Australian Banks Targeted In Windows Attack

From a press release by ISS (Internet Security Systems):

Internet Security Systems (Australia) Managing Director Kim Duffy said the company’s Global Threat Operations Centre first discovered attacks being launched worldwide late Thursday evening.

“By Friday 8 am the attacks had escalated significantly and by lunch time we became aware that hackers were trying to infiltrate many of Australia’s largest financial institutions,” Mr Duffy said.

“Although many were already protected by us, we took the precaution of alerting them and, as a courtesy, we also faxed Australia’s top 500 private and top 500 public companies” he said.

“Hackers have now developed and published three attack ‘tools’ and, as these tools become more widely available, it is expected that the target base will grow and include government and commercial entities.

“Our Global Threat Operations Centre expects the threats to continue for some days,” Mr Duffy said.

“So far, we’ve monitored many separate attacks on our Australian high profile clients. We know from our colleagues that a number of financial institutions in the U.S. have been compromised and a similar situation could arise here with companies that are not adequately protected,” he said.

The hacker attacks came only hours after Microsoft had announced that it had released an upgrade (known as a patch) to plug a security gap in one of its most popular software applications SSL (Secure Socket Layer).

“Our X-Force research laboratory discovered the flaw in September last year when we informed Microsoft in accordance with our confidential disclosure procedures,” Mr Duffy said.

“These procedures are designed to give vendors like Microsoft as much time as possible to develop and then distribute upgrades to plug any security gaps,” he said.

“A successful attack over the weekend would enable hackers to have full remote control of important servers and have the potential, depending on the target server’s configuration, to compromise an institution’s most sensitive data.

“Whilst the attacks were primarily aimed at financial institutions, the reality is that they could, at any moment, switch to any entity operating with a vulnerable Microsoft SSL (Secure Socket Layer) server,” Mr Duffy said.

Get our Top Stories delivered to your inbox: