The Reserve Bank of Australia’s computer networks have been repeatedly and successfully hacked in a series of cyber-attacks to infiltrate sensitive internal information. The RBA disclosed to The Australian Financial Review (after their investigation) that multiple computers within the RBA’s network were had been infiltrated by a Chinese-developed malicious software. While no details were given on what information was stolen, a defense department official warned, that "the targeting of high profile events, such as the G20, by state-sponsored adversaries... is a real and persistent threat. Cyber intruders are looking for information on... the government’s intentions." The hack appears related to the 2011 G-20 summit, at which the French government have already confirmed over 150 computers were hacked for months with files "redirected to Chinese sites." Australia’s cyber-spy agency, the Defense Signals Directorate, said “there are many examples of [Australian] entities being targeted due to involvement in high profile events” like the G20. Currency wars meet cyber wars - or is it the other way around?



Via The Australian Financial Review,

The Reserve Bank of Australia’s computer networks have been repeatedly and successfully hacked in a series of cyber-attacks to infiltrate sensitive internal information, including by ­Chinese-developed malicious software.

...

After investigations by The Australian Financial Review, RBA officials disclosed that the central bank had been infiltrated by a Chinese-developed malicious software, or “malware”spy program that was seeking intelligence on sensitive G20 negotiations.

...

The Defence spokesperson did, however, warn that “the targeting of high profile events, such as the G20, by state-sponsored adversaries ... is a real and persistent threat.” “Cyber intruders are looking for information on... the government’s intentions.”



In March 2011, Paris Match revealed, and the French government confirmed, that over 150 computers in its Ministry of Economy and Finances had been hacked for months before the French-hosted G20 summit in February 2011.

Tense negotiations with china

Many confidential government files were then “redirected to Chinese sites”. More than 10,000 state­ computers needed to be shut down.

The 2011 G20 summit involved tense negotiations with China over the level of its exchange rate, currency reserves and trade surpluses, which North Atlantic officials argue are being manipulated to China’s advantage.

...

Australia’s cyber-spy agency, the Defence Signals Directorate, said “there are many examples of [Australian] entities being targeted due to involvement in high profile events” like the G20.

DSD has disclosed that in October 2011 “an Australian government agency was compromised when a socially engineered email was sent to an agency employee who worked on G20 matters”. “This email pertained to be about G20 matters and appeared to come from the employee’s general manager.”

...

Executable Malware Application

RBA officials told the Financial Review that DSD was brought in to fix this problem.



In the incident report, in the FoI documents, the RBA said that over two days in November 2011 “highly targeted malicious emails were sent to several Bank staff, including senior management up to head of department”.

...

Officials from the RBA’s Risk Management Unit said: “Bank assets could have been potentially compromised, leading to . . . information loss and reputation [damage].”



Richard Byfield, a former senior Australian defence official with cyber responsibilities and current government adviser, told the Financial Review central banks and listed companies were cyber targets “because they hold so much confidential information that has the potential to move markets”.

At the time of the November 2011 incident, financial markets were undecided about whether the RBA would cut rates for a second month in succession. The RBA’s board surprised some participants with its decision to lower the cash rate on December 6.



...