World Bank Under Cybersiege In "Unprecedented Crisis"

← Back to Stories (view on slashdot.org)

World Bank Under Cybersiege In "Unprecedented Crisis"

Posted by kdawson on Friday October 10, 2008 @04:34AM from the wolf-really dept.

JagsLive sends in a Fox News report on large-scale and possibly ongoing security breaches at the World Bank. "The World Bank Group's computer network — one of the largest repositories of sensitive data about the economies of every nation — has been raided repeatedly by outsiders for more than a year, FOX News has learned. It is still not known how much information was stolen. But sources inside the bank confirm that servers in the institution's highly-restricted treasury unit were deeply penetrated with spy software last April. Invaders also had full access to the rest of the bank's network for nearly a month in June and July. In total, at least six major intrusions — two of them using the same group of IP addresses originating from China — have been detected at the World Bank since the summer of 2007, with the most recent breach occurring just last month. In a frantic midnight e-mail to colleagues, the bank's senior technology manager referred to the situation as an 'unprecedented crisis.' In fact, it may be the worst security breach ever at a global financial institution. And it has left bank officials scrambling to try to understand the nature of the year-long cyber-assault, while also trying to keep the news from leaking to the public." Update: 10/11 01:15 GMT by T : Massive spyware infestations might be good cause to reevaluate the TCO of non-Windows systems on the desktop.

22 of 377 comments (clear)

This was bound to happen. by Anonymous Coward · 2008-10-10 04:35 · Score: 5, Insightful

These days financial institutions consider IT (and other) security as something that costs them money, without giving them any benefit.
Will this wake them up?
I hear the question "Can we afford"? when talking about security in IT shops. The question that I am coming back with is "Can we afford not to"?
Just how many more banks machines are compromised? How about Federal and Local Government's machines and networks.
If you had enough financial data somebody could cause an economic collapse - I wonder what it would look like.
1. Re:This was bound to happen. by g0es · 2008-10-10 04:52 · Score: 5, Insightful
  
  These days financial institutions consider IT (and other) security as something that costs them money, without giving them any benefit.
  Will this wake them up?
  I hear the question "Can we afford"? when talking about security in IT shops. The question that I am coming back with is "Can we afford not to"?
  Just how many more banks machines are compromised? How about Federal and Local Government's machines and networks.
  If you had enough financial data somebody could cause an economic collapse - I wonder what it would look like.
  For most financial institutions their primary goal when it comes to information assurance is to pass audits. As you stated security is usually a cost center and they do what ever they can to keep that cost down. This generally means doing just enough work to make them compliant and as well all know, compliant != secure. I do not beleive these incidents will change anything unless the financial institutions are forced to a higher standard. I will continue to hope that they will see the light.
2. Re:This was bound to happen. by wkk2 · 2008-10-10 05:08 · Score: 5, Insightful
  
  Why wasn't all traffic limited to white listed addresses and that traffic limited to VPN connections using tamper resistant encryption hardware?
3. Re:This was bound to happen. by ScrewMaster · 2008-10-10 05:31 · Score: 5, Insightful
  
  Because bankers are traditionally among the cheapest bastards on the planet. Rich people frequently are ... it's part of why they got to be rich in the first place. Furthermore, in the modern world the contents of a bank's hard drives are much more valuable than what's in their steel-lined vaults. I don't think they've fully come to grips with that, or they'd have spent more money on information security.
  
  --
  The higher the technology, the sharper that two-edged sword.
4. Re:This was bound to happen. by bertok · 2008-10-10 11:08 · Score: 5, Interesting
  
  When I was studying computer science at university, I had read about all these fancy cryptographic techniques, and I imagined that banks were these encrypted, firewalled fortresses of IT security, monitored by the most competent, most vigilant administrators.
  I was very wrong.
  Let me tell you about my experience of IT security in banks.
  A couple of years ago, I was sent to one of Australians largest banks. I was there for a 1 week engagement to install the latest virus scanner software on some servers. It sounded like a great opportunity to have a look at some high-end systems and see how they were managed. So I turn up in the morning, and start unpacking my laptop, when the project manager warns me:
  "Don't plug your laptop into the network. We have to make sure you have the latest patches and AV first."
  I fully understood his position, of course, they couldn't just let some random guy plug some a laptop into the network. It was a bank after all, security matters. I was Wrong. He corrected me:
  "Oh no.. that's for your own protection! There's hundreds of viruses on this network, if you plug an unpatched machine into it, it'll be infected in seconds."
  I was stunned. He wasn't even joking. I did plug my laptop in (which was well patched), and ran Ethereal for a few minutes, during which time I saw several viruses attempting to hack my machine. It was incredible. I've never seen that kind of attack rate anywhere, and I've been to large, unfirewalled university networks and school networks.
  In fact, I didn't even really need to plug myself in. There was a WiFi connection available, with an easily recognisable SSID (the name of the bank). Of course, it was unencrypted, unsecured, and plugged directly into the desktop LAN.
  Next, I got a tour of the data center, which was an eye-popping experience in itself. The bank had recently invested in fancy new retina-scanning door locks. It looked like it was straight out of a James Bond movie. However, it was taking too long to program in every person who needed access into the system, so they had simply propped the door open with a bucket. The inside of the room was just as scary. I walked past DOS machines, Windows 95 "servers", and I saw at least one NT 3.x machine. This was in 2005.
  Eventually, I got around to planning the AV software upgrade. Except it wasn't. It was first-time-install, because the majority of their servers had no AV. The amount of work required to verify compatibility during for a the rollout was deemed too expensive, and I never did get to install the AV software. They did buy the licenses though, so it's entirely possible they installed it themselves. It's possible, but I wouldn't bet on it.
Well . . . by arizwebfoot · 2008-10-10 04:38 · Score: 5, Funny

while also trying to keep the news from leaking to the public

Oops

--
Oh Well, Bad Karma and all . . .

--
Beer is proof that God loves us and wants us to be happy.
Funny the Email is referencing External webmail by phantomcircuit · 2008-10-10 04:41 · Score: 5, Informative

Well of course I can't be certain but this appears to be ntohing more than a breach of their email system (encrypt your damn email people).
From the leaked memo "MD and CIO has directed that all external Webmail accounts be disabled immediately for all staff who have not changed their passwords yet"
0wn3d by modemboy · 2008-10-10 04:44 · Score: 5, Informative

Damn, they got owned completely, 3 different times. Someone in their security department needs to get a clue. Somehow their offsite data store got accessed, then an IT consultant worker key logged them, and finally they got in again through a third party and escalated to admin rights.
3 different attack vectors, all completely successful. That is just kinda pathetic...
Dear World Bank by Anonymous Coward · 2008-10-10 04:49 · Score: 5, Funny

I hear you have an opening for a security expert...
1. Re:Dear World Bank by Narnie · 2008-10-10 04:58 · Score: 5, Funny
  
  I know this one admin from SF that's a real whiz about network security. They even fired him for it.
  
  --
  greed@All_Evils:~#
Re:Fox is like the National Enquirer by eln · 2008-10-10 04:49 · Score: 5, Funny

Hi.
Apparently, the World Bank is under cybersiege in an "Unprecedented Crisis". Turns out they've been hacked repeatedly, apparently from China.
I have a 5 digit Slashdot ID, so I think you can count on me being a reliable source. I got the information from a Slashdot story as well, so you can be pretty certain it's completely accurate.
Re:I Hope They Destroy This Monster by grub · 2008-10-10 04:52 · Score: 5, Funny

It is Satan's rectum, poised over the third-world.

Best slashdot line in ages.

--
Trolling is a art,
Re:Fox is like the National Enquirer by binaryspiral · 2008-10-10 04:55 · Score: 5, Funny

I'd mod you up, but I read on Fox News that Slashdot was full of Chinese hackers.
Re:Fox is like the National Enquirer by doomicon · 2008-10-10 05:03 · Score: 5, Funny

To add more credibility, I concur with my fellow poster with my 4 digit ID.

--

Awesome!
Re:Fox is like the National Enquirer by iplayfast · 2008-10-10 05:07 · Score: 5, Funny

I'd mod YOU up but I heard that moderators were full of Chinese hackers.
(oops did just say that out loud?)
Re:Fox is like the National Enquirer by ScrewMaster · 2008-10-10 05:16 · Score: 5, Funny

And I'd mode you up, but I heard that the moderators are Chinese hackers.

Which would probably explain a lot.

--
The higher the technology, the sharper that two-edged sword.
Urgent message to mods re: Satan's rectum by Anonymous Coward · 2008-10-10 05:22 · Score: 5, Insightful

It is Satan's rectum, poised over the third-world.
Best slashdot line in ages.
Please, please, please mod parent comment down. The last thing we need is for the phrase "It is Satan's rectum, poised over ..." to become a new Slashdot meme.
I mean can you imagine:
- an item about Linux and posts like "It is Satan's rectum, poised over capitalism";
- an item about fascism and posts like "It is Satan's rectum, poised over our freedoms";
- an item about the Cheney/Bush government and posts like "It is Satan's rectum, poised over privacy and the U.S. Constitution"
- an item about a new Windows version and posts like "It is Satan's rectum, poised over the computer world";
Yech! Please stop it before it starts!
Re:Fox is like the National Enquirer by Electron · 2008-10-10 05:35 · Score: 5, Funny

I'm just here to say these two young slashdotters have definitely seen the truth, though they still have a lot to learn from us 3 digit IDers.
Re:Before anyone mods the parent down.... by megamerican · 2008-10-10 05:40 · Score: 5, Informative

That's not at all what actually happens. You should read John Perkins' book Confession of an Economic Hitman
You can find interviews of him explaining it all over the internet. It has nothing to do with "lasse-faire" capitalism.
The IMF/World Bank gives a country (normally with a valuable natural resource) a loan it knows it can't pay off to build infrastructure that benefits only a few big corporations, normally foreign. Once the country defaults, the banks get the country to sign over its infrastructure and natural resources to them and other corporations.
That isn't capitalism of any form. It is legalized theft.

--
If you have something that you dont want anyone to know, maybe you shouldnt be doing it in the first place -Eric Schmidt
Re:Fox is like the National Enquirer by Greyfox · 2008-10-10 05:44 · Score: 5, Funny

Ni hao! I has MOD POINTS for sale! +1 insightful 5 dowwah! Oh no, I posted in the article!

--
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Re:Fox is like the National Enquirer by Electron · 2008-10-10 05:49 · Score: 5, Funny

I shall send word of you to the Council.
Re:Fox is like the National Enquirer by keithjr · 2008-10-10 06:14 · Score: 5, Funny

And I'd mod you up, but I don't have any mod points.

They were stolen by Chinese hackers.