The hackers have come, the hackers have come

It’s almost certain China's army is behind the Reserve Bank hacks. This suggests we have a lot of catching up to do to reach the cyber security level needed for modern warfare.

This morning’s revelations in the Financial Review that the Reserve Bank of Australia has been repeatedly hacked means we can almost certainly now add Australia to the list of 141 countries that have been hacked by China’s Unit 61398.
The AFR has reported that multiple computers within the RBA’s network have been compromised and that it had been infiltrated by a Chinese-developed malicious software, or ‘malware’ spy program, that was seeking intelligence on sensitive G20 negotiations.
Officials from the Reserve Bank’s risk management unit are quoted as saying in a previously unreported Freedom of Information document: “Bank assets could have been potentially compromised, leading to . . . information loss and reputation [damage].”
Last month, in a story headed “The hackers are coming, the hackers are coming” (February 25) I discussed a major report by security firm Mandiant that detailed the activities of what it called Advanced Persistent Threat 1 (APT1, or Unit 61398), a unit of the People's Liberation Army based in the Pudong area of Shanghai.
According to Madiant, the unit maintains access to a victim’s network for an average of 356 days. The longest period it had been inside a foreign network was four years and ten months.
The head of Mandiant, Kevin Mandia, told The New York Times last month that the 141 attacks were those that could be easily identified, but another security expert estimated that Unit 61398 was responsible for thousands of attacks.
This unit has not been identified as the one responsible for the attacks on the Reserve Bank, but it would be incredible if Australia was not part of its activities, since it is one of China’s largest trading partners.
Today’s revelations will send a shiver through the IT departments and senior management of Australia’s largest organisations, especially the banks and other government departments.
All countries, including Australia, must now channel a large part of their defence budget into cyber defence.
It is pointless to spend billions on new aircraft, ships and tanks when a foreign aggressor could cripple the nation by hacking the banking system and shutting it down.
The fact that hackers have been able to penetrate the RBA’s security systems suggests that we have a long way to go in catching up to the level of cyber security needed for modern warfare.
I’m not suggesting that the Reserve Bank hacks are a matter of national aggression from China or anywhere else, but they could easily become that.
After all, why do we spend $35 billion a year on defence if not because of the potential for one of our neighbours to turn aggressive at some point?
It seems clear that China’s Unit 61398 has so far been mainly engaged in industrial espionage – that is, stealing information from competitors and trading partners – but the Mandiant report concluded that “…the most probable conclusion is that APT1 is able to wage such a long-running and extensive cyber espionage campaign because it is acting with the full knowledge and cooperation of the government.”
The Defence Signals Directorate is responsible for Australia’s cyber defence. At the very least its budget needs to be increased and the resources devoted to cyber defence need to be upgraded.
In addition the banks and utilities need to check their own defences. In the event of a cyber war – and that means any war these days – they will be at the front line.

Want access to our latest research and new buy ideas?

Start a free 15 day trial and gain access to our research, recommendations and market-beating model portfolios.

Sign up for free

Related Articles