ACMA: 30,000 Australian PCs infected every day

Powered by SC Magazine
 

Regulator working on new zombie-tracking portal for ISPs.

View larger image View larger image View larger image

See all pictures here »

Australia's communications regulator has reported that there are approximately 25,000 to 30,000 computers compromised by malware every day in Australia.

The Australian Communications and Media Authority (ACMA) expected the total number of infected machines in Australia this year to soar past four million.

Zombie computers, infected by malware or other exploits, are often part of a wider network of "botnets", used to commit cyber crimes such as spam, phishing, or denial of service attacks.

Information about these exploited machines is being tracked in Australia by the Australian Internet Security Initiative (AISI) and the spam intelligence database (SID). The AISI aggregates information from a number of sources to inform ISPs about the number of compromised computers.

The voluntary program has secured the participation of universities, 90 ISPs ( including the "big four") and hundreds of virtual ISPs, Chaffe said.

In the 2008/2009 financial year, the ACMA reported 1.57 million incidents, which almost doubled the following year to 4.09 million incidents, according to ACMA e-security operations staffer Mark Chaffe.

This will increase significantly in the 2009/2010 financial year, as some 25,000 to 30,000 new infected computers are being reported daily, Chaffe told attendees at the Ruxcon technical security conference in Melbourne on the weekend.

"In some ways it's fantastic because we're getting more coverage, finding more compromises," Chaffe told attendees.

"But the inverse of that [is that] it's a bit disheartening to know there's 25,000 to 30,000 compromised computers on the internet and it doesn't look like it's changing.

"It's just always ramping up."

ISP portal in development

The ACMA usually emails these reports to internet service providers, including a 'repeated sightings report' for computers that have been infected several times over a short period of time.

But iTnews can reveal that more detailed information will soon be made available to ISPs via a one-stop information portal.

The portal will provide additional information to ISPs on already reported compromises - the details of which is yet to be finalised. ISPs will also be able to update their IP address ranges on the portal.

A spokesman for ACMA told iTnews the data will not be offered on the portal in "real-time."

"There will be a delay from when the compromise is detected to when it will be available via the portal," he said. "The timing depends on the source."

The portal will be restricted to AISI participants oand will be password protected, amongst other security measures.

Other measures

The AISI program covers 90 percent of Australia's residential broadband customers, but the ACMA only sees the IP address and the time of the attack and sees no personal customer information, Chaffe said.

The regulator cannot force ISPs to take actions against customers, but Chaffe highlighted recent proposals by the IIA for ISPs to quarantine infected PCs in a "walled-garden" environment.

"It could be very restrictive, and [the subscriber] would have to call the ISP to get out," he said. "Or it may be as simple as to apply updates and escape out."

The other half of AISI is the spam detection program SID. By integrating the two, the ACMA can identify which computers and botnets are being used for spam.

SID currently receives about two million spam messages a day, sourced directly from the public.

Chaffe said this was especially valuable because important information can be extracted from the messages that made it through user's spam filters.

Copyright © iTnews.com.au . All rights reserved.


 
 
 
Top Stories
Soft drinks and SoftLayer: A solution for hard times?
Coca-Cola Amatil's CIO Barry Simpson shares his story of cost-cutting, outsourcing and why his software developers to ride around in delivery trucks.
 
Optus considers breaking net neutrality in Australia
May charge Netflix, OTT providers for premium service.
 
AGL restructure sees CIO depart
Owen Coppage to leave after ten years.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest articles on BIT Latest Articles from BIT
Small business win in a budget with 'fair' savings: Abbott
Apr 17, 2015
Tony Abbott has reaffirmed that the government’s aim is “always to get taxes ...
Xero now includes an inventory function built-in
Mar 26, 2015
Xero has added inventory and other major new features to the latest release of its cloud ...
Apple reveals its new MacBook
Mar 13, 2015
Replacing the MacBook Air as Apple's thinnest laptop, the new MacBook comes packed with features.
Xero has released a new version of its app for the iPad
Mar 6, 2015
iPad-wielding Xero users can now take advantage of a new version of the iOS app for the cloud ...
Microsoft is offering Azure for Disaster Recovery to Australian SMBs
Feb 10, 2015
If you haven't talked to your IT provider about disaster recovery, it might be worth discussing ...
Latest Comments
Polls
Do you support the Government's data retention scheme?

   |   View results
Yes
  11%
 
No
  89%
TOTAL VOTES: 2373

Vote