SYDNEY, March 11 (Reuters) - Australia’s central bank has been targeted by sophisticated hackers seeking sensitive information which included Group of 20 negotiations, but a bank spokesperson said nothing was stolen.
The Reserve Bank of Australia (RBA) would not comment on a media report that the malware computer virus used in the attack was Chinese in origin.
Hacking attacks on governments and corporations have become routine, with suspicion falling on China as the source of much of the activity. Beijing has repeatedly denied accusations it is behind the attacks, saying it too is a victim of hacking, particularly from the United States.
Documents released under the Freedom of Information Act showed Australia’s central bank was the subject of a malicious email attack on November 16 and 17 in 2011, using a virus that was undetectable by the bank’s anti-virus software.
An email titled “Strategic Planning FY2012” was sent to several RBA staff up to department heads and was opened by six of them, potentially compromising their workstations. The email purported to come from a senior staff member at the bank and came from a “possibly legitimate” external account.
The emails contained a compressed zip file with an executable malware application, though the Bank would not identify the virus used.
Fortunately all of the six workstations affected did not have local administrator rights, which prevented the virus from spreading. The servers were considered comprised and removed from the network on November 17.
“The email had managed to bypass the existing security controls in place for malicious emails by being well written, targeted to specific bank staff and utilised an embedded hyperlink to the virus payload which differs from the usual attack whereby the virus is attached directly to the email,” according the RBA’s report of the incident.
“Bank assets could have been potentially compromised, leading to service disruption, information loss and reputation,” the report noted.
The RBA took the issue up with the providers of its anti-virus software to update its defences, including scanning for hyperlinks in emails and automatically blocking them.
As well as the attempted hacking, the RBA documents also listed a range of potentially embarrassing incidents from lost laptops and Blackberry‘s, to sensitive documents emailed out by mistake.
In one incident, a folder containing confidential information was left on the rear of an office car by a distracted staff member. On driving off, the staff were advised by a passing motorist that papers had scattered across the road.
After a hour of searching most of the papers were recovered though some were thought lost in a stormwater drain, “resulting in moderate reputational risk to the Bank”, the reports showed.