Feeds

Aussie pols want compulsory AV software and firewalls

Police, business and lawyers consulted: consumers not

Security for virtualized datacentres

As the Australian Government continues to grapple with the issue of how best to protect the nation from internet nastiness, the House of Representatives Standing Committee on Communications has just lobbed a major new element into the debate in the form of a mega-report on cyber-crime.

The report - entitled Hackers, Fraudsters and Botnets: Tackling the Problem of Cyber Crime (pdf) - is a 260-page opus, published this week and compiled under the chairmanship of Ms Belinda Neal MP. In the foreword, Ms Neal writes that "the interests and needs of consumers and business [should] generally be elevated in the national Cyber Security Strategy".

Some of the steps that can be taken immediately include a national coordination point to oversee this broader strategy, a national cyber-crime reporting centre, better coordination and training for law enforcement agencies and public-private information sharing on a wider range of cyber-crime types.

These conclusions were based on evidence that the Committee heard, to the effect that Australian consumers (and businesses) were being targeted by cyber criminals as never before, with a total cost to Australian business as high as $649m a year.

The committee were also told that increasing internet speeds were likely to make the situation worse.

The report also came up with a series of some 34 recommendations that ranged from the banal - the Australian Communications Department should publicise the issues more widely and support the development of community-wide IT literacy training that includes cyber security – to the slightly more scary.

The latter include new obligations on both ISPs and end-users to keep the net free from viruses. So, the report recommends that end-users be required to "install anti-virus software and firewalls before the Internet connection is activated". They should then do their best to keep security up to date and "take reasonable steps to remediate their computer(s) when notified of suspected malware compromise".

ISPs would be obliged to provide security advice, inform users when their IP address has been flagged as linked to infected machine, and put in place a policy of "graduated access restrictions" – with disconnection as the ultimate sanction.

Bad news, too, for hackers. The committee wants law enforcement agencies to "target the underground economy in malicious IT tools and personal financial information", as well as disrupt botnets and prosecute "botherders".

For those already concerned about Orwellian tendencies in Australia’s policy on the internet, there is yet more stuff to cause alarm. The Australian Communications and Media Authority will be asked to increase (further!) "its access to network data for the purpose of detecting malware compromised computers".

"This should include active consideration of how to increase access to network data held by global IT security companies and, in consultation with relevant departments, whether legal protections to address commercial, regulatory and privacy concerns are desirable."

In other words, the amount of seriously sensitive data to be held by government is going to increase dramatically – and government (at least in the shape of this committee) is not entirely convinced whether end-users need any legal protection in respect of this increase.

On the positive side, there is likely to be a push for specific protections against the unauthorised installation of software programs, particularly those that "monitor, collect, and disclose information about end users’ Internet purchasing and Internet browsing activity".

For those puzzled by the irony of it all – the focus on protecting the consumer from nasty hackers "out there", coupled with complacency in respect of the role of the state – a short glance at the witness list is all that is needed. Big business (including security providers such as McAfee and Symantec), lawyers, government departments and police are there: the end-user is not.

As an exercise in top-down policy-making, this report is exemplary: if, however, Ms Neal is looking for wider acceptance amongst the community she is seeking to police, the report might have done better to trawl a lot wider. ®

Bootnote

While public debate on whether or not Communications Minister Stephen Conroy will be able to bring in legislation to support his great firewall project before the next election, a reader writes to suggest it really doesn't matter. The government just bought the AU last mile from Telstra and as part of the deal requires Telstra to "retire" their existing copper loop. In time, therefore, all ISPs will have no choice but to migrate to the Conroy-connector - at which point legislation to impose a filter will not really be needed.

Secure remote control for conventional and virtual desktops

More from The Register

next story
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
Show us your Five-Eyes SECRETS says Privacy International
Refusal to disclose GCHQ canteen menus and prices triggers Euro Human Rights Court action
Heavy VPN users are probably pirates, says BBC
And ISPs should nab 'em on our behalf
Former Bitcoin Foundation chair pleads guilty to money-laundering charge
Charlie Shrem plea deal could still get him five YEARS in chokey
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
'Serious flaws in the Vertigan report' says broadband boffin
Report 'fails reality test' , is 'simply wrong' and offers ''convenient' justification for FTTN says Rod Tucker
FAIL.GOV – Government asks Dropbox for accounts that don't exist
Storage locker's transparency report shows rise in government data gobble attempts
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.