Feeds

Aus gov shakes up cyberdefence strategy

AusCERT: Dead

Securing Web Applications Made Simple and Scalable

The Australian government has decided to stop supporting AusCERT in favour of a new computer emergency response team more focused on providing an early warning system for utilities, banks and other critical infrastructure firms.

CERT Australia will take over from AusCERT in running frontline cyber-defence protection following the breakdown of negotiations between AusCERT and the government that lasted almost a year, The Australian reports.

CERT Australia (previously known as GovCERT before it was given a new name and wider responsibilities) will also become the main point of contact with its counterparts around the world.

Federal Attorney-General Robert McClelland was allocated a A$6.2m ($5.2m) budget to bring together AusCERT, GovCERT (now CERT Australia) along with the only months old Cyber Security Operations Centre (CSOC) in the Australian Department of Defence to form an unified front against hacker, cyber-spies and malware. Efforts to knit these groups together has seemingly been abandoned in favour of a new strategy that promotes CERT Australia to a pre-eminent role.

AusCERT, which is based in the University of Queensland, draws most of its budget from private sector firms. Although the Australian government's decision means it will lose out on $250,000 per annum from government agencies subscriptions its director remains confident of its ability to continue.

Jeremy Crowley, director of AusCERT and IT Services at UQ, told the Australian that its members can expect to enjoy business as usual. "We believe there is room for both teams to operate as CERT Australia has indicated it is primarily interested in helping protect critical infrastructure,” Crowley said.

“We hope CERT Australia won’t use taxpayer funds to duplicate the services of a not-for-profit organisation with a proven track record of delivering these services effectively for many years."

The Australian's government change of strategy in fighting cybercrime was announced at the launch of a National Cyber Security Information Exchange in Sydney earlier on Thursday. McClelland said CERT Australia would part of the Attorney-General's department he runs, before going on to explain its role.

"It must be a trusted broker of information for both the private sector and international internet community, while also being integrated with our national security and intelligence agencies," the minister explained.

CERT Australia will be responsible for providing early warnings of attacks such as the Operation Aurora cyber-espionage assaults on Google and other hi-tech firms that relied on IE-based exploits. It will also has the job of providing mitigation advice.

Its role has little or no bearing on Australia's controversial plans to mandate ISP-level filtering of porn and other "objectionable" content. ®

The smart choice: opportunity from uncertainty

More from The Register

next story
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.