OZ Central Bank Hacked

Australian Central Bank Hit by Cyberattack

By REUTERS

Published: March 11, 2013

SYDNEY — The Australian central bank confirmed Monday that it had been hit by cyberattacks, but it said no data had been lost or systems compromised.

News from the technology industry, including start-ups, the Internet, enterprise and gadgets.
On Twitter: @nytimesbits.

The central bank, the Reserve Bank of Australia, was responding to a report in a newspaper, The Australian Financial Review, that said the central bank had been repeatedly and successfully hacked and information stolen.

“As reported in today’s media, the bank has on occasion been the target of cyber attacks,” the central bank said in a news release. “The bank has comprehensive security arrangements in place which have isolated these attacks and ensured that viruses have not been spread across the bank’s network or systems.

“At no point have these attacks caused the bank’s data or information to be lost or its systems to be corrupted.”

Hacking attacks on governments and corporations have become common, with analysts casting suspicion on China as the source of much of the activity. Beijing has repeatedly denied accusations that it is behind the attacks, saying it, too, is a victim of hacking, particularly from the United States.

The Australian central bank said it routinely consulted with the Defense Signals Directorate, the Australian intelligence agency, to ensure the security of its systems.

Reports released under the Australian Freedom of Information Act showed that the central bank had been the subject of a malicious e-mail attack Nov. 16 and 17, 2011, using a virus that was undetectable by the bank’s anti-virus software.

An e-mail titled “Strategic Planning FY2012” was sent to several members of the central bank’s staff, in ranks as high as department head, and was opened by six of them, potentially compromising their workstations. The e-mail purported to come from a senior staff member at the bank and came from a “possibly legitimate” external account.

The e-mails contained a compressed file with an executable “malware,” or malicious software, application, although the bank would not identify the virus used.

None of the six workstations affected had local administrator rights, which prevented the virus from spreading. The servers were considered compromised and were removed from the network Nov. 17.

“The e-mail had managed to bypass the existing security controls in place for malicious e-mails by being well written, targeted to specific bank staff and utilized an embedded hyperlink to the virus payload which differs from the usual attack whereby the virus is attached directly to the e-mail,” according the central bank’s report on the incident.

“Bank assets could have been potentially compromised, leading to service disruption, information loss and reputation,” the report noted.

The bank took the issue to the providers of its anti-virus software to update its defenses, including scanning for hyperlinks in e-mails and automatically blocking them.

As well as the attempted hacking, the central bank documents also listed a number of potentially embarrassing incidents, including lost laptops and BlackBerrys and the e-mailing of sensitive documents by mistake.

In one incident, a folder containing confidential information was left on the back of an office car by a distracted staff member. When the staff member drove away, a passing motorist raised the alarm that papers had scattered across the road.Most of the papers were recovered after an hour of searching, although some were thought lost in a stormwater drain, “resulting in moderate reputational risk to the bank,” the report said.