X
Tech

Australian government gears up for zombie battle

A three-month trial programme from the Australian Communications and Media Authority looks to cut off or cure compromised PCs
Written by Munir Kotadia, Contributor

Five ISPs have been recruited by the government to hunt down virus-infected computers used to send spam or launch distributed denial-of-service (DDoS) attacks from Australia.

The Minister for Communications, Information Technology and the Arts, Senator Helen Coonan, launched the Australian Internet Security Initiative (AISI) on Monday, which is being run on a three-month trial basis by the Australian Communications and Media Authority (ACMA).

Anthony Wing, manager of the anti-spam team at the ACMA, told ZDNet UK sister site ZDNet Australia that the application, which took "some months" to build, can identify computers physically located in Australia that are being used for "illicit reasons".

"[The application] identifies IP addresses that have been used for illicit reasons — for example spamming," Wing said. "There are a range of sensors around that world that identify them. Those infected IP addresses are then fed to the relevant ISP. They know who their customers are so that can contact them".

The five ISPs signed up for the trial are Telstra BigPond, OptusNet, Westnet, Pacific Internet and West Australian Networks. Each will regularly receive a list of IP addresses that identify computers on their network demonstrating zombie-like behaviour. The ISPs will then be responsible for contacting their customers and helping them disinfect their computers.

According to a statement from the ACMA, if the owner of a computer contacted by an ISP is unwilling or unable to disinfect that machine, the ISP could remove its connection to the Internet: "if the computer remains a threat to other Internet users, the ISPs may take steps under their acceptable use policy to disconnect the computer until the problem is resolved".

Dennis Muscat, managing director of Melbourne-based Pacific Internet, said that customers usually have no idea their computer is infected: "Our experience has been that customers are usually completely unaware that their computer is compromised and they've been very grateful for the notification".

Adam Biviano, senior systems engineer at antivirus firm Trend Micro, said he is pleased that the government has woken up to the fact that zombie computers are a serious threat.

"[Zombie networks] are definitely the major cause of infection… ISPs need to get involved because it is their networks that are being used to launch the attacks. They definitely need to get involved and identify how their services are being used in this manner," said Biviano.

Lyn Maddock, acting chairperson of the ACMA, said the majority of spam is distributed by zombie computers, which have become a "major problem".

"There are millions of 'zombies' around the world and they have become a major problem on the Internet… Global software companies estimate that more than 60 percent of all global spam is now relayed via zombies and I am delighted that ACMA is working closely with ISPs and the public on addressing this issue," said Lyn in a statement.

Munir Kotadia reported from Sydney for ZDNet Australia. For more ZDNet Australia stories, click here.

Editorial standards