Internet Industry Association

The Internet Industry Association (IIA) has released a draft eSecurity code to guide ISPs in improving net security for its users throughout Australia 

How the eSecurity code benefits the public.

The boom in broadband has seen a rise in malware-infected computers online. Spam and other online scams has been fuelled with the rise in zombies – net connected PCs that are affected by malware and botnets (groups of such zombies). 

There are about 200,000 million spams generated a daily. The average zombie PC can send 10,000 spams a day. There are thought to be about 100,000 zombies in Australia, at present. Zombies account for about 90% of the world’s spam today. 

How ISPs can help with the assistance of the Government

These trends were noted back in 2005, when the Australian Communications and Media Authority initiated a pilot Australian Internet Security Initiative (AISI) drawing on the cooperation of initially six ISPs to alert them of zombie-like behaviour that may be traced to their account holders.

The pilot data sharing led to a more effective reduction in malware-infected systems. The 2007 Budget allocated approximately $4.7 million (over four years) to enable the expansion of the AISI to all Australian ISPs who wish to participate. 

Some 68 ISPs are involved. The AISI program reports10,000 compromises every day.

Why a code needed

On 10 June the IIA in association with the Government, ISPs, security vendors and consumer representatives convened a meeting to explore the merits of a new voluntary eSecurity code so that there will be a fair and uniform approach embraced with the aim of reducing malware infected systems.

The meeting agreed that A Draft Code Principles with representative from all stakeholders with a final version of the voluntary code envisaged by 1 December 2009.

The draft Code has four main elements:

1. Identification of compromised computers

2. Customer contacts

3. Provision of information and advice to fix the compromised system; and

4. A reporting function for alerting about serious scale threats, such as those, that may threaten national security.

Members of the public may respond to the draft code by posting their comments and suggestions to securitycode@iia.net.au no later than Friday 30 October 2009.

The Draft code is available at http://www.iia.net.au/code.pdf

About the Internet Industry Association

The Internet Industry Association (www.iia.net.au) provides policy input to government and advocacy on a range of business and regulatory issues, to promote laws and initiatives that enhance access, equity, reliability and growth of the Net within Australia.

John Hilvert

Communications Director, IIA

Ph: 02 6232 6900