Australian central bank computers hacked
Computer networks at the Reserve Bank of Australia have been hacked, officials said Monday, with some reportedly infected by Chinese-developed malware searching for sensitive information.Updated: Mar 11, 2013 11:44 IST
Computer networks at the Reserve Bank of Australia have been hacked, officials said Monday, with some reportedly infected by Chinese-developed malware searching for sensitive information.
The central bank revealed the attacks after investigations by The Australian Financial Review found multiple computers had been compromised by malicious software seeking intelligence.
The newspaper said in one attack a Chinese-developed malware spy programme was searching in 2011 for information on sensitive G20 negotiations, where Beijing's exchange rate and currency reserves were on the agenda.
A Reserve Bank official confirmed the G20 virus to AFP and said it was confined to only "a few" computers. The official did not say what information was stolen or who was targeted, and would not confirm the Chinese connection.
A defence department official told AFP the "targeting of high-profile events, such as the G20, by state-sponsored adversaries, cyber-criminals and issue-motivated groups is a real and persistent threat".
"At least 65 percent of cyber intrusions on Australian computers have an economic focus," the official added.
"Cyber intruders are looking for information on Australia's business dealings, intellectual property, scientific data and the government's intentions."
In another sophisticated incident in 2011, revealed on the central bank's disclosure log under its freedom of information obligations, "targeted" emails were received regarding its strategic planning for 2012.
"Malicious email was highly targeted, utilising a possibly legitimate external account purporting to be a senior bank staff member," an official report by the bank's risk management unit said.
"As the email had no attachment, it bypassed existing security controls, allowing users to potentially access the malicious payload via the Internet browsing infrastructure."
Six users clicked on the mail, which had a legitimate email signature and a plausible subject title and content.
"Bank assets could have been potentially compromised, leading to service information loss and reputation (damage)," the official report said.
In a statement released Monday, the bank said it took cyber security and its potential consequences "extremely seriously".
"The bank has comprehensive security arrangements in place which have isolated these attacks and ensured that viruses have not been spread across the bank's network or systems," it said.
"At no point have these attacks caused the bank's data or information to be lost or its systems to be corrupted. The Bank's IT systems operate safely, securely and with a high degree of resilience."
In 2011, the computers of Australia's prime minister plus foreign and defence ministers were all suspected to have been hacked.
Reports and security experts said the attacks originated in China but Beijing dismissed the allegations as "groundless and made out of ulterior purposes".
At the time, Canberra said cyber attacks had become so frequent that government and private networks were under "continuous threat".
It said foreign intelligence agencies, criminal organisations and commercial competitors were all to blame.
Last year, Chinese telecoms giant Huawei was barred from bidding for contracts on Australia's ambitious Aus$36 billion (US$37 billion) broadband rollout due to fears of cyber attacks.
First Published: Mar 11, 2013 11:43 IST