Feeds

Aus gov shakes up cyberdefence strategy

AusCERT: Dead

Internet Security Threat Report 2014

The Australian government has decided to stop supporting AusCERT in favour of a new computer emergency response team more focused on providing an early warning system for utilities, banks and other critical infrastructure firms.

CERT Australia will take over from AusCERT in running frontline cyber-defence protection following the breakdown of negotiations between AusCERT and the government that lasted almost a year, The Australian reports.

CERT Australia (previously known as GovCERT before it was given a new name and wider responsibilities) will also become the main point of contact with its counterparts around the world.

Federal Attorney-General Robert McClelland was allocated a A$6.2m ($5.2m) budget to bring together AusCERT, GovCERT (now CERT Australia) along with the only months old Cyber Security Operations Centre (CSOC) in the Australian Department of Defence to form an unified front against hacker, cyber-spies and malware. Efforts to knit these groups together has seemingly been abandoned in favour of a new strategy that promotes CERT Australia to a pre-eminent role.

AusCERT, which is based in the University of Queensland, draws most of its budget from private sector firms. Although the Australian government's decision means it will lose out on $250,000 per annum from government agencies subscriptions its director remains confident of its ability to continue.

Jeremy Crowley, director of AusCERT and IT Services at UQ, told the Australian that its members can expect to enjoy business as usual. "We believe there is room for both teams to operate as CERT Australia has indicated it is primarily interested in helping protect critical infrastructure,” Crowley said.

“We hope CERT Australia won’t use taxpayer funds to duplicate the services of a not-for-profit organisation with a proven track record of delivering these services effectively for many years."

The Australian's government change of strategy in fighting cybercrime was announced at the launch of a National Cyber Security Information Exchange in Sydney earlier on Thursday. McClelland said CERT Australia would part of the Attorney-General's department he runs, before going on to explain its role.

"It must be a trusted broker of information for both the private sector and international internet community, while also being integrated with our national security and intelligence agencies," the minister explained.

CERT Australia will be responsible for providing early warnings of attacks such as the Operation Aurora cyber-espionage assaults on Google and other hi-tech firms that relied on IE-based exploits. It will also has the job of providing mitigation advice.

Its role has little or no bearing on Australia's controversial plans to mandate ISP-level filtering of porn and other "objectionable" content. ®

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.