Commonwealth Bank of Australia has had a rough couple of days; with high levels of traffic forcing it to take its internet banking service down at times. But what was really going on behind the scenes?
According to the bank's chief information officer Michael Harte, one of the issues was that many of its customers were attempting to get their end of financial year processing done. "Our firewalls were flooded with volume," Harte told ZDNet.com.au this afternoon.
Today, according to Harte, the bank had already seen its normal customer traffic, around 1.2 million separate logins, by around 3:30pm. "We were able to process a record number of transactions," he said. At 9:19 this morning, there were 18,700 concurrent users, 15 per cent above the bank's normal load, a situation Harte described as "success in scale".
But that wasn't the whole story; as the levels of traffic were quite unusual; normally the bank's highest traffic days are Easter and Christmas.
The bank also saw a higher percentage of traffic which it wasn't sure was bona fide. It quickly took steps to quarantine what it believed could be network nasties. "We had to see if it was malicious or not," Harte said.
The end result was that the bank had a scheduled outage. "At three different points we had to take the systems down," Harte said. However, contrary to the popular belief NetBank had been overwhelmed, Harte stressed these were planned actions. He said the system was up and running by 5:30pm yesterday and that it had not needed to be taken down today. As for security breaches, Harte said with confidence there were "none whatsoever".
Over all, we have to keep a trusted environment
CBA CIO Michael Harte
The CIO said that the bank would try to ascertain where the suspicious traffic had come from, but that it hadn't concluded its investigation yet. "You can never be 100 per cent sure where it's come from. Better to quarantine it," he said.
Harte regretted the necessity of taking the system down, but said it was in the best interests of the bank's users. "Over all, we have to keep a trusted environment," he said.
Going forward, CBA will continue to work to minimise occasions where the site has to be taken down via further work into autonomic provisioning to handle peaks and better methods of identifying users who come to the site often.
"You've at least identified them before and from that they're authenticated users," Harte said.