Satyam may be in the dock over World Bank data security breach
13 October 2008
In the midst of global market mayhem, an issue of considerable importance has escaped the media attention it thoroughly deserved - a security breach in the World Bank Group's computer network, one of the largest repositories of sensitive data about the economies of every nation in the world. More alarmingly, this has been a regular occurrence over the last year, or so Fox News has reported.
It is still not known how much information was stolen. But sources inside the bank confirm that servers in the institution's highly-restricted treasury unit were deeply penetrated with spy software last April. Invaders also had full access to the rest of the bank's network for nearly a month in June and July.
In total, at least six major intrusions, two of them using the same group of IP addresses originating from China, have been detected at the World Bank since the summer of 2007, with the most recent breach occurring just last month. Although the bank has taken pains to undermine the seriousness of the problem, leaked internal memos sent by the investigating team confirm the compromise of data in 18 servers, with five of them being classified as containing ''sensitive data''.
This serious issue apparently has a direct India connection. Hyderabad-based computer services major Satyam has been a vendor for the international bank for quite a long period time and was evidently responsible for many of the compromised systems. As a result, there have been reports in the international media that World Bank has barred it from doing offshore work.
The first breach of the bank's secrets was discovered in September, 2007, after the FBI, while at work on a different cybercrime case, notified the bank that something was wrong. The investigators pointed to a part of the bank's network that led out of the Johannesburg hub of the International Finance Corp. (IFC), a bank arm that lends to the private sector.
The second major breach, of the bank's treasury network in Washington, was discovered in April 2008.And now comes the potentially most harmful bit of news for Indian IT providers. A forensic analysis of the treasury breach supposedly revealed spy software which recorded keyboard entries allegedly installed by one or more contractors from Satyam.