ISP code to take on spammers, botnets and zombies
The Internet Industry Association in conjunction with the Minister for Broadband, Communications and the Digital Economy, Senator Stephen Conroy and the Federal Attorney-General, Robert McClelland, launched a new voluntary code of practice on 6 June for Australian Internet Service Providers (ISPs) to improve cybersecurity for all consumers.
See the icode website.
Known as the icode, the new code recognises both (ISPs) and consumers can and must share responsibility for minimising the risks inherent in using the internet. “The icode promotes a culture of cybersecurity within Australian ISPs and their customers,” IIA chief executive, Peter Coroneos, said.
”The increasing threat of zombied computers – computers which have been essentially hijacked – presents a real risk to users. Identity theft, fraud, and increases in spam are all possible consequences of compromised computers.”
The code is designed to respond to this challenge by providing a consistent approach for Australian ISPs to help inform, educate and protect their customers in relation to cybersecurity.
By following the code ISPs will contribute to reducing the number of compromised computers in Australia and enhance the overall security of the Australian and international internet. The IIA believes a uniform national approach is warranted. The code will deliver a standard set of best practices for ISPs to follow to preserve the integrity of their networks.
The icode contains four main elements:
- A notification/management system for compromised computers
- A standardised information resource for end users
- A comprehensive resource for ISPs to access the latest threat information
- A reporting mechanism in cases of extreme threat back to CERT Australia to facilitate a national high level view of attack status.
The icode builds on the ACMA (Australian Communications and Media Authority) Australian Internet Security Initiative (AISI) as well as other sources of security intelligence which showed that malware-infested computers were a growing risk that required coordinated industry, consumer and government responses.
The icode is available for download at here.
The icode Compliance Checklist is available for download here.
The icode Compliance Declaration is available for download here.