26 October 2006
ACMA and ISPs combine to fight ‘zombies’ and improve internet e-security
The Australian Communications and Media Authority is further stepping up the fight in combating spam by extending the rollout of its Australian internet security initiative, following completion of a successful trial.
The initial trial commenced in November 2005, with six internet service providers (ISPs) participating. ACMA is now extending the rollout to additional ISPs (see backgrounder for full details of participant information).
‘ACMA welcomes the impressive cooperation of the internet industry in improving the e-security of the internet’ said Chris Chapman, ACMA Chairman. ‘The internet is now fundamental to the commercial and social activities of individuals and businesses. It is essential that there is widespread cooperation in ensuring that secure internet communications and transactions can occur. The Australian internet security initiative is intended to contribute to the safety of the online environment and increase awareness of the need for computer users to maintain online e-security. No-one wants to be an accidental spammer!’
The Australian internet security initiative operates by forwarding information on ‘zombie’ computers (computers that have been infected by a computer virus or other form of malware) to Australian ISPs. These ISPS then contact their customers to assist them to ‘disinfect’ their computer. Experience from the trial indicates that the vast majority of customers are unaware that their computers are infected by malware and are grateful for the assistance in making their computer secure.
Since the trial commenced the Internet Industry Spam Code Of Practice - A Code For Internet And Email Service Providers has been registered by ACMA and came into effect on 16 July 2006. The code complements the Australian internet security initiative, as it contains provisions that enable ISPs to disconnect a customer’s computer if the problem is not resolved by the customer.
The best way for a consumer or business to prevent their computer being infected is to use a firewall and e-security software, particularly anti-virus software, and keep security patches up-to-date.
ACMA also welcomes the support of the Department of Communications, Information Technology and the Arts, the Western Australian Internet Association and AusCERT in assisting with the initiative.
Media contact: Donald Robertson, ACMA Media Manager on (02) 9334 7980
ACMA is responsible for the administration and enforcement of the Spam Act 2003. The Spam Act came into force on 10 April 2004, and regulates the sending of commercial electronic messages.
ACMA has developed a program—the Australian internet security initiative—that provides information free of charge to internet service providers about ‘zombie’ computers operating on their networks. This is one of a number of initiatives undertaken by ACMA to combat spam.
Zombies are computers that have been infected by a computer virus or other form of malware. Zombies can be used to commit online crimes remotely from anywhere in the world without the computer owner knowing. Personal identity information can be obtained through the use of the malware and zombies can be used to infect other computers and mount assaults on internet sites.
Zombie computers are now the major source of spam. Taking steps to help reduce zombies will not only improve e-security but will help reduce spam.
The increasing take-up rate of broadband in Australia accentuates the need to take action against zombie computers, as the substantially higher bandwidth provided by broadband relative to dial-up services significantly increases the amount of spam that can be disseminated by these computers. The ‘always-on’ characteristic of broadband services also makes insecure computers more vulnerable to infection and more capable of spam dissemination without user knowledge.
The initial trial of the Australian Internet Security Initiative commenced in November 2005. The participants in this trial were OptusNet, Pacific Internet, Telstra Bigpond, Uecomm, West Australian Networks and Westnet.
The following ISPs have now also joined the initiative: Access Net Australia; AUSTARnet, Bekkers, Chariot, iinet, OzEmail, Powerup, ihug, SeNet, Internode, Agile, Neighbourhood Cable, iPrimus, Primusonline, Hotkey, AOL, Reynolds Technology, Riverland Internet and Soul.
If computer owners don't have effective security measures in place, their computer may be infected through a variety of means, such as through opening spam containing a virus or through visiting websites where malicious programs are downloaded onto their computer. Computers that become infected can be used to propagate infections on other computers and to disseminate spam, mount denial of service attacks on internet sites and undertake online criminal activities.
To avoid becoming an accidental spammer, computer users should:
- use anti-virus and other security software, and ensure this is updated regularly
- regularly download and install the latest security patches for their computer software and use automatic software security updates where possible
- use personal firewall software
- only open an attachment to an email where the sender and the contents of the attachment are known by the email recipient. Suspect emails should be deleted immediately. If an attachment needs to be opened, it should be checked by anti-virus software before opening
- use long and random passwords and change these regularly
- not visit ‘suspect’ websites.