ISPs are calling for customer input to a draft code covering how to handle home computers infected by malware. The procedure would include advice on how to fix the problem of a compromised system.
ISPs move to protect system
On 10 June the IIA in association with the Government, ISPs, security vendors and consumer representatives convened a meeting to explore the merits of a new voluntary eSecurity code so that there will be a fair and uniform approach embraced with the aim of reducing malware infected systems.
The meeting agreed that A Draft Code Principles with representative from all stakeholders with a final version of the voluntary code envisaged by 1 December 2009.
The draft Code has four main elements:
- Identification of compromised computers
- Customer contacts
- Provision of information and advice to fix the compromised system; and
- A reporting function for alerting about serious scale threats, such as those, that may threaten national security.
Members of the public may respond to the draft code by posting their comments and suggestions to securitycode@iia.net.au no later than Friday 30 October 2009.
The Draft code is available at http://www.iia.net.au/code.pdf
Providers could strangle zombies
The Australian IT Section – Karen Dearne, September 29, 2009
http://www.australianit.news.com.au/story/0,24897,26137603-15306,00.html
INTERNET service providers hope to boost the fight against armies of compromised computers — known as botnets — through a voluntary code that could shut down zombies one by one.
Internet Industry Association spokesman John Hilvert said that while the proposed code focused on identifying botnet activity and warning customers, in extreme cases ISPs could disconnect infected computers to prevent further damage across their networks. “It’s not in an ISP’s interest to provide support to a botnet unit,” he said.
“Botnets are one of the biggest threats to the internet right now, and one of the main conduits for cyber-crime. There’s also a big fear that they could be used in quasi-terrorist actions against countries. If you can control several million bots, then you can bring down a whole system by launching the ultimate denial of service attack.”
Mr Hilvert said most people were unaware their PC had been taken over.
Under the draft code, ISPs will monitor network traffic for patterns of bot activity, and attempt to contact customers by phone, email or by limiting network access by throttling internet speed, temporarily suspending access or otherwise prompting a call to the helpdesk.
Many ISPs already take steps to notify customers of problems, and Mr Hilvert said the aim was to provide a more consistent approach that was both fair and upfront for consumers. “Users will probably be sent to a page which basically says, ‘If you have received one of these notices, your system has a case of bad breath and it’s causing a lot of coughing around the network — can you please do something about it?,” he said.
“The customer will be given links to security software and to personalised support companies that will come out and fix things if necessary.
“But if, after all that, an account holder’s machine is still playing a mischievous part in the network, their account could be placed in a ‘walled garden’ (without access to the internet) until action is taken.”
The IIA is seeking comment by the end of the month.