Five Internet Service Providers have been
recruited by the government to hunt down virus-infected computers
used to send spam or launch DDoS attacks from Australia.
The Minister for Communications, Information Technology and
the Arts, Senator Helen Coonan launched the Australian Internet
Security Initiative (AISI) on Monday, which is being run on a
three-month trial basis by the Australian Communications and
Media Authority (ACMA).
Anthony Wing, manager of the anti-spam team at the ACMA, told
ZDNet Australia that the program uses an in-house developed application -- which took "some
months" for the ACMA to build -- that can identify computers physically located in
Australia that are being used for "illicit reasons".
"[The application] identifies IP addresses that have been used
for illicit reasons -- for example spamming," Wing said. "There
are a range of sensors around that world that identify them.
Those infected IP addresses are then fed to the relevant ISP.
[The ISPs] know who their customers are so that they can contact them".
The five ISPs signed up for the trial are Telstra BigPond,
OptusNet, Westnet, Pacific Internet and West Australian Networks.
Each will regularly receive a list of IP addresses that identify
computers on their network demonstrating zombie-like behaviour.
The ISPs will then be responsible for contacting their customers
and helping them disinfect their computers.
According to a statement from the ACMA, if the owner of a
computer contacted by an ISP is unwilling or unable to disinfect
that machine, the ISP could remove its connection to the
Internet: "if the computer remains a threat to other Internet
users, the ISPs may take steps under their acceptable use policy
to disconnect the computer until the problem is resolved".
Dennis Muscat, managing director of Melbourne-based Pacific
Internet, said that customers usually have no idea their computer
is infected: "Our experience has been that customers are usually
completely unaware that their computer is compromised and they've
been very grateful for the notification".
Adam Biviano, senior systems engineer at anti-virus firm Trend
Micro, told ZDNet Australia that he is pleased that the
government has woken up to the fact that zombie computers are a
"[Zombie networks] are definitely the major cause of
infection… ISPs need to get involved because it is their
networks that are being used to launch the attacks. They
definitely need to get involved and identify how their services
are being used in this manner," said Biviano.
Lyn Maddock, acting chairperson of the ACMA, said the majority
of spam is distributed by zombie computers, which have become a
"There are millions of 'zombies' around the world and they
have become a major problem on the Internet… Global
software companies estimate that more than 60 percent of all
global spam is now relayed via zombies and I am delighted that
ACMA is working closely with ISPs and the public on addressing
this issue," said Lyn in a statement.