ACMA: 30,000 Australian PCs infected every day

Powered by SC Magazine
 

Regulator working on new zombie-tracking portal for ISPs.

View larger image View larger image View larger image

See all pictures here »

Australia's communications regulator has reported that there are approximately 25,000 to 30,000 computers compromised by malware every day in Australia.

The Australian Communications and Media Authority (ACMA) expected the total number of infected machines in Australia this year to soar past four million.

Zombie computers, infected by malware or other exploits, are often part of a wider network of "botnets", used to commit cyber crimes such as spam, phishing, or denial of service attacks.

Information about these exploited machines is being tracked in Australia by the Australian Internet Security Initiative (AISI) and the spam intelligence database (SID). The AISI aggregates information from a number of sources to inform ISPs about the number of compromised computers.

The voluntary program has secured the participation of universities, 90 ISPs ( including the "big four") and hundreds of virtual ISPs, Chaffe said.

In the 2008/2009 financial year, the ACMA reported 1.57 million incidents, which almost doubled the following year to 4.09 million incidents, according to ACMA e-security operations staffer Mark Chaffe.

This will increase significantly in the 2009/2010 financial year, as some 25,000 to 30,000 new infected computers are being reported daily, Chaffe told attendees at the Ruxcon technical security conference in Melbourne on the weekend.

"In some ways it's fantastic because we're getting more coverage, finding more compromises," Chaffe told attendees.

"But the inverse of that [is that] it's a bit disheartening to know there's 25,000 to 30,000 compromised computers on the internet and it doesn't look like it's changing.

"It's just always ramping up."

ISP portal in development

The ACMA usually emails these reports to internet service providers, including a 'repeated sightings report' for computers that have been infected several times over a short period of time.

But iTnews can reveal that more detailed information will soon be made available to ISPs via a one-stop information portal.

The portal will provide additional information to ISPs on already reported compromises - the details of which is yet to be finalised. ISPs will also be able to update their IP address ranges on the portal.

A spokesman for ACMA told iTnews the data will not be offered on the portal in "real-time."

"There will be a delay from when the compromise is detected to when it will be available via the portal," he said. "The timing depends on the source."

The portal will be restricted to AISI participants oand will be password protected, amongst other security measures.

Other measures

The AISI program covers 90 percent of Australia's residential broadband customers, but the ACMA only sees the IP address and the time of the attack and sees no personal customer information, Chaffe said.

The regulator cannot force ISPs to take actions against customers, but Chaffe highlighted recent proposals by the IIA for ISPs to quarantine infected PCs in a "walled-garden" environment.

"It could be very restrictive, and [the subscriber] would have to call the ISP to get out," he said. "Or it may be as simple as to apply updates and escape out."

The other half of AISI is the spam detection program SID. By integrating the two, the ACMA can identify which computers and botnets are being used for spam.

SID currently receives about two million spam messages a day, sourced directly from the public.

Chaffe said this was especially valuable because important information can be extracted from the messages that made it through user's spam filters.

Copyright © iTnews.com.au . All rights reserved.


 
 
 
Top Stories
Beyond ACORN: Cracking the infosec skills nut
[Blog post] Could the Government's cybercrime focus be a catalyst for change?
 
The iTnews Benchmark Awards
Meet the best of the best.
 
Telstra hands over copper, HFC in new $11bn NBN deal
Value of 2011 deal remains intact.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest articles on BIT Latest Articles from BIT
Xero prepares for key feature coming in 2015
Dec 19, 2014
Xero users will be able to track how their business is comparing to other Xero users.
More 4G from Optus in Darwin
Nov 21, 2014
Click to see where Optus has expanded coverage to the suburbs near Darwin.
Optus steps up regional 4G coverage
Nov 20, 2014
Once 700Mhz services are working, Optus claims regional users will have a "faster and more ...
This Huawei 4G phone costs $99
Nov 12, 2014
The $99 Huawei Ascend Y550, available through Vodafone, enters the budget market as one of the ...
4G smartphones: Microsoft's Lumia 830
Nov 7, 2014
Microsoft has announced its flagship Windows Phone, the Nokia Lumia 830 4G, will be available in ...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  39%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  7%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 1803

Vote
Do you support the abolition of the Office of the Information Commissioner?