Internet industry adopts anti Zombie code

Stuart Corner
Wednesday, 01 December 2010 10:16

IT Policy - Regulation

A voluntary code for ISPs designed to minimise the impact of 'Zombie' computers - those compromised and recruited into botnets to spread malware - has come into force.

The code, known as the 'icode', is the initiative of the Internet Industry Association (IIA) and is supported by the Australian Government. IIA claims it is attracting the attention of governments worldwide as they grapple with the problem of hordes of infected machines coming under the control of criminals and, potentially, terrorists.

However the code stops well short of recommendations made by the House of Representatives Standing Committee on Communications in its report earlier this year "Hackers, Fraudsters and Botnets: Tackling the Problem of Cyber Crime". It called for a mandatory code of conduct for ISPs that would require them to ensure end user installed and kept current anti-virus and other protective software.

The government tabled its response to the report last week but gave no indication in its announcement as to how it would respond to any of the 34 recommendations in the report.

According to IIA, the new icode "provides a flexible, consistent approach for Australian ISPs to help inform, educate and protect their customers."
It contains four main elements:
- A notification/management system for compromised computers;
- A standardised information resource for end users;
- A comprehensive resource for ISPs to access the latest threat information;
- A reporting mechanism in cases of extreme threat back to CERT Australia to facilitate a national high level view of attack status.

An icode web resource (icode.net.au) has been set up to provide self-help tools and professional help to users, including house calls from reputable service firms. According to IIA, "This means that any user, should they be notified of a suspected compromise on their machine, can be confident a solution is readily at hand."

IIA CEO, Peter Coroneos said: "We have been delighted with the level of support we've received from ISPs. As at launch today, ISPs representing over 80 percent of the Australian market have already signed onto the code and will be displaying the 'icode compliant' symbol on their websites."

Coroneos added, "Significantly this initiative has been achieved without the need for legislation. ISPs themselves understand and support the need for action to be taken to enhance the security of Australian networks."

According to IIA, "The program builds on the Australian Internet Security Initiative (AISI) established by the ACMA which has widespread industry support. The icode takes this work to the next level by codifying best practices and centralising resources for ISPs and their customers. The two schemes are designed to work hand in hand, with AISI remaining a major source of intelligence to ISPs about possible network infections."