Feeds

Aussie pols want compulsory AV software and firewalls

Police, business and lawyers consulted: consumers not

Choosing a cloud hosting partner with confidence

As the Australian Government continues to grapple with the issue of how best to protect the nation from internet nastiness, the House of Representatives Standing Committee on Communications has just lobbed a major new element into the debate in the form of a mega-report on cyber-crime.

The report - entitled Hackers, Fraudsters and Botnets: Tackling the Problem of Cyber Crime (pdf) - is a 260-page opus, published this week and compiled under the chairmanship of Ms Belinda Neal MP. In the foreword, Ms Neal writes that "the interests and needs of consumers and business [should] generally be elevated in the national Cyber Security Strategy".

Some of the steps that can be taken immediately include a national coordination point to oversee this broader strategy, a national cyber-crime reporting centre, better coordination and training for law enforcement agencies and public-private information sharing on a wider range of cyber-crime types.

These conclusions were based on evidence that the Committee heard, to the effect that Australian consumers (and businesses) were being targeted by cyber criminals as never before, with a total cost to Australian business as high as $649m a year.

The committee were also told that increasing internet speeds were likely to make the situation worse.

The report also came up with a series of some 34 recommendations that ranged from the banal - the Australian Communications Department should publicise the issues more widely and support the development of community-wide IT literacy training that includes cyber security – to the slightly more scary.

The latter include new obligations on both ISPs and end-users to keep the net free from viruses. So, the report recommends that end-users be required to "install anti-virus software and firewalls before the Internet connection is activated". They should then do their best to keep security up to date and "take reasonable steps to remediate their computer(s) when notified of suspected malware compromise".

ISPs would be obliged to provide security advice, inform users when their IP address has been flagged as linked to infected machine, and put in place a policy of "graduated access restrictions" – with disconnection as the ultimate sanction.

Bad news, too, for hackers. The committee wants law enforcement agencies to "target the underground economy in malicious IT tools and personal financial information", as well as disrupt botnets and prosecute "botherders".

For those already concerned about Orwellian tendencies in Australia’s policy on the internet, there is yet more stuff to cause alarm. The Australian Communications and Media Authority will be asked to increase (further!) "its access to network data for the purpose of detecting malware compromised computers".

"This should include active consideration of how to increase access to network data held by global IT security companies and, in consultation with relevant departments, whether legal protections to address commercial, regulatory and privacy concerns are desirable."

In other words, the amount of seriously sensitive data to be held by government is going to increase dramatically – and government (at least in the shape of this committee) is not entirely convinced whether end-users need any legal protection in respect of this increase.

On the positive side, there is likely to be a push for specific protections against the unauthorised installation of software programs, particularly those that "monitor, collect, and disclose information about end users’ Internet purchasing and Internet browsing activity".

For those puzzled by the irony of it all – the focus on protecting the consumer from nasty hackers "out there", coupled with complacency in respect of the role of the state – a short glance at the witness list is all that is needed. Big business (including security providers such as McAfee and Symantec), lawyers, government departments and police are there: the end-user is not.

As an exercise in top-down policy-making, this report is exemplary: if, however, Ms Neal is looking for wider acceptance amongst the community she is seeking to police, the report might have done better to trawl a lot wider. ®

Bootnote

While public debate on whether or not Communications Minister Stephen Conroy will be able to bring in legislation to support his great firewall project before the next election, a reader writes to suggest it really doesn't matter. The government just bought the AU last mile from Telstra and as part of the deal requires Telstra to "retire" their existing copper loop. In time, therefore, all ISPs will have no choice but to migrate to the Conroy-connector - at which point legislation to impose a filter will not really be needed.

Security for virtualized datacentres

More from The Register

next story
Ex-US Navy fighter pilot MIT prof: Drones beat humans - I should know
'Missy' Cummings on UAVs, smartcars and dying from boredom
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
The 'fun-nification' of computer education – good idea?
Compulsory code schools, luvvies love it, but what about Maths and Physics?
Doctor Who's Flatline: Cool monsters, yes, but utterly limp subplots
We know what the Doctor does, stop going on about it already
'Cowardly, venomous trolls' threatened with TWO-YEAR sentences for menacing posts
UK government: 'Taking a stand against a baying cyber-mob'
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
Sysadmin with EBOLA? Gartner's issued advice to debug your biz
Start hoarding cleaning supplies, analyst firm says, and assume your team will scatter
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.