You might suppose that with inquiries underway into the scandals surrounding the UN Development Program activities in tyrannies such as Burma and North Korea, the UNDP would be at pains to preserve its records for investigators. After all, when the UNDP Cash-for-Kim scandal broke in January, Secretary-General Ban Ki-moon promised to get to the bottom of it, and the UNDP’s number two man, Ad Melkert, promised full transparency, saying “You ain’t seen nothing yet.”
Guess again. Shades of the grand shredding that went on three years ago in Kofi Annan’s executive suite as the UN’s Oil-for-Food inquiry revved up, it turns out the UNDP, flagship agency of the UN, has been quietly arranging to scrap computer equipment that might just contain some awfully interesting records. Internal UNDP documents show that in September the UNDP approved an arrangement to dispose of a batch of used computer equipment, including 11 servers, 4 scanners and 6 printers – all on grounds that the items were bought “in or before 1999,” could not be sold on the used market, and “it would take a lot of our resources to donate this equipment.” See item #2 in this UNDP document, and check out this “Headquarters Request for Asset Disposal…” .
We don’t know what’s on these 11 servers, or what has flowed through the 6 printers over the years. Nor do we know what else, if anything, the UNDP in the name of housecleaning might be flushing down the Memory Hole. But surely it’s worth finding out? If this equipment holds any records whatsoever, it is highly relevant to any serious inquiry that these servers could have been used starting as early as the 1990s, and onward, which for the UNDP was a busy time in Pyongyang. For instance, that would cover at least part of the time frame in which the UNDP was shoveling money to its Pyongyang office via Macau’s Banco Delta Asia – a bank later designated by the U.S. Treasury as “willing to turn a blind eye to illicit activity, notably by its North Korean-related clients,” as detailed in March, 2007 by Treasury’s Stuart Levey, Under-Secretary for Terrorism and Financial Intelligence.
Even if these servers and related equipment had nothing directly to do with North Korea, it is worth keeping in mind that the UNDP runs a global network — in which many projects interconnect. Is it possible these aging computer servers might have been involved in any of the exchanges involving counterfeit U.S. $100 bills in the UNDP’s Pyongyang office safe? Or do they perhaps document any portion of the flow of resources, via the UNDP, to Kim Jong Il’s regime?
Or did these servers perhaps have some relevance to the period in which Kofi Annan’s special adviser and envoy to the Korean peninsula, Maurice Strong, was visiting Pyongyang and arranging energy-related projects with North Korea via his Kofi-Annan-approved backshop, the Costa Rica-based University for Peace?
It is of course possible that this computer equipment contains nothing but acres of tedious UN bureaucratese, and the UNDP is just trying to clear up some clutter. But is that a sure bet? There was something seriously wrong enough with the UNDP operation in North Korea that after Cash-for-Kim spilled into the media in January, the UNDP in March made the extraordinary move of closing down its Pyongyang office. Even more curious, North Korea — while wide open to UN aid — has refused to allow UN auditors in to investigate operations of the UNDP’s former operations in Pyongyang (or so the UN tells us). And somehow the UNDP has been unable to ship some of its office files out of North Korea so auditors can review them in New York. Instead, we are told by the UNDP that these files are now sitting safe and sound (and unaudited) in the offices of the UN’s World Food Program in Pyongyang.
Somehow, the UNDP seems incapable of extracting its own files from within the borders of North Korea, a UN aid client. That is especially weird, because there was apparently no problem about shipping (at exorbitant cost) U.S.-bashing books into North Korea, courtesy of the UNDP, even after the UNDP had closed its office in Pyongyang.
About the same time, the UNDP fired a whistleblower, former chief of its operations in North Korea, Tony Shkurtaj. He appealed to the UN Ethics Office, which determined that he had a legitimate grievance and deserved whistleblower protection. The UNDP rejected that finding, by way of rejecting any jurisdiction by the UN Ethics Office (which was supposed to have been one of Kofi Annan’s landmark reforms). Ban Ki-moon, who had initially promised a system-wide audit, and has been reneging all year on that promise, signed right on to the notion that the UNDP could blithely ignore the Ethics Office of the UN Secretariat. And the UNDP, in the grand UN tradition of Conflicts-of-Interest-R-Us, then announced it would hold its own inquiry into allegations of UNDP abuse.
Which brings us back to that UNDP computer equipment slated for quiet disposal. With UN auditors apparently barred from visiting North Korea to look into the UNDP’s former operations there, one might naturally hope the UN — and the UNDP management in particular — would be eager to preserve anything that might help provide a record of UNDP communications and office records going back to the 1990s.
But here we are, with the UNDP, while conducting its own inquiry into itself, arranging to scrap the servers of those years in which millions in hard cash were allegedly flowing through the UNDP — against UN rules — to Kim Jong Il, while counterfeit U.S. banknotes — against UN rules (and U.S. sovereign interests) –were reposing in the UNDP Pyongyang office safe.
If the UNDP’s problem is storage space, I’d guess there are any number of media outlets, not to mention congressional offices, that might be willing to clear some shelf space for those old UNDP servers. And if the problem really is, as the UNDP internal document says (linked above), that it would take a lot of UN resources to donate this equipment, surely there are a couple of tech-wizard bloggers out there who might be willing to help the UNDP warehouse its old servers? — and save what might be irreplaceable but evidently inconvenient UNDP archives from imminent destruction.
Or, if the UNDP has any reason to suggest that the equipment has been destroyed already, would Mr. Dervis like to explain to us why, with so many questions still unanswered, the UNDP found it so urgent to dispose of these items?
Digg This
del.icio.us
PJM Home
8 Comments
1. Don Bennett:Claudia, Thanks for keeping this story alive. We hear nothing about this from the MSM which I’m not surprised, of course. It’s just so frustrating and maddening that this type of behavior just keeps happening over and over again. And with no consequences whatsoever.
Keep up the great work,
Don Bennett
Nov 25, 2007 - 1:50 pm 2. Jonathan Vickery:Kurtistown, HI
I have followed your writings for several years and continue to be amazed at the content and thoroughness of your articles and columns. God bless you, and keep up the good work that you do.
Nov 25, 2007 - 8:26 pm 3. Alex Reed:Were we to enquire, “Watchman, what of the night?” over at UNDP, what tales might be told…..
There are a few of things that come to mind after a quick look at the Asset Disposal Request, pages 1 & 2.
The bad news first — before anyone gets into their ninja outfits or gets all lawyerly on UNDP……
• As you note, these documents date from September, 2007. I don’t know at what stage in the UN disposal process the Disposal Request comes in. However, at some point, either before or after the Disposal Request is signed, any IT department would carefully wipe all hard drives before final physical disposal of such equipment. In the case of such presumably sensitive UNDP information (Ha!), I would expect them to overwrite the hard drives at least 7 times (this would meet the U.S. Department of Defense 5220-22-M standard for securely erasing disks). However, software is readily available that would overwrite 35 or 50 times. That many overwrites would be very, very time consuming — but then, they’ve had since January, 2007, when the Cash-for-Kim story broke, to do the deed. Once the overwrites are done, for the very determined and thorough tidy-upper, there’s the option of the old sledge-hammer technique for the hard drives. But if the UNDippies are truly professional about their disposals, after all the overwrites have been done, the final repose of the hard disks would see them make their departure Viking-style across the waters of the Hudson River….. to keep a rendez-vous with Tony Soprano’s friend in the car compactor business who would send them through his metal grinder first, and then into the compactor to become one with a late model Escalade and other biodegradable sundries. If UNDP were this good, the hard drives, by now, would have been ground up/squished/melted/reformed, and currently would be rolling down Solano Avenue in the People’s Republic of Berkeley as a Toyota Prius. In reality, they don’t have to be that good because they have the luxury of operating in total secrecy. And since the mandarins in charge of our esteemed State Department appear quite unperturbed by UNDP chicanery, and are too busy selling out Israel at the moment anyway, UNDP looks to be able to continue on its merry secret way.
• It would be good to know when UNDP decided to replace all these servers en masse — before or after Cash-for-Kim burst upon the world? When was the replacement equipment ordered? When did it arrive?
Now for some, perhaps, slightly better news…..
• Even if the original hard drives and their contents have been destroyed, there must be back-ups that were done, day by day, of all the information on all the servers.
• Now the UNDP administration (o.k., Dervis & Melkert) has proved itself to be world-class in at least one department: high-handed arrogance. But even they would not be stupid enough to destroy all the original backups just to destroy the documents that could give them problems. That would tear the lid off once and for all. That’s one thing that would light a redhot fire under Congress — and then say farewell to all UNDP funding from the U.S. and our allies.
• Perhaps the back-ups could be altered and some inculpatory documents erased, but this could be detected, and whatever was erased could probably be recovered. To irretrievably erase every damning document for a period that ran to many years, and to do so without destroying everything, would be a physical impossibility — even with an army of IT guys working 24/7 since last January.
• Unfortunately, to go through all those back-ups and find the smoking gun documents would also require an army of IT people working 24/7 — and knowing what to look for. But then, isn’t that why we have a U.S. Government?
• Assuming that Dervis and Melkert are not suicidal, and that thus the original day to day server backups do still exist, the big question is, of course, how to get at them. Given the appalling lack of transparency in all other areas of the UNDP set up, I can’t see them suddenly forking over the potential bombshell backups if we simply ask nicely and say please. Can some U.S. government agency, or Congressional Committee get hold of the backups? The Federal Prosecutors in Manhattan? This may be a job for the X-Men!
• I found a couple of details in the second UNDP document worrying. (This is the “Minutes OIST CAP Committee Meeting No. 018″ Held on Wednesday, 12 September 2007.)
Nov 26, 2007 - 4:46 am 4. Phineas Worthington:• In the first paragraph, they request the nice round figure of $500,000 (American taxpayer dollars at work!) for “various products and services, including but not limited to” Symantec anti-virus software, and Veritas NetBackup. The very vague “various products and services” and the very lawyerly “including but not limited to” could cover quite a bit of nasty terra incognita. It would be good to know just what exactly were ALL the “products and services” included in this $500K shopping spree.
• The second point of concern I have is about the proposed purchase of Veritas NetBackup software. Why, if they were about to dispose of the 11 servers (which originally cost about $265K), do they need the Veritas NetBackup software? To go with what equipment? What variety of server is replacing the old stuff? What was the Veritas NetBackup software supposed to back up? What was the backup software used with the old servers over all the years they were in use up until now? Where are all the old backups? Is part of the $500K in “services” being used to have the old backups somehow “translated” so they can still be accessed by the new servers? It would seem a necessary step in any such wholesale transition to all new equipment. If so, is there any “editing” of content from the original backups going on in order to purge the backups of any inconvenient paperwork? Again where are the original backups? — this should be the first of all questions.
……………………………………………………………………………
One note about the UNDP Pyongyang files. I seem to remember reading an aside buried at the very end of an Inner City Press report this last week that noted that 52 boxes of files/papers from the UNDP Pyongyang office have been shipped to UNDP in Beijing. Wait, here it is, On UN Accountability, Many Words But Few Answers, Growing Mistrust Noted from 20 November 2007: “Meanwhile, UNDP reported (sic) moved 52 boxes of documents from North Korea to its building in Beijing, but will not bring them to New York, on the theory that they could somehow be tampered with. By who?” Another source put the shipment at 59 boxes. Just what the 52/59 boxes of UNDP mystery files contain is not clear. A Beijing tourism note: it is said that Maurice Strong’s office in Beijing is located right across the road from UNDP’s Beijing outpost. Watchman, what of the night?
Even when there is solid evidence of criminal wrongdoing in the UN, there are no consequences. I am starting to understand the legend of Don Quixote better and better.
Thank you for your good work.
Nov 26, 2007 - 8:47 am 5. Maurice Tate:Well, I’m not a blogger but I do have some experience in forensic audits of computer equipment seized in criminal raids. I’d be happy to take those servers off the poor UNDP’s hands.
Nov 26, 2007 - 4:43 pm 6. Geoff Newbury:Hmm, the Disposal Request Form says that the suggested disposition is ‘Discard’. So it is quite possible that these units would just show up in a garbage dumpster. Anyone know anyone who could quietly check out whether these have been in fact been dumped? Because a ‘I can arrange for these to be donated to XXXX University if you just want me to take them away?’ might result in some free servers becoming available. Never discount the power of social engineering.
Nov 27, 2007 - 4:04 pm 7. Alex Reed:I’ve been run over by the march of technology. While the multiple over-writing system for rendering hard drive content unreadable and unrecoverable, as I described in my comment the other day, is standard procedure in most IT situations, a friend who specializes in data recovery just told me that (thanks in part to the necessities of fighting terrorism - and probably to make the lives of corporate spies just a tad easier) special software now exists that can essentially undo/lift even multiple over-writes of a hard drive and make the content readable again. Magic. His suggestion for the only sure way to destroy the content was simply to drill a hole in the drive platter itself to physically destroy the drive. I asked him his professional opinion about my proposed Viking send-off followed by the metal grinder and then the car compactor at the shop of Tony Soprano’s friend. For all my care in the details of of what I thought a fitting and dignified disposal worthy of UNDP, my friend chortled through the phone and said, “I didn’t know Tony did these sorts of rub outs. Will you put in a good word for me the next time I have a special job?” What can one say if the face of such wit! The forlorn conclusion forced upon us is that the next La Rochefoucauld will not be sallying forth from the ranks of data recoverists anytime soon.
Nov 29, 2007 - 12:26 am 8. Grant Barrett:It is, unfortunately, very common to find that is nearly impossible to donate old computers. In my 15-plus years in the tech business, I found again and again that when we were replacing out-dated but perfectly functional computers that we couldn’t give the computers away to save our lives. Charities and not-for-profits want late-model computers like everyone else, it’s extraordinarily expensive to ship computers to foreign countries (not least because of import and export duties and mounds of red tape), schools often don’t have the space, manpower, or funds to handle an influx of additional computers, etc., etc., etc. We had charities with *no* computers at all tell us that they’d rather we give them the equivalent dollar value of the old computers in cash so they could buy one or two new ones rather than take 15 to 20 old ones from us. (In truth, computers depreciate to a value of $0 in about three to five years.) So I could see how the asset disposal is an ordinary act with no implications at all for any kind of scandal.
Regarding wiping drives: Drilling the platter works, but so does a degausser. Our practice was to remove all drives from all computers before disposal and to store them away in a safe. We never new when they might become important again.
Nov 29, 2007 - 8:21 am