Chinese Attackers Hacked into RBA

RBA (Reserve Bank of Australia) became a victim of multiple hacks unleashed two years back during November 2011. The attacks involved malware that Chinese hackers used. On request by an external entity, the Freedom-of-Information Act was formulated wherein the assaults' thorough information was put down that RBA released during December 2012. Bloomberg.com published this dated March 11, 2013.

It's evident that a personalized phishing electronic mail was dispatched on 16th-17th November 2011 to many employees some of who were chiefs-of-departments as well as senior managers. The e-mail carried the header "Strategic Planning FY2012" while contained one web-link leading onto certain zipped archive actually having a Trojan.

There was also an apparent genuine external e-mail id in the message posing as from one senior person from RBA. Additionally, there was an e-mail signature that looked legitimate along with credible subject line as well as text, the research paper indicated.

Further, according to RBA, anti-virus defenses deployed at the bank couldn't detect the Trojan, which was loaded onto 6 employees' PCs who without hesitance followed the web-link. And as there were no attachments in the e-mail, the message evaded existing filters. The infected PCs were separated and quarantined, while fresh AV software was used.

Moreover, according to the report, the attack might have gained access to bank assets, resulting in service interruption, data leakage and so dampened reputation. However, according to an RBA Spokeswoman on March 11, 2013, the breach caused nil data-theft. Watoday.com.au published this dated March 11, 2013.

The compromise, states the report, prompted a repair requested to the Defense Signals Directorate, nonetheless nothing in detail was provided about the malware's nature other than that it originated from China for gathering confidential information about G20 deals by 19 countries with Australia.

An Official of the Defense Department remarked about the actual and stubborn danger emanating from state-sponsored attacks against crucial events like the G20, reports france24.com dated March 11, 2013.

Incidentally, government-backed intrusion into state departments, private organizations and financial institutions is becoming increasingly prominent following news that Chinese hackers allegedly breached Washington Post, Bloomberg News and New York Times during 2012.

Related article: CNNIC Tries to Justify Its Software

» SPAMfighter News - 3/16/2013