AusCERT: Cybercrime levels are "pandemic"

By Ben Grubb on Sep 11, 2009 3:06 PM
Filed under Security

AusCERT calls on the Government to declare an emergency.

The head of Australia's computer emergency response team AusCERT stood before a Federal Government Inquiry into Cybercrime today, seeking both to highlight the pressing need for a national response to the problem whilst simultaneously defending his organisation's role as the nation's first line of defence.

AusCERT general manager Graham Ingram told the Cybercrime Inquiry today that it was impossible to defend Australia's computer systems without a nationally-coordinated approach.

“I’m not here to sell you ... the latest product that’s going to fix the internet,” Mr Ingram told the Standing Committee. "What I’m going to explain to you is where all of this is heading," he said.

Mr Ingram explained to the Federal Government how cybercrime required the full support of the nation and not just law enforcement agencies “because law enforcement agencies cannot address this issue," he said.

“We need to have a national response [in] the same way as if we would have a response to a pandemic. We need everyone to know what they’re doing and have it coordinated. We don’t have that strategic approach to this problem currently," he said.

“If we can solicit the help of the ISPs, the domain name registrars, the people who run the networks, people like ourselves [and] the law enforcement agencies, what we can start to do is make a difference,” Ingram said.

Ingram compared the internet to a drug that users "simply can’t get enough of".

"This drug is something we will continue to consume and unfortunately that means that the problems that I’d like to present ... are not going to be resolved and I think that one of my concerns is in that sense where we don’t have a solution, we don’t have a way forward - it’s easier to ignore the problem and we do that at our peril,” he said to the panel.

He said that the Australian Government should look at the problem as a "public health" rather than a series of attacks against a nation state.

The panel again raised the idea that the Commonwealth might take over AusCERT.

Ingram disagreed with the idea, stating that he didn’t like the idea of bureaucrats running it.

“I would like to see the idea of a partnership with government [because] a takeover would not be a good outcome because we have twenty people who are literally geeks who do this stuff really well,” he said.

“If you replace those twenty people with twenty policy bureaucrats I don’t think you’re going to have an outcome [where] you’re going to be increasing our capacity to do the job. But again, I think that’s probably the taxpayer who needs to make that judgement in terms of investment well met."

AusCERT: Cybercrime levels are "pandemic"

2 comments in this discussion

"Actually wjc you are wrong - the problem lies with users who want everything for free, and others who thing a keypad is secure. The world is not secure, it wasn't before computers and it won't be ..."

By hsvandrew

Tags

auscert, graham, ingram, cybercrime, govcert

In software we trust

Vic Govt launches cybersafety campaign

Why AusCERT fell off Govt cybersafety service

FBI rolls out 24-hour cybercrime team

Breaking Stories

Freedom Cable yanks Australia from subsea rollout

Optus kicks off TD-LTE network

Syrian hackers compromise FT website

Linfox crunches big data to keep trucks on time

Decoding NetSuite's anti-SAP bravado

Comments: 2

wjc

Sep 11, 2009 5:53 PM

Let's put the blame where it really belongs - and that is with an ICT industry and large scale system providers who cared little about security and governments worldwide that simply have refused to regulate the industry in relation to necessary security. It is really time to STOP BLAMING THE USER... the PC was NOT created for trusted and critical transacytions on an open network, the Internet. For example, we should NOW be using a PINPad style device, just as we do at teh supermarket, petrol station and so on to protect vital financial transactions (after all they could cost less that $50 in quantity) when we know the connected home PC is insecure! Governments have to take on the responsibility to require industry to provide systems for home and small business uage that ARE FIT FOR THE PURPOSE - and that means have the necessary security systems inlcuded. After all - can you sell a car without seat belts?

No - the ICT industry has demonstrated over 30 years or more that it will not respond to a non-existent market, that is security, without necessary legislation and regulation. (Remember pool fences and so on!)

Let's stop the end-user "bashing" and blame the ICT industry and large system providers FIRST ... they can, if they are compelled, provide the necessary secure systems and add-on units required... BUT.. as has been often stated - perhaps Governments will not anything unless there really is that "digital Pearl Harbor".

hsvandrew

Sep 15, 2009 2:43 AM

Actually wjc you are wrong - the problem lies with users who want everything for free, and others who thing a keypad is secure. The world is not secure, it wasn't before computers and it won't be with them, however, with some knowledge or the intelligence to find someone with the knowledge, computers can be extremely safe to use. When buying security, free isn't going to protect you. wjc its like you say, seat belts in cars or maybe "don't drink and drive" but if people don't use the seatbelts provided or drink they might make their experience unsafe. You wouldn't pick a mad man from the side of the road, so why download from one offering free lollies?

Comments have been disabled for this article.

Ads by Google