Australian ISPs and university members of the Australian Internet Security Initiative (AISI) have called for changes to the AISI program so they can identify compromised computers more easily, identity the volume of activity associated with compromised IP addresses and identity infected websites hosted on their own networks.
Feedback was gathered via phone interviews with 24 members conducted between December 2011 and February 2012 by Australian Communications and Media (ACMA) staff. The ACMA administers the AISI program which sends members emails about compromised customer computers.
Half of the 24 participants asked for the improvements. They also suggested the ACMA identify the sources of information used in AISI reports and the methodologies used by these sources to identity compromises, provide intelligence about e-security risks and educate consumers about the significance of computer compromises.
A tabling of the AISI survey which ACMA released in late September, The Australian Internet Security Initiative--provider responses to security, found that the main barrier to more effective use of AISI reports for some members was the limited resources available to develop automated security systems and/or improve customer assistance.
“Internet customers who learn about computer compromises from their ISPs might also find it useful to access well-presented and user-friendly information about relevant aspects of the AISI program,” read the ACMA report.
The report went on to say that this information could focus on dealing with customer uncertainty, frustration and suspicion about the legitimacy of ISP notifications, and aim to improve customer understanding about the consequences of compromises and how they can best protect their computers.
In addition, the 24 AISI members surveyed were asked how useful they would find a self-service portal for additional compromised computer security information. A self-service portal is currently under development by the ACMA. However, the authority has not indicated a date when this portal will be launched.
According to the report, a portal could provide more comprehensive information about computer compromises than that provided in the existing AISI email reports.
It could also allow providers to undertake searches on IP addresses and to more readily tailor compromised computer data to their specific needs.
According to the ACMA, the portal may link to information from CERT Australia about how to report cyber security incidents, and educational material on cyber security from Australian government website Stay Smart Online.
In addition, the portal may link to the Internet industry’s iCode and its strategies to protect customers and networks from malware and e-security threats.
Follow Hamish Barwick on Twitter: @HamishBarwick
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.