Share on Google Plus Share on Twitter Share on Facebook Share on LinkedIn Share on PInterest Share on Fark! Share on Reddit Share on StumbleUpon Tell A Friend 3 (3 Shares)  
Printer Friendly Page Save As Favorite View Favorites View Stats   No comments

General News

World Bank Shuffles Staff to Address Cyber-Breaches

By Whistleblower.org Press Release  Posted by Amanda Lang (about the submitter)     Permalink       (Page 1 of 2 pages)
Related Topic(s): ; ; ; ; ; ; ; ; ; ; (more...) ; ; , Add Tags  (less...) Add to My Group(s)

View Ratings | Rate It

opednews.com

World Bank Shuffles Staff to Address Cyber-Breaches

Duties Stripped from Chief Information Officer;

Sources Say Management ‘Looking for Fall Guy’

(Washington, D.C) – In the wake of recent news reports showing serious breaches of the World Bank’s information security system, the Government Accountability Project (GAP) has learned from sources inside the bank, as well as from an internal Bank announcement, that duties have been stripped from the institution’s Chief Information Officer.

According to previous media reports and internal sources, the Bank’s records, which contain sensitive financial information from borrowing and donor countries, were repeatedly and illicitly accessed over the last year. At the same time, the Bank is trying to downplay the attacks, as it positions itself to assume a prominent role in addressing the global financial crisis. This cyber-breach situation raises troubling questions about its future effectiveness in dealing with the crisis.

“Our sources inside the Bank have said management has been looking for someone to take the fall for these breaches,” said GAP International Program Director Bea Edwards. “The World Bank must ensure that its member countries’ financial records are secure. If the Bank can’t safeguard sensitive information, it can’t be trusted to help with the global financial crisis.”

Last night, Bank Manager Juan Jose Daboub sent out an announcement to bank staffers regarding new personnel addressing the security issues. Part of the message was:

At the request of President Zoellick, Van Pulley will take over responsibility for WBG information security effective immediately and until more permanent arrangements are in place. [emphasis added]

The full announcement can be read on GAP’s Web site here: http://www.whistleblower.org/doc/2008/Kiosk.pdf

It is unknown at this time whether current Bank Information Officer Guy de Poerck has been simply stripped of his security responsibilities, shifted to another position, or fired outright.

“This is like locking the barn door after the horse – and the key – have been stolen,” stated Edwards. “It’s is a cosmetic fix. The Bank’s information system has been breached repeatedly for months, and may need a massive overhaul.”

World Bank spokespeople have been denying for months the seriousness of the cyber-incursions. Apparently, sanctions regarding security issues were only applied belatedly to an India-based company stemming from incidents that occurred as long ago as April. At the same time, the Bank has delayed sanctioning five state-owned Chinese companies implicated in wrongdoing. In that case, the World Bank reportedly offered a deal to a reporter if he would delay publication of his story about the sanctions until after the G-20 Summit in Washington two weekends ago.

Daboub, who notified Bank staffers last night about the immediate steps to re-secure the Bank’s information systems, is no stranger to controversy. Last year, during the Paul Wolfowitz scandal, GAP released information showing that Daboub instructed a team of Bank specialists to delete all references to family planning services from a proposed assistance strategy for Madagascar, and later from the Bank’s overall Health and Nutrition Strategy. 


Background

Beginning last month, independent journalist Richard Behar reported that a vendor implicated in a bribery investigation of former Bank Vice President Mohamed Muhsin had apparently installed spyware on World Bank work stations. The ‘key-logging’ spyware would have enabled the company, Satyam Computer Systems, Ltd., to penetrate as many as 40 World Bank servers, gaining access to sensitive financial information about pending loans and contracts.

The World Bank’s statements minimizing the breaches and attacking accounts of them were plainly contradicted by internal Bank memos showing top information technology officers in a state of high alert and alarm. On Friday, November 15, another Behar story reported that, through a World Bank connection, the spyware had also penetrated the information security system at the International Monetary Fund (IMF).

Next Page  1  |  2

 

The views expressed in this article are the sole responsibility of the author and do not necessarily reflect those of this website or its editors.

Writers Guidelines

Contact Editor

Comments

The time limit for entering new comments on this article has expired.

This limit can be removed. Our paid membership program is designed to give you many benefits, such as removing this time limit. To learn more, please click here.

Comments: Expand   Shrink   Hide  
No comments

 

Tell a Friend: Tell A Friend


Copyright © 2002-2014, OpEdNews

Powered by Populum