This year the IIA will mount a renewed national push to help empower
Australia's internet using public and SMEs against the ever increasing
cyberthreats we face.
The approach will contain a number of key elements which we will implement as industry and where appropriate in conjunction with Government.
The IIA's 2010 eSecurity Program will comprise the following measures:
1. icode - Implementation of the eSecurity Code of Practice
This Code aims to provide a uniform response to addressing the problem of zombied computers on Australian networks. As far as we are aware this is the most comprehensive national response yet undertaken to the problem, and builds on the successful AISI initiative that ACMA has been running in recent years. The scheme will allow for an escalated response culminating in potential short term 'quarantining' of zombied computers.
Users whose computers are suspected of being compromised will be provided with access to information, resources and software. IIA member security vendors will be given the opportunity to participate in the scheme and will be represented on the resource page that all ISPs will be required to direct users to under the voluntary code of practice. To date, some 68 ISPs representing over 90% market share of the online
population are part of the AISI and are expected to sign on to the code once formally launched. The Code drafting committee has a target date of 5 June for Code finalisation, and we aim to have the Minister formally launch the Code during Cyber Security Awareness Week together with other measures as outlined below. As well as limiting the ability of zombies to operate in Australia the intiative will be positioned as a pro
privacy measure to the extent that will address the potential for identify theft to occur via zombied systems. Vendors and government also appreciate the larger national security implications arising from the botnet phenomenon, another issue the program hopes to help address.
2. Engagement with router manufacturers to address the issue of compromised passwords on router devices
year saw the first brute force attack on consumer grade routers via the
Psyb0t worm. This pernicious exploit takes advantage of preconfigured
login controls (username and passwords) on consumer edge devices
resulting in firmware changes to the device to enable unauthorised
remote access. So far some 30 makes and models have been affected. This
is a very serious problem which can neutralise theprotection that PC
based solutions currently offer and is therefore being addressed by the
IIA as a priority. Government is supportive of this effort and we are
working towards a major announcement during eSecurity awareness week in
3. Launch of a national '@Home' service to provide on the ground assistance to remediate compromised home computers and harden security on home computers.
The IIA continues to mount a renewed national push to help empower Australia's internet using public and SMEs against the ever increasing cyberthreats we face.
The approach contains several key elements which we will implement as an industry and where appropriate in conjunction with Government.
1. icode - Promotion of the eSecurity Code of Practice: http://icode.net.au/
The Department of Broadband, Communications, and the Digital Economy (the Department) will undertake a review of the Interactive Gambling Act 2001 (Cth). In conducting the Review, the Department will consult with key stakeholders as well as the wider Australian community. On 24 August 2011, the Department published a Call for Submissions. The Department expects to commence consultancies in the second half of 2011 and to submit its report to the Minster in the first half of 2012.