ACMA: 30,000 Australian PCs infected every day

Powered by SC Magazine
 

Regulator working on new zombie-tracking portal for ISPs.

View larger image View larger image View larger image

See all pictures here »

Australia's communications regulator has reported that there are approximately 25,000 to 30,000 computers compromised by malware every day in Australia.

The Australian Communications and Media Authority (ACMA) expected the total number of infected machines in Australia this year to soar past four million.

Zombie computers, infected by malware or other exploits, are often part of a wider network of "botnets", used to commit cyber crimes such as spam, phishing, or denial of service attacks.

Information about these exploited machines is being tracked in Australia by the Australian Internet Security Initiative (AISI) and the spam intelligence database (SID). The AISI aggregates information from a number of sources to inform ISPs about the number of compromised computers.

The voluntary program has secured the participation of universities, 90 ISPs ( including the "big four") and hundreds of virtual ISPs, Chaffe said.

In the 2008/2009 financial year, the ACMA reported 1.57 million incidents, which almost doubled the following year to 4.09 million incidents, according to ACMA e-security operations staffer Mark Chaffe.

This will increase significantly in the 2009/2010 financial year, as some 25,000 to 30,000 new infected computers are being reported daily, Chaffe told attendees at the Ruxcon technical security conference in Melbourne on the weekend.

"In some ways it's fantastic because we're getting more coverage, finding more compromises," Chaffe told attendees.

"But the inverse of that [is that] it's a bit disheartening to know there's 25,000 to 30,000 compromised computers on the internet and it doesn't look like it's changing.

"It's just always ramping up."

ISP portal in development

The ACMA usually emails these reports to internet service providers, including a 'repeated sightings report' for computers that have been infected several times over a short period of time.

But iTnews can reveal that more detailed information will soon be made available to ISPs via a one-stop information portal.

The portal will provide additional information to ISPs on already reported compromises - the details of which is yet to be finalised. ISPs will also be able to update their IP address ranges on the portal.

A spokesman for ACMA told iTnews the data will not be offered on the portal in "real-time."

"There will be a delay from when the compromise is detected to when it will be available via the portal," he said. "The timing depends on the source."

The portal will be restricted to AISI participants oand will be password protected, amongst other security measures.

Other measures

The AISI program covers 90 percent of Australia's residential broadband customers, but the ACMA only sees the IP address and the time of the attack and sees no personal customer information, Chaffe said.

The regulator cannot force ISPs to take actions against customers, but Chaffe highlighted recent proposals by the IIA for ISPs to quarantine infected PCs in a "walled-garden" environment.

"It could be very restrictive, and [the subscriber] would have to call the ISP to get out," he said. "Or it may be as simple as to apply updates and escape out."

The other half of AISI is the spam detection program SID. By integrating the two, the ACMA can identify which computers and botnets are being used for spam.

SID currently receives about two million spam messages a day, sourced directly from the public.

Chaffe said this was especially valuable because important information can be extracted from the messages that made it through user's spam filters.

Copyright © iTnews.com.au . All rights reserved.


 
 
 
Top Stories
First look: Microsoft Outlook for iOS
[Update] Office productivity suite for iOS completed with Outlook.
 
NewSat defaults on $26m in overdue Lockheed payments
Jabiru-1 satellite build hits further hurdles.
 
IBM denies plans to cut 112k jobs
But admits to further restructuring.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest articles on BIT Latest Articles from BIT
Microsoft Outlook is now on iPhone and iPad: why could this be useful?
Jan 30, 2015
Microsoft today released Office for Android and Outlook for iOS - complementing the other Office ...
Franchisees, here's something you should know about
Jan 23, 2015
You need to know the Code if you are a franchisee or franchisor as the penalties are significant.
Xero users rejoice! Quoting has finally arrived
Jan 23, 2015
It has taken years, but Xero has at last added integrated quoting to its online accounting software.
You can now get a no-contract wi-fi tablet from Telstra
Jan 17, 2015
Telstra has began selling wi-fi tablets out of contract without paying extra for cellular ...
Get your business ready for 2015: mobile payments
Jan 2, 2015
These handy apps from MYOB, Xero and others can reduce your administrative load and improve ...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  36%
 
Your insurance company
  5%
 
A technology company (Google, Facebook et al)
  9%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  4%
 
A Federal Government agency (ATO, Centrelink etc)
  18%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  7%
TOTAL VOTES: 3078

Vote
Do you support the abolition of the Office of the Information Commissioner?

   |   View results
I support shutting down the OAIC.
  27%
 
I DON'T support shutting the OAIC.
  73%
TOTAL VOTES: 980

Vote