Absent Internode mulls iCode sign-up
Internet provider Internode has yet to sign up to the anti-botnet iCode initiative, as it is waiting on approval from business executives and its lead network security head.
(Complete image by Timypenburg, CC BY-SA 2.0)
The iCode initiative is designed by the Internet Industry Association to codify good security practice for internet providers and eliminate malware by alerting users if their computers are infected. It went live on Wednesday with support from some 20 internet providers that represent about 80 per cent of all internet subscribers.
Providers adhering to the voluntary code will phone users and direct them to a security website if their computers show symptoms of infection, such as spamming or communication of malicious network traffic.
Former Internode security lead Bruce Hore has been instrumental in developing the iCode. Since Internode, Hore has taken up a post at the South Australian Department of Health.
Before the carrier will decide on its support of the iCode, Hore's replacement, Derek Grocke, and other technical and regulatory minds are reviewing its implications, including compliance requirements, regulatory and governance issues, and whether new security equipment will need to be purchased.
Carrier relations manager John Lindsay said he expects Australia's fifth largest carrier to sign up to the iCode soon.
"[The iCode] is about codifying what is already common practice," Lindsay said. "It means that if you have the security capability in place, then keep it. If not, then maybe you should buy some."
"It is a selling point, to offer secure services for customers."
The code has received international praise for its potential ability to crackdown on botnets, which offer controllers the processing power held within each malware-infected machine, or zombie node. A botnet can be used to pump out spam, assist with hacking, or distributed denial-of-service attacks.
Large carriers like Internode can help terminate botnet malware infections by using deep packet inspection to sift through data traversing their networks, and terminating by default risky services by using Microsoft's SMB file-sharing and some mail relays.
But carriers were formerly reticent to use deep packet inspection for fear of breaching the Telecommunications Interception and Access Act. The law was amended this year to specifically allow the use of deep packet inspection in line with the normal operations of internet providers.
Lindsay said that small providers that do not have the expensive networking analysis technology could review the traffic logs using inexpensive methods.
Internet providers have dodged unwanted government regulation by signing up to the industry code.