Zombie PCs to be throttled, isolated under new ISP code

Powered by SC Magazine
 

Voluntary ISP code of practice launched for Cyber Security Awareness week.

Internet service providers should quarantine or even slow down the connections of customers with infected computers, according to a new Australian industry code of practice.

The voluntary code of practice was designed by the Federal Government and the Internet Industry Association (IIA) to formalise cyber security standards for ISPs and customers.

The code [PDF] outlines measures to educate customers, detect malicious activity on the network, take action against compromisde customers and also a requirement to report serious activity to the Australian Federal Police and the national computer emergency response team (CERT).

Communications Minister Stephen Conroy announced the code at yesterday's launch of Australian Cyber Security Awareness Week, and hinted that the code might not remain 'voluntary' should ISPs not sign up.

"At the moment we're working with [IIA CEO Peter Coroneos] and the industry, to make it work this way," Mr Conroy said. "Down the track if it doesn't work - [compulsory adherence to the code] is something we'll have to look at.

"But we are genuienly working well with the sector to get the best outcome."

The code is built around a free monitoring service introduced by the Australian communications and media authority (ACMA) in 2005 -- Australian Internet Security Initiative -- which is used by 78 ISPs to detect whether their customers' computers are connected to a network of hacked PCs, known as a botnet.

The government and IIA have added several resources for ISPs including standard cyber security education messages, notification guidelines, a requirement to report significant infections to the authorities and courses of action to reduce a threat.

The recommended courses of action include the option to slow down or limit a customer's connection.

"Actions that ISPs can take when they become aware of a compromised computer include... apply an ‘abuse' plan where the customer's internet service is speed throttled," the code recommends.

"Temporarily quarantining the customer's service, for example by holding them within a ‘walled garden' with links to relevant resources that will assist them until they are able to restore the security of their machine."

These two measures are more relaxed than suggestions made in a draft of the code in September last year, which recommended ISPs cut access to zombie-infected PCs altogether.

The code states that "user privacy is paramount", but does not provide details for how this will be protected if a compromised computer is reported to authorities.

The ISP code is policed by the IIA and there are no penalties for breaches, according to IIA CEO Peter Coroneos.

"It goes around the compliance symbol," Mr Coroneos said. "They'll be given a trust mark that they put on their website that shows that their code is compliant.

"If we become aware down the track in the unlikely event that an ISP is going to stop acting in their best interests, then we'll take action." 


Zombie PCs to be throttled, isolated under new ISP code
 
 
 
Top Stories
Innovating in the sleepy super industry
There’s little incentive to be on the bleeding edge, so why is Andrew Todd fighting so hard?
 
How technology will unify Toll
The systems headache formed through 15 years of acquisitions.
 
Immigration breached Privacy Act with data leak
Pilgrim slams "copy and paste" of asylum seeker data.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  39%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  7%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  15%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 811

Vote