ISPs should disconnect infected users
blog The notion of disconnecting computers from the internet that are infected with malware until they are fixed is sound policy and should be made mandatory if it is to be effective.
New cybercrime report
(Credit: House of Representatives)
Let me be the first to welcome some of the recommendations in a new parliamentary report entitled Hackers, Fraudsters and Botnets: Tackling the Problem of Cyber Crime.
Yes, some are crazy, like making it mandatory for internet users to install antivirus software and firewalls before their internet connection is activated. What if I use my iPhone to connect to a Wi-Fi access point that has internet connectivity?
And what if I don't want to fork out money to install some of that software, or use an operating system that doesn't have the ability to have it installed?
But one recommendation in the report — that a mandatory e-security code of practice for the internet industry be adopted, which goes beyond the recently launched voluntary code — is not so bad.
The industry's voluntary code (named iCode) aims to reduce the number of malware-infected computers on the internet by suggesting ways internet service providers (ISPs) can assist.
One suggestion within the iCode is to put internet users into a "walled garden" if their computer becomes infected, which limits internet access to prevent further security problems until the PC is quarantined. Another option is to throttle infected users' speed.
When in the walled garden, the idea is that users would be given access to software that they can download to cleanse their system until it is no longer infected.
I've always thought that the voluntary nature of the iCode was a problem. To get rid of the botnet problem — which is generated by malware-infected computers — we need to take action, and that action needs to be drastic and effective. So I think a mandatory code is a good thing.
ISPs are in one of the best positions to assist users, and yes, I understand policy like this would cost them money, but surely the benefits would outweigh the costs of setting up such a system.
And ISPs can make money from this! Think about it, you get infected and your ISP tells you you're infected: you can either fix the problem yourself, or perhaps your ISP offers you some software available via download for $50 that will fix the problem for you. Or maybe there could even be a "send technician" button, which the ISP might contract out to a company nearby.
Senator Conroy's office has said that the government will "examine the report to see how it can improve current cybersecurity arrangements".
At this month's release of the iCode, Conroy said that the government was working with the Internet Industry Association (IIA) and industry to make the iCode work as a voluntarily code.
"Down the track if [the voluntary code] doesn't work — [compulsory adherence] is something we'll have to look at," Conroy reportedly said. "But we are genuinely working well with the sector to get the best outcome."
The iCode is due to come into effect in December, and so I don't see government taking any action on the disconnection of users portion of the report until they see what the take-up is like. Here's hoping ISPs take to the idea and maybe even see it as a revenue maker.