Hackers breach Reserve Bank

[security curmudgeon <jericho () attrition org>]

---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.theage.com.au/it-pro/security-it/hackers-breach-reserve-bank-20130311-2fv8i.html

By Lia Timson
IT Pro Editor
March 11, 2013

Hackers penetrated computers at the Reserve Bank of Australia in a "highly 
targeted" and "plausible" email phishing scam targeting employees.

The incident, reported in the Australian Financial Review on Monday, took 
place in November 2011. Details of the attack were included in a FoI 
request by another party and released by the RBA in December 2012.

The Bank's incident report shows a targeted malicious email was sent to 
several staff on November 16 and 17, including senior management up to 
heads of department. It was titled "Strategic Planning FY2012" and 
included a link to a zip file containing a trojan.

The email used a "possibly legitimate external email address purporting to 
be from a senior bank employee. It included a legitimate email signature 
and plausible subject title and content," the report stated.

[...]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges.