Malware victim loses net connection to iCode

Powered by SC Magazine
 

Telco cuts woman's connection after 42 warnings.

An Australian woman this month has had her internet connection cut off under the iCode initiative after she received 42 consecutive emails warning that her computer was infected.

The customer of a small unnamed telco had her machine hijacked by a botnet, rendering it what is known as a zombie machine. It then pumped malicious traffic over her internet connection which alerted her ISP.

The woman had struggled to remove the notoriously stubborn malicious fake anti-virus program  because it had disabled her legitimate anti-virus software and prevented her from executing applications.

Her internet connection was cut to all but a single web page with the provider, referred to as a walled garden, after she failed to remove the infection.

The telco then phoned her to assist in the removal of the malware.

Internet connections were cut only in the "most severe" cases, iCode chief and former director of the Internet Industry Association (IIA) Peter Coroneos said.

Normally customers would be contacted by phone or email after ISPs detected malicious botnet traffic from their accounts, and then direct to a web page which contains security tools.

Large internet providers typically implemented network traffic analysis and automated email alerts to detect and warn customers of infections.

Smaller telcos often manually examined data, sinkholed botnet traffic and phoned compromised users, Coroneos said.

Recent information from the Australian Communications and Media Authority found the average number of daily reported botnet infections had declined from 16,000, between June 2010 and 2011, to 11500 in July alone this year.

The IIA did not have figures detailing the number of machines cleaned by telcos operating under the iCode.

Heading offshore

Australia's voluntary internet industry iCode may be adopted in the US and will be trialled in South Africa under an increasing drive by governments and industry to wipe out botnets.

Some ISPs in South Africa would soon begin trials of the code, Coroneos said.

The US Department of Homeland Security may also adopt the iCode. It flagged the strategy in request for information document issued this month to research ways to reduce botnet infections.

Also flagged was a similar government-run initiative in Japan where botnet infections were discovered in honeypots.

In both initiatives, compromised customers were directed to a web page to download security tools that could remove the infections.

Coroneos said he thought the iCode would fit well with US legal frameworks because the country's largest telco, Comcast, had already implemented a similar in-house framework.

"The internet providers have far from won the fight against botnets, but there is progress and customers are accepting of the iCode," Coroneos said.

The code was pushed out to pre-empt looming government regulation that may have made providers responsible for the security of end-users.

Copyright © SC Magazine, Australia


Malware victim loses net connection to iCode
 
 
 
Top Stories
Innovating in the sleepy super industry
There’s little incentive to be on the bleeding edge, so why is Andrew Todd fighting so hard?
 
How technology will unify Toll
The systems headache formed through 15 years of acquisitions.
 
Immigration breached Privacy Act with data leak
Pilgrim slams "copy and paste" of asylum seeker data.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  39%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  7%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  15%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 818

Vote