CERT Australia pushes on network security

By Karen Dearne
The Australian
December 01, 2009

The new computer emergency response team, CERT Australia, will expect internet service providers to be more active in cleaning up infected computers operating on their networks.

Following the federal government's e-security review last year, the Internet Industry Association has been hammering out a voluntary ISP code of practice aimed at identifying botnet activity and alerting customers to security breaches.

Attorney-General's Department national security resiliency division head Mike Rothery said CERT Australia would be a two-way clearing house for notifications from local and international authorities, with responsibility for tracking down compromised machines in Australian domains.

"We'll be establishing relationships with our CERT counterparts so that if we identify (attacks coming from) compromised machines overseas, we can ask those authorities to trace the actual owners and seek that those be cleaned up," Mr Rothery said.

"Where identified machines appear to be in Australia -- and the notification may come from overseas or from a local ISP or web hosting company -- we will track down the owners through their ISP or web host and tell them their machines have been compromised.