It's time for cyber weather and traffic bulletins
"And now, the weather." It's a sentence that can be heard, in some form or other, near the end of almost every news bulletin. In a few quick words, often with maps and charts and numbers, we're given key facts that help us prepare for the hours ahead.
Meteorological data and weather forecasts are essential for everything from aviation safety to managing power grids, and those industrial users need detailed information. But we all need the basics, so they're provided as a routine service.
"Showers and 18 degrees" means take an umbrella. "Afternoon thunderstorms", in Sydney at least, means abandon all hope of getting home from work on time.
Similarly, road traffic conditions have been a regular feature of morning and evening broadcast media for decades, especially in cities where the car is in charge.
I've long thought that we need the internet equivalent of these services.
If a ship's anchor has torn out a major international fibre link, maybe we should tell people proactively that working with Singapore will be painful for the next day or two. On a more local level, if an internet service provider's router fails, and the redundant unit is overloaded, tell people which suburbs are affected.
Similarly, if there's a phishing scam involving fake utility bills, don't wait for the utility to be told, figure out their corporate response, and wait for news editors to decide whether that particular scam is important enough a new story to mention. Get it out there.
Now that the Australian Cyber Security Centre (ACSC) is establishing a 24/7 "cyber newsroom", maybe they could start issuing these cyber bulletins.
And perhaps, as one delegate to the ACSC Conference in Canberra on Thursday suggested, they could model themselves on another trusted agency that reaches out to all Australians: The Bureau of Meteorology (BoM).
As it turns out, the ACSC is already thinking along these lines. CERT Australia's David George said he spoke this week with a BoM colleague about the relationships they might develop.
"They do have an interesting way of interacting with the Australian public, and they're a trusted resource. No one questions the weather forecast that comes through, even though we often find that they're not accurate, but we don't question them," George told the conference.
That's right. There isn't any editorial decision making. The weather forecast and supporting data go directly from the BoM duty forecaster to the weather presenter, who delivers it straight.
"One of the possibilities that we're exploring is whether we actually need some form of national alert level around cyber, and that's predominantly for the community. We have other channels through which we engage with industry," George said.
We already have at least one internet threat alert level system, the SANS Institute's Internet Storm Center INFOCON level. This works well for systems administrators, a warning to be ready to face emerging threats at the global level.
But personally, I don't think a raw alert level is the right system for actual people.
An earlier career in broadcast radio taught me that actual people need clear, simple messages, with a simple call to action. The messages need to be consistent, too, even if they're delivered in informal language.
We're used to phrases like "Heavy rain, so take care on the roads", or "On the M4, two northbound lanes closed due to an accident, traffic backed up 8km".
We'd soon get used to "iiNet customers in Moonee Ponds and Essendon, your tubes will be blocked for the next couple of hours", or "Double-check your water bills today, 'cos scammers are sending out fake Sydney Water invoices".
Some email filtering vendors are already sending out wordy press releases with generic comments about the latest email scam every damn day -- you know who you are -- which we journalists ignore. This sort of system would suit them better, and help deliver useful information.
One problem, at least for outages, is that ISPs don't want to admit they've got problems. Most of them continue to hide outage information on a service status page, rather than tell you upfront. After all, reliability is one of their selling points.
Perhaps they need some persuasion to open up a little.
Previous coverage
Caught short by NotPetya, Australia to establish 24/7 'cyber newsroom'
The Australian Cyber Security Centre's expanded role will include more proactive advice to a wider range of stakeholders, while cyber incidents are becoming 'much more destructive'.
Blaming Russia for NotPetya was coordinated diplomatic action
Australian is developing international partnerships to help deter 'inappropriate behaviour' in cyberspace. Naming and shaming is part of its deterrence framework.
Supporting digital trade a key element of Australia's cyber diplomacy: Feakin
'Global in perspective, regional in focus' is the mantra underpinning Australia's forthcoming International Cyber Engagement Strategy -- but with trade come norms of behaviour, and enforcement.
Australia stepping up foreign cooperation on state-level cyber deterrence
Addressing an inquiry into Australia's trade system and the digital economy, Ambassador for Cybercrime Tobias Feakin said the nation and its neighbours are thinking 'quite actively' about how to join forces on cyber deterrence.
Australia also points finger at Russia for NotPetya
The Australian government has joined the United Kingdom and the United States in blaming the Kremlin for NotPetya attacks.
Bad Rabbit: A new Petya-like ransomware that's spreading, but beatable (TechRepublic)
A new Petya variant is spreading through Eastern Europe, but with the proper security precautions it is entirely possible to avoid a serious ransomware outbreak on your network.