Fox News has reported that published internal World Bank memos show the bank had been attacked and hit not once but several times. Last Spring their network received a major spyware infection. At least 2 attacks came from Chinese IP addresses, and a serious incident occurred in July.
In the July incident, at least 5 servers belonging to the World Bank were compromised – each contained “sensitive information”. In the memo, the recommendation was made that the servers concerned might contain malicious code, so they should be completely erased and restored from scratch. An update of all security protocols was also recommended (and presumably carried out!)
But the World Bank repudiates the Fox News report. They say that an email from July which Fox identified as describing an “unprecedented crisis” is untrue. Fox reported the email advocated changing 4,500 passwords to protect systems from a future attack. The World Bank denies this, saying; “The Fox News story is wrong and is riddled with falsehoods and errors. The story cites misinformation from unattributed sources and leaked emails that are taken out of context… Like other public and private institutions, the World Bank has repeatedly experienced hacking attacks on its computer systems and is constantly updating its security to defeat these… But at no point has a hacking attack accessed sensitive information in the World Bank’s treasury, procurement, anti-corruption or human resources departments.”
Of course not. Almost all large organisations suffer from attempted hacking at some stage, and it’s only natural that, like with flying, there will be a few near misses now and again. It doesn’t mean flying’s unsafe, just that accidents can happen but usually don’t.
The World Bank actually is very specific – it lists 4 departments in which a hacking attack has never accessed “sensitive information”. Is this a Bill Clinton type declaration of truth – subtly specific in it’s wording? What about the departments they DON’T list? Methinks maybe they protest too much. After all, they can’t exactly say “yes, it’s dreadful, isn’t it, but don’t worry we’ve fixed it!”
If you want to find out all the latest news on tech why not subscribe to our RSS feed?
Leave a Reply