World Bank bans Satyam Computers for hacking

By Staff

Published: Saturday, October 11, 2008, 11:57 [IST]

New York, Oct 11: Indian software major Satyam Computer Services has reportedly been banned from doing any off-shore work with the World Bank after forensic experts and bank investigators discovered that spy software was covertly installed on workstations inside the bank's Washington headquarters, allegedly by one or more contractors from Satyam Computer Services. According to a FOX News report, apart from Satyam, two IP intrusions have been reported from China, and there have been six intrusions in all.

Investigators say that the software, which operates through a method known as keystroke logging, enabled every character typed on a keyboard to be transmitted to a still-unknown location via the Internet.

Upon its discovery, bank officials shut off the data link between Washington and Chennai, where Satyam has long operated the bank's sole offshore computer center responsible for all of the bank's financial and human resources information.

"I want them off the premises now," World Bank President Robert Zoellick reportedly told his deputies. But at the urging of CIO De Poerck, Satyam employees remained at the bank as recently as Wednesday, Oct 1 while it engaged in 'knowledge transfer' with two new India-based contractors.

Satyam is publicly listed on the New York Stock Exchange and boasts having two billion dollars in sales and more than 150 Fortune 500 companies as clients.

In 2003, Satyam won a lucrative five-year "sole source" contract to design, write and maintain all of the World Bank''s information systems. The contract — which began at 10 million dollars, had grown to over 100 million dollars by 2007. This year, the contract was not renewed. Satyam has declined to comment.

FOX News claims that outsiders have raided the World Bank Group"s computer network —one of the largest repositories of sensitive data about the economies of every nation — repeatedly for more than a year.

It is still not known how much information was stolen. But sources inside the bank confirm that servers in the institution''s highly restricted treasury unit were deeply penetrated with spy software last April. Invaders also had full access to the rest of the bank''s network for nearly a month in June and July.

The crisis comes at an awkward moment for Zoellick, who runs the world''s largest and most influential anti-poverty agency, which doles out 25 billion dollars a year, and whose board represents 185 member nations.

This weekend, the bank holds its annual series of meetings in Washington — and just in advance of those sessions, Zoellick called for a radical revamping of multilateral organizations in light of the global economic meltdown.

Zoellick is positioning himself and the bank as an institution that can help chart a new path toward global financial stability. But that reputation, more than ever, depends on the bank''s stable information infrastructure.

According to internal memos, "a minimum of 18 servers has been compromised," including some of the bank''s most sensitive systems — ranging from the bank''s security and password server to a Human Resources server "that contains scanned images of staff documents."

One World Bank director told FOX News that as many as 40 servers have been penetrated, including one that held contract-procurement data.

It took ten days for bank officials to detect that they''d been invaded. Once they did, they shut down all external servers, except for e-mail — which it turns out the invaders were already using as their entrance point.

A World Bank spokesman, however, rubbished the Fox News story, saying it is riddled with falsehoods and errors.

ANI

Published On October 11, 2008