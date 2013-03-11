SYDNEY, March 11 Australia's central bank
confirmed on Monday it had been targeted by cyber attacks and
that no data had been lost or systems compromised, but would not
comment on a media report that a malware virus used in one
attack was Chinese in origin.
The Reserve Bank of Australia (RBA) was responding to a
report in the Australian Financial Review newspaper that claimed
the central bank had been repeatedly and successfully hacked and
information stolen.
"As reported in today's media, the Bank has on occasion been
the target of cyber attacks," the RBA said in a statement.
"The Bank has comprehensive security arrangements in place
which have isolated these attacks and ensured that viruses have
not been spread across the Bank's network or systems," the
central bank said.
"At no point have these attacks caused the Bank's data or
information to be lost or its systems to be corrupted."
Hacking attacks on governments and corporations have become
routine, with suspicion falling on China as the source of much
of the activity. Beijing has repeatedly denied accusations it is
behind the attacks, saying it too is a victim of hacking,
particularly from the United States.
The RBA said it routinely consulted with the Defence Signals
Directorate, Australia's intelligence agency, to ensure the
security of its systems.
Reports released under the Freedom of Information Act showed
Australia's central bank was the subject of a malicious email
attack on Nov. 16 and 17, 2011, using a virus that was
undetectable by the bank's anti-virus software.
An email titled "Strategic Planning FY2012" was sent to
several RBA staff up to department heads and was opened by six
of them, potentially compromising their workstations. The email
purported to come from a senior staff member at the bank and
came from a "possibly legitimate" external account.
The emails contained a compressed zip file with an
executable malware application, although the Bank would not
identify the virus used.
All of the six workstations affected did not have local
administrator rights, which prevented the virus from spreading.
The servers were considered comprised and removed from the
network on Nov. 17.
"The email had managed to bypass the existing security
controls in place for malicious emails by being well written,
targeted to specific bank staff and utilised an embedded
hyperlink to the virus payload which differs from the usual
attack whereby the virus is attached directly to the email,"
according the RBA's report of the incident.
"Bank assets could have been potentially compromised,
leading to service disruption, information loss and reputation,"
the report noted.
The RBA took the issue up with the providers of its
anti-virus software to update its defences, including scanning
for hyperlinks in emails and automatically blocking them.
As well as the attempted hacking, the RBA documents also
listed a range of potentially embarrassing incidents from lost
laptops and Blackberrys, to sensitive documents emailed by
mistake.
In one incident, a folder containing confidential
information was left on the rear of an office car by a
distracted staff member. On driving off, the staff were advised
by a passing motorist that papers had scattered across the road.
Most of the papers were recovered after an hour of
searching, although some were thought lost in a stormwater
drain, "resulting in moderate reputational risk to the Bank",
the reports showed.