Obama's cyberczar eyes IIA anti-botnet initiative

Stuart Corner
Monday, 30 May 2011 16:12

IT Industry - Strategy

30 ISPs representing 90 percent of Australian Internet users are now signed up to the Internet Industry Association's icode that aims to reduce the number of PCs infected with botnets, and which has caught the attention of US president Barack Obama's 'Cyberczar' Howard Schmidt.

The IIA has named a further six ISPs - iPrimus, Comcen, Minopher, Activ8me, PPS Internet and Studentnet - that have signed up to the code, which the IIA says has achieved over 90 percent market coverage in the six months since its introduction, last December.

The IIA said also that its CEO, Peter Coroneos, had been recently called to a White House meeting by Obama 'cyberczar' Howard Schmidt to explore the scope for implementing the scheme in the US.

"Howard Schmidt has long advocated measures such as those we've implemented here," Coroneos said. "He has previously expressed his support for our scheme'¦The President's Cybersecurity Coordinator was interested to know how the scheme was actually working and the response from customers who were notified.

"More importantly, he was interested to test US ISPs on their preparedness to follow suit, recognising, as we do, that global problems require coordinated global solutions."

He added: "We are out to tackle the millions of infected machines which, on a global scale contribute to almost all spam, threaten personal data privacy and challenge even national security. They are the weapon of choice for today's cybercriminal. Our aim is to reduce the pool from which they draw."

The IIA says also that it had been nominated for an international award - the 'Internet Hero' award from peak UK industry body, UK ISPA, in recognition of its achievements for the Internet and the Internet industry.

According to IIA, the icode "provides a flexible, consistent approach for Australian ISPs to help inform, educate and protect their customers."
It contains four main elements:
- A notification/management system for compromised computers;
- A standardised information resource for end users;
- A resource for ISPs to access the latest threat information;
- A reporting mechanism in cases of extreme threat back to CERT Australia to facilitate a national high level view of attack.

These recommended resources include online tools and extend through to home visits for users lacking the technical know how to diagnose and fix infected machines. The icode web site lists three organisations that customers can call to do home visits.

Coroneos told iTWire that the IIA does not yet have any quantitative figures for the effectiveness of the scheme, but hoped to put something in place over the next six months. He said that participating ISPs were sending out some 40,000 notices per month to customers identified as having infected machines. "Thier first reaction is one of surprise, and their second one of gratitude," and that the ACMA had identified around 19,000 'significant incidents' per day from infected machines in Australia. "But we don't know how many of those are new infection and how many previously infected machines that are being activated."