Hacking government offices and corporate offices has become a routine now. After a lot of reputed organizations and government agencies reported attacks on them, it is the chance of the Reserve Bank of Australia. The RBA from Australia has reported that it was attacked by hackers, but it also says that no information from the bank was stolen.
When asked by the media if the attacks were from the Chinese hackers like all other hacking attacks in the recent times, the spokesperson of the bank refused to comment. Beijing has already stated that it is not responsible for any of these attacks and in fact, China itself has been a victim of computer hacking, and mostly from India.
The Reserve Bank of Australia released a few documents under the Freedom of Information act, and these documents reveal that the bank was attacked on the 16th and 17th of November, 2011. The hack was done via email, which contained a link to a compromised website which would download a compressed file containing the executable file of the malware. And this threat was not detected by the anti virus software used in the bank. Reuters writes:
An email titled “Strategic Planning FY2012” was sent to several RBA staff up to department heads and was opened by six of them, potentially compromising their workstations. The email purported to come from a senior staff member at the bank and came from a “possibly legitimate” external account.
All of these six workstations did not have administrative rights, which has prevented the malware from distributing itself on the network.
“The email had managed to bypass the existing security controls in place for malicious emails by being well written, targeted to specific bank staff and utilized an embedded hyperlink to the virus payload which differs from the usual attack whereby the virus is attached directly to the email,” according the RBA’s report of the incident.
“Bank assets could have been potentially compromised, leading to service disruption, information loss and reputation,” the report noted.