The Reserve Bank of Australia (RBA) has today confirmed that it was the victim of a targeted email-based virus attack in 2011 following an Australian Financial Review investigation.
The AFR reported on 10 March 2012 that the central bank had been infiltrated by a Chinese-developed malware program that was seeking intelligence on G20 negotiations.
A incident report summary (PDF) on the RBA’s website dated 17 November 2011 includes details of the targeted attack.
The malicious payload was found to be a compressed zip file containing an executable malware application.
“The email had managed to bypass the existing security controls in place for malicious emails by being well written, targeted to specific bank staff and utilised an embedded hyperlink to the virus payload which differs from the usual attack whereby the virus is attached directly to the email,” read the RBA report.
“It was found that six users had clicked on the malicious link, potentially compromising their workstations.”
In response, an RBA spokesperson confirmed in a statement today that it has “on occasion” been the target of cyber attacks.
“The RBA has comprehensive security arrangements in place which have isolated these attacks and ensured that viruses have not been spread across the bank's network or systems,” the spokesperson said in a statement.
“At no point have these attacks caused the bank's data or information to be lost or its systems to be corrupted. The bank's IT systems operate safely, securely and with a high degree of resilience.”
The RBA spokesperson added that it routinely consults with the Defence Signals Directorate (DSD) and draws on the expertise of private firms. There is also “ongoing” testing of its IT systems and regular training of staff.
Follow Hamish Barwick on Twitter: @HamishBarwick
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.