Australian ISP code could defeat new generation of DDoS attacks, says Imperva

The Australian Internet Industry Association (IIA) has called on ISPs across the country to adopt a voluntary code of conduct on cyber security.

The Australian Internet Industry Association (IIA) has called on ISPs across the country to adopt a voluntary code of conduct on cyber security.

The ISPs are being asked to educate customers, offer better online protection and quarantine users whose computers are infected by zombie malware.

Security firm Imperva has applauded the controversial move to temporarily block an infected users' ability to generate spam.

"It won't affect their ability to surf the internet or access a webmail account," said Amichai Shulman, chief technology officer at Imperva.

"The IIA says the code of conduct will give customers greater levels of confidence in the security of their internet connections, as well as helping to reduce the levels of zombie infections actively connected to the internet."

The code of conduct will encourage Australian ISPs to introduce network activity detection on their platforms to enable them to identify abnormal traffic patterns from a subscriber's IP address and take appropriate action, said Shulman.

It is hoped that other countries will adopt a similar approach to this type of attack, particularly in the light of the fact that cyber criminals are using a new type of distributed denial of service (DDoS) attack that is more powerful and elusive than any predecessors.

Imperva researchers have found that a new generation of DDoS attacks does not use bot-infected PCs, but instead capitalises on the greater power of web servers.

"These servers are controlled using a simple web application, consisting of just 90 lines of PHP code, making them highly effective for the cybercriminals, since they offer criminals more horsepower and typically fatter pipes for throwing out spurious traffic," said Shulman.

If the ISPs are able to quarantine an IP address generating this type of spurious traffic, the effects of a server-infection denial of service attack can be negated, he said.

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close