ACMA cyber security function moves to the Computer Emergency Response Team Australia | ACMA

ACMA cyber security function moves to the Computer Emergency Response Team Australia

The longstanding and successful Australian Internet Security Initiative (AISI) is transitioning tomorrow to the Computer Emergency Response Team (CERT) Australia within the Attorney-General’s Department. The AISI aims to reduce malicious software (malware) infections and service vulnerabilities occurring on Australian internet protocol address ranges.

This move is the first recommendation of the Review of the Australian Communications and Media Authority to be finalised after the Federal Government’s release last month of the Final Report.

The ACMA has been working closely with the CERT for a number of months on transferring select cyber security functions so that they can be integrated with the CERT’s functions. This will contribute to a coordinated Commonwealth outreach strategy and clear messaging on cyber security awareness in line with recommendation two of the Review of the ACMA.

‘While we are proud of the ACMA’s important contribution to Australia’s cyber security framework for more than a decade, the transition is an exciting development as the AISI will be now be housed with similar programs and expertise,’ said the ACMA’s acting Chairman, James Cameron. ‘We expect an ongoing close relationship with the CERT, particularly for the ACMA’s work regulating unsolicited communications, including commercial spam.’

The AISI program has been administered by the ACMA since 2005. It operates as a public-private partnership in which Australian internet providers voluntarily participate to help protect their customers from cyber security threats.

The transition takes effect on 1 July 2017 and will include the movement of the relevant resources and technical expertise from the ACMA to the CERT.

For more information, please see the Backgrounder below, or to arrange an interview, contact: Blake Murdoch, on (02) 9334 7817, 0434 567 391 or

Media release 25/2017 - 30 June


The Review of the Australian Communications and Media Authority

The Australian Government released the Final Report of the Review of the Australian Communications and Media Authority on 22 May 2017.

The Review makes recommendations in relation to the ACMA’s remit, objectives, functions, governance, performance and resource base to ensure that it is a modern, agile and responsive “fit-for-purpose” communications regulator.

The Review acknowledges the challenges facing the media and telecommunications industries, recognising the complex technology and commercial issues of the sectors the ACMA regulates.

Recommendation two within the Final Report is for ‘the ACMA’s cybersecurity programs, where appropriate, be transferred, along with staff and funding, to the Attorney-General’s Department’.

The Final Report of the Review of the ACMA is available here.

CERT Australia

CERT Australia is the national computer emergency response team and is the point of contact in Government for cyber security issues affecting major Australian businesses.

CERT is also a key element in the Australian Cyber Security Centre, sharing information and working closely with the Australian Security Intelligence Organisation, the Australian Federal Police, the Australian Signals Directorate, the Defence Intelligence Organisation and the Australian Criminal Intelligence Commission.

More information about the CERT is available here.

The Australian Internet Security Initiative

Through the AISI, daily email reports are provided to internet providers identifying IP addresses on their networks observed as being malware infected or potentially vulnerable to malicious exploits.

Internet providers are encouraged to use the AISI data to identify and inform affected customers about their malware infection or service vulnerability, including providing advice to infected customers on how they can fix the compromise or remedy the open or vulnerable service.

Malware infections enable cyber criminals to steal personal and sensitive information from infected computing devices and control them remotely for illegal or harmful purposes, without the knowledge of the device user.

These ‘compromised’ devices are often aggregated into large groups, known as 'botnets', which can undertake activities causing harm to other internet users; including the mass distribution of spam, hosting of phishing sites, distributed denial of service (DDoS) attacks on websites and the facilitation of identity theft.

The malware infection and service vulnerability data used in the AISI is provided by organisations seeking to enhance the security of the Internet, including Microsoft, the Spamhaus Project and the Shadowserver Foundation. This data is independently assessed before it is included in the AISI program. AISI data is constantly updated as new infections, threats and vulnerabilities emerge.

The internet providers participating in the AISI are estimated to cover more than 95 per cent of Australian residential internet users. Through their voluntary participation, these providers help raise security levels on Australian IP address ranges, reducing costs for all internet providers and users.

Last updated: 12 July 2017