The Reserve Bank of Australia said cyber attacks on its network haven’t compromised its systems and the central bank has “comprehensive security arrangements” that ensured viruses didn’t spread.
“The bank’s IT systems operate safely, securely and with a high degree of resilience,” the RBA said in a statement on its website. The Australian Financial Review reported today that the central bank’s system was repeatedly and successfully hacked with malicious software developed in China.
Central bank computers were infiltrated by a Chinese-developed software designed to collect information on sensitive G20 negotiations, the newspaper said, citing RBA officials it didn’t identify. The RBA responded by hiring a private security firm to carry out penetration testing, or authorized hacking of its computer networks, to assess its security, the newspaper said.
The bank “routinely consults” with the Defence Signals Directorate, a government intelligence agency, “and draws on the expertise of specialist private firms,” the RBA said in the statement. “There is ongoing rigorous testing of the Bank’s IT systems and regular training of staff.”
The RBA said in a December Freedom of Information disclosure that several of its staff, including senior management, were targeted by “malicious” e-mails on Nov. 17, 2011. The malware was an Internet URL link to a zip file containing a trojan -- a hidden program -- which at the time wasn’t detectable by the bank’s anti-virus scanners, the bank said.