In response to media reports that the The Reserve Bank of Australia’s network had been compromised, the nation’s central bank confirmed it regularly consults with the Defence Signals Directorate as well as using the expertise of private firms.
The DSD, headquartered in Camberra, Australia, was formed in World War II to work primarily on radio signal interception and direction-finding. In January 2010 the DSD established the Cyber Security Operations Centre focussing on detection and prevention of ICT security threats to critical Australian systems, and coordinate a response to those threats across government and and the private sector.
Media reports today, based on Freedom of Information requests indicate that rather than a full-scale hacking incident, a malware virus was delivered via a compressed ZIP file to a number of computers on the bank’s network, bypassing the anti-virus software in use at the bank. It’s believed six employees opened the email, compromising their PCs which have since been removed from the network. It appears the email was opened as it was well written and addressed to specific staff – as a result it was not easily identified as suspicious by the staff members. The PCs affected did not have administrator rights, so the virus was unable to forward itself or spread on the wider bank network, which may have caused a more widespread issue for the bank.
In January 2013, Australian Prime Minister Julia Gillard announced a new Australian Cyber Security Centre (ACSC) for Canberra, that would use the cumulative resources and skills of a number of organisations with SIGINT and other cyber-security skills. The new Centre will include cyber security operational capabilities from the Defence Signals Directorate, Defence Intelligence Organisation, Australian Security Intelligence Organisation, the Attorney-General’s Department’s Computer Emergency Response Team Australia, Australian Federal Police and the Australian Crime Commission. The centre will analyse the nature and potential extent of cyber threats, and be teh lead organisation in formulating Government’s response to cyber-security threats.
It will work closely with critical infrastructure sectors and industry partners to protect valuable networks and systems. The centre will also provide advice and support to develop preventative strategies to counter cyber threats not only for government but for industry, much as MI5 do in the UK or Homeland Security’s Computer Emergency Readiness Team in the USA.
In 2011-12, there were more than 400 cyber incidents against Australian government systems requiring a significant response by the Cyber Security Operations Centre with over five million Australian citizens falling victim to cyber crime with an estimated cost to the economy of $1.65 billion in 2012.