RBA reports cyberattacks, no data stolen

The Reserve Bank of Australia (RBA) has confirmed that it has been "on occasion" targeted by cybercriminals, following emerging media reports of a potential malware virus infection that occurred in late 2011.

According to the RBA, "comprehensive" vulnerability management measures have prevented any viruses from spreading through official networks or systems, and no confidential data has been lost due to the attacks.

"At no point have these attacks caused the Bank's data or information to be lost or its systems to be corrupted. The Bank's IT systems operate safely, securely and with a high degree of resilience," reads a statement released by the RBA on March 11.

"The Bank takes cyber security and its potential consequences extremely seriously."

The RBA claims to have been in consultation with the Defence Signals Directorate – as well as specialist private firms – in order to ensure both IT systems and staff members are adequately mitigating the risk of a cybersecurity incident.

Questions regarding cybersecurity at the RBA first emerged following an article published by the Australian Financial Review (AFR) on March 11, which divulged details of a targeted malware attack on the Bank.

The AFR reported that a piece of malicious software, purportedly of Chinese origin, had successfully compromised multiple computers within the RBA's systems following an email phishing attempt in November 2011.

Each email contained a compressed zip file which, when opened, ran an executable malware application or Trojan that the RBA's anti-virus scanners were not able to pick up, according to the AFR.

"The email had managed to bypass the existing security controls in place for malicious emails by being well written, targeted to specific Bank staff and utilised an embedded hyperlink to the virus payload which differs from the usual attack where the virus is attached directly to the email," reads an incident report released by the RBA following a Freedom of Information request.

"Of note, all of the affected PCs did not have local administrator rights. This prevented the virus in this case, from spreading all around the network."

The RBA reportedly pursued professional penetration testing evaluations following the incident, in order to prevent future such breaches from occurring.

Private organisations within Australia may like to follow in the RBA's footsteps and consider undergoing penetration testing and security audit evaluations of their own.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s