a breach of their email system (encrypt your damn email people).
From the leaked memo "MD and CIO has directed that all external Webmail accounts be disabled immediately for all staff who have not changed their passwords yet"
1. Re:Funny the Email is referencing External webmail by Anonymous Coward · 2008-10-10 04:58 · Score: 3, Informative
  
  Uhh you fail at reading, from TFA:
  "In plainspeak: "They had access to everything," says the source. "They had the keys to every room at the bank. And we can't say whether they still do or don't until we fully and openly address what's happening here."
Fox is like the National Enquirer by NobleSavage · 2008-10-10 04:42 · Score: 4, Insightful

I'd really like to read about this from a source other than Fox news.
1. Re:Fox is like the National Enquirer by eln · 2008-10-10 04:49 · Score: 5, Funny
  
  Hi.
  Apparently, the World Bank is under cybersiege in an "Unprecedented Crisis". Turns out they've been hacked repeatedly, apparently from China.
  I have a 5 digit Slashdot ID, so I think you can count on me being a reliable source. I got the information from a Slashdot story as well, so you can be pretty certain it's completely accurate.
2. Re:Fox is like the National Enquirer by binaryspiral · 2008-10-10 04:55 · Score: 5, Funny
  
  I'd mod you up, but I read on Fox News that Slashdot was full of Chinese hackers.
3. Re:Fox is like the National Enquirer by doomicon · 2008-10-10 05:03 · Score: 5, Funny
  
  To add more credibility, I concur with my fellow poster with my 4 digit ID.
  
  --
  
  Awesome!
4. Re:Fox is like the National Enquirer by iplayfast · 2008-10-10 05:07 · Score: 5, Funny
  
  I'd mod YOU up but I heard that moderators were full of Chinese hackers.
  (oops did just say that out loud?)
5. Re:Fox is like the National Enquirer by ScrewMaster · 2008-10-10 05:16 · Score: 5, Funny
  
  And I'd mode you up, but I heard that the moderators are Chinese hackers.
  
  Which would probably explain a lot.
  
  --
  The higher the technology, the sharper that two-edged sword.
6. Re:Fox is like the National Enquirer by ScrewMaster · 2008-10-10 05:17 · Score: 4, Funny
  
  Yes, well, all that 4 digit ID means is that you've wasted that much more of your life than I have.
  
  --
  The higher the technology, the sharper that two-edged sword.
7. Re:Fox is like the National Enquirer by Electron · 2008-10-10 05:35 · Score: 5, Funny
  
  I'm just here to say these two young slashdotters have definitely seen the truth, though they still have a lot to learn from us 3 digit IDers.
8. Re:Fox is like the National Enquirer by An+ominous+Cow+art · 2008-10-10 05:41 · Score: 4, Funny
  
  My id has only three distinct numbers, can I be an honorary 3-digiter?
9. Re:Fox is like the National Enquirer by Greyfox · 2008-10-10 05:44 · Score: 5, Funny
  
  Ni hao! I has MOD POINTS for sale! +1 insightful 5 dowwah! Oh no, I posted in the article!
  
  --
  I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
10. Re:Fox is like the National Enquirer by Electron · 2008-10-10 05:49 · Score: 5, Funny
  
  I shall send word of you to the Council.
11. Re:Fox is like the National Enquirer by keithjr · 2008-10-10 06:14 · Score: 5, Funny
  
  And I'd mod you up, but I don't have any mod points.
  
  They were stolen by Chinese hackers.
12. Re:Fox is like the National Enquirer by Samizdata · 2008-10-10 08:53 · Score: 3, Funny
  
  Hello, Slashdot Customer Support? I would like to report GreyFox (87712) for mod point spamming? He also offered me the lowest cost to powerlevel me down to a 4 digit User ID. Please ban him.
  
  --
  It's not the years, honey, it's the mileage. - Colonel Henry Walton Jones, Jr., Ph.D.
Blaming the Chinese is useless by Progman3K · 2008-10-10 04:42 · Score: 4, Insightful

First thing I would do is launch my attack from a compromised host in country X while being in country Y

--
I don't know the meaning of the word 'don't' - J
reputable source? by Bearpaw · 2008-10-10 04:43 · Score: 4, Insightful

Does anyone have a link to a story on this from a reputable news source?
0wn3d by modemboy · 2008-10-10 04:44 · Score: 5, Informative

Damn, they got owned completely, 3 different times. Someone in their security department needs to get a clue. Somehow their offsite data store got accessed, then an IT consultant worker key logged them, and finally they got in again through a third party and escalated to admin rights.
3 different attack vectors, all completely successful. That is just kinda pathetic...
1. Re:0wn3d by necro2607 · 2008-10-10 04:57 · Score: 3, Insightful
  
  Frankly, it doesn't surprise me. As far as I've ever determined, if someone with extremely sophisticated knowledge of computer networks and OSes wants to get into a system, they will find a way. Especially a country with the population of China - can you imagine the size of computer-based espionage departments they could have going no problem? I used to know guys who were insanely skilled with finding exploits by just browsing through source code. I thought it was insane - I'd never know how to figure that out, but they would always find some minor flaw that was exploitable. Imagine a freaking team dedicated to doing that. Or even a team that takes network hardware components that are known to be used by this bank (that information can be easily gained via social engineering, no question). Reverse engineer the network hardware's firmwares etc., or even better, social-engineer the manufacturer to get in-detail system specs. I mean.. seriously, I'm not surprised at all, because someone (or some group of people) who's determined, organized and skilled enough could break into any damn system they wanted. That said, it's still fucking horrible and frustrating that such ultra-sensitive data is basically a "free-for-all" for someone for the past year or however long.
2. Re:0wn3d by IchNiSan · 2008-10-10 05:45 · Score: 4, Insightful
  
  OR, maybe the world bank just bought some "cisco" security devices. You know, the ones made in china?
Before anyone mods the parent down.... by Anonymous Coward · 2008-10-10 04:47 · Score: 3, Interesting

Jim Rogers, Adventure Capitalist and Fox News business commentator, has said the same thing. What I'm trying to say is that the parent is not some leftist nut.
1. Re:Before anyone mods the parent down.... by Angostura · 2008-10-10 05:01 · Score: 4, Insightful
  
  Actually, I never assumed for a moment that the parent was a left wing nut. I assumed he was a right wing nut. There is a certain section of conservative opinion that believes any international multilateral body (I'm looking at you, U.N) is the spawn of satan.
2. Re:Before anyone mods the parent down.... by flitty · 2008-10-10 05:29 · Score: 4, Insightful
  
  The World Bank and the IMF are infamous for requiring Countries to De-Nationalize resources, requiring that foreign Nationals can buy up once publicly owned companies, and turning social Democracies into lasse-faire capitalist countries in return for their "aid". See: Poland, Indonesia, Chili, Argentina, South America, etc. This usually causes real wages to fall, unemployment to increase, and the reduction of land ownership by locals.
  
  --
  Whether or not there is some sort of god, I'm not supposed to say/god is a word and the argument ends there-Smog
3. Re:Before anyone mods the parent down.... by megamerican · 2008-10-10 05:40 · Score: 5, Informative
  
  That's not at all what actually happens. You should read John Perkins' book Confession of an Economic Hitman
  You can find interviews of him explaining it all over the internet. It has nothing to do with "lasse-faire" capitalism.
  The IMF/World Bank gives a country (normally with a valuable natural resource) a loan it knows it can't pay off to build infrastructure that benefits only a few big corporations, normally foreign. Once the country defaults, the banks get the country to sign over its infrastructure and natural resources to them and other corporations.
  That isn't capitalism of any form. It is legalized theft.
  
  --
  If you have something that you dont want anyone to know, maybe you shouldnt be doing it in the first place -Eric Schmidt
Dear World Bank by Anonymous Coward · 2008-10-10 04:49 · Score: 5, Funny

I hear you have an opening for a security expert...
1. Re:Dear World Bank by Narnie · 2008-10-10 04:58 · Score: 5, Funny
  
  I know this one admin from SF that's a real whiz about network security. They even fired him for it.
  
  --
  greed@All_Evils:~#
Re:I Hope They Destroy This Monster by grub · 2008-10-10 04:52 · Score: 5, Funny

It is Satan's rectum, poised over the third-world.

Best slashdot line in ages.

--
Trolling is a art,
Security? by cdrguru · 2008-10-10 04:54 · Score: 4, Insightful

Face it, no matter how secure a system is, if it is usable by humans it can be breached. Easily.
There is anywhere from a 100 to 1000 hackers/crackers/slimeballs out there that are ready and willing to take on each and every system. Ones that claim to be "secure" are just a bigger target. There is no such thing as a completely "secure" system that is usable and accessible by ordinary humans. True security would require controlled physical access, multiple authenticating factors, and so on. None of this is going to happen for an accessible system usable by "ordinary humans".
About all that is realistic is to minimize the damages. Face the fact that if you are a target you are going to lose. Try not to lose too much.
Prosecution of the break-in? Forget it. It's the Internet. It is International. If it looks like it is coming from China, it could be real or it could be a proxy. There are no effective International laws that will assist in any sort of prosecution. There is no supra-national police force that will break down the door of the cracker and haul them away. Nothing is going to happen. Unless the guy is a complete idiot that brags about it.
Sensitive data? by Bromskloss · 2008-10-10 05:06 · Score: 3, Insightful

sensitive data about the economies of every nation
What's so sensitive about the economy of a nation that it must be kept secret, thereby not even allowing the nation itself (the people) to know about it?

--
Swedish plasma phys. PhD student; MSc EE; knows maths, programming, electronics; finance interest; seeks opportunities
Re:First post??? by smooth+wombat · 2008-10-10 05:07 · Score: 3, Insightful

Russia is almost immune to this crisis.
I hope you were being sarcastic because Russia is nowhere near immune from what is going on. In fact, they keep closing their stock market because of what's going on.

--
We will bankrupt ourselves in the vain search for absolute security. -- Dwight D. Eisenhower
Urgent message to mods re: Satan's rectum by Anonymous Coward · 2008-10-10 05:22 · Score: 5, Insightful

It is Satan's rectum, poised over the third-world.
Best slashdot line in ages.
Please, please, please mod parent comment down. The last thing we need is for the phrase "It is Satan's rectum, poised over ..." to become a new Slashdot meme.
I mean can you imagine:
- an item about Linux and posts like "It is Satan's rectum, poised over capitalism";
- an item about fascism and posts like "It is Satan's rectum, poised over our freedoms";
- an item about the Cheney/Bush government and posts like "It is Satan's rectum, poised over privacy and the U.S. Constitution"
- an item about a new Windows version and posts like "It is Satan's rectum, poised over the computer world";
Yech! Please stop it before it starts!
1. Re:Urgent message to mods re: Satan's rectum by Satan's+Rectum · 2008-10-10 06:27 · Score: 3, Funny
  
  Sir, I beg to differ....
Possibly. by jd · 2008-10-10 05:58 · Score: 3, Insightful

It is interesting, though, that it has been about a year since the current run on the stock markets and world finances began. (The current credit crunch, if you look at the graphs, is simply a continuation of a trend that began probably about April last year.)
Now, to use the oft-quoted "correlation does not prove causation", it would be totally absurd to say that the coincidence of dates proves the current problem is related to the cyber-attacks. Lots of things probably happened in April of last year. To pick one out, just for the sake of picking something, would be stupid. However, if I were in charge of IT security at the World Bank, I would be wanting to know if sensitive or classified information was continually exposed over that period that would permit someone to destabilize things.
It's almost certain that unencrypted sensitive information would be present on e-mail servers, which is stupid and naive, and members of the World Bank who don't make use of secure methods of communication for sensitive material should be made to walk the plank regardless of whether any harm was done. The IT managers who allowed unencrypted data to be present and who did not properly install suitable intrusion countermeasures should follow shortly thereafter. In the (extremely dubious and unlikely, but arguably possible) circumstance that the crisis is related to the infiltration, then the game changes from a mere fix-things-up and discipline-the-bastards scenario to a more severe lockdown-the-damn-network-now-defcon-1 type of situation.
The former simply means you need to apply suitable patches and/or servers, and maybe hire a pirate ship to escort the former employees to shark-infested waters. Since this is the most likely situation by far, that's all they need to do. But concealing it hasn't helped them apply the measures they needed, or the attacks could not have continued the moment it tripped the first intrusion detector. In this case, the secrecy has caused severe harm to the World Bank, but probably nobody else. Like I said, this is the most likely.
The worst-case is that we're seeing a positive feedback loop. Sensitive/classified information on volatile situations that could cause those situations to get considerably worse being posted, then lifted and used to do exactly that, causing people to post even more such information, and so on. Positive feedback loops are not simply a technological problem but an entire attitude problem and social engineering problem. That requires more than IT security, because IT security can't debug or firewall the brain. Yet. Such a loop might easily require a complete organizational shutdown, because no amount of patching will help. It needs a major attitude shift - not just on the part of internal employees but also on the part of all countries involved - and that takes time. If it's the mind that's the vulnerability -AND- it is causing massive devastation, the World Bank would have to shut down all operations completely. Otherwise, you can't guarantee killing the loop. The chances this would need to happen are extremely slim, but as I said, it is technically possible, and you can't afford to be piecemeal when it comes to such scenarios.
If it's so unlikely, why mention it at all? Because the timing -is- interesting (a crisis is uncommon, so two parallel financial crises should raise eyebrows), along with the fact they even see it is as a crisis is exceptionally interesting, the fact that their response has been one of paralysis (suggesting a non-trivial people problem, rather than an idiotic individual or an unpatched machine), and the fact that everyone else's management of their perceived problem isn't managing it in the least, is suggestive that (a) the wrong problems are being fixed, and (b) that there is a lot of pressure to avoid fixing - or even seeing - the right problems. Suggestive isn't proof, of course, which is why I'm more interested in whether they're even looking to see if this is a possibility.

--
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
What??? Where do you get that? by Anonymous Coward · 2008-10-10 06:43 · Score: 4, Insightful

The world bank makes HUGE loans to entire nations and imposes draconian reform rules and regulations, requires real assets as collateral, usually the target nation's most valuable raw resources, and charges interest. If that ain't a bank of sorts, what is?
1. Re:What??? Where do you get that? by GrumblyStuff · 2008-10-10 09:22 · Score: 3, Insightful
  
  Mafia?
2. Re:What??? Where do you get that? by lysergic.acid · 2008-10-10 12:18 · Score: 4, Interesting
  
  it's interesting that this is called the "World Bank" as if it's some kind of intergovernmental financial organization and has been given the power to dictate the domestic policies of entire nations. however, the World Bank operates without transparency, is not subject to public oversight, and its executive directors are not elected nor government appointed. it's technically a "non-profit" organization, but the reigns of power are held by industry heads who use it to advance their own financial interests, often at the cost of developing nations who have pretty much no say in the World Bank's decisions.
  it's scary how much power and influence the neo-cons have been able to acquire while completely bypassing the democratic process. it's no wonder more and more people are questioning the legitimacy of the World Bank as well as the IMF.
3. Re:What??? Where do you get that? by TapeCutter · 2008-10-10 15:53 · Score: 4, Insightful
  
  "If that ain't a bank of sorts, what is?"
  
  1. An agency mandated to have a US citizen leading it, it's purpose is to hide the identity of predatory lenders who blackmail impoverished governments via their tresuries. Largely financed by the industrial/military complex to keep the oil flowing to the military/industrial complex.
  
  2. An agency that used the Bretton Woods system to rebuild western Europe, and has gone on to bring democracy, wealth and good govanance to much of S.America, S.E Asia, and Eastern Europe.
  
  I have heard "the road to hell is paved with good intentions" and suspect both definitions are correct at one time or another.
  
  --
  And did you exchange a walk on part in the war for a lead role in a cage? - Pink Floyd.
Opportunistic conmen by TheLink · 2008-10-10 06:53 · Score: 3, Insightful

Well keep in mind in the 1997 Asian Financial Crisis the IMF recommended the Asian Governments to do about the opposite of what the USA is doing now.
http://en.wikipedia.org/wiki/Asian_financial_crisis
"The IMF's support was conditional on a series of drastic economic reforms influenced by neoliberal economic principles called a "structural adjustment package" (SAP). The SAPs called on crisis-struck nations to cut back on government spending to reduce deficits, allow insolvent banks and financial institutions to fail, and aggressively raise interest rates."
Raise interest rates, allow insolvent banks and institutions to fail (even if they are "too big to let fail"). And allow them to be bought up by foreigners. How'd the USA like it if AIG got bought up by China/Japan (they do have enough money, it's just that they know it'll annoy their number 1 customer ).
Go compare what the USA is doing now to the IMF's recommendations in 1997.
So, forgive me if I see the IMF as evil. The World Bank? Probably the other arm ;).
They're both just tools for the US to increase its power over the rest of the world.
--
- Too many replies beneath your current threshold