Australian government recruits ISP zombie hunters

The Australian government has recruited five ISPs to hunt down computers used to spread spam, malicious software and denial of service attacks from within the country.

The Australian government has recruited five ISPs to hunt down computers used to spread spam, malicious software and denial-of-service attacks from within the country.

These “zombie” machines are infected and taken over by remote attackers without the knowledge of their owners and are an increasing problem around the world.

Last week, a Californian man was charged by US federal authorities for creating a botnet of around 400,000 machines around the world, which were said to have been used in a variety of marketing scams.

And just before his arrest, three people in the Netherlands were charged for running a larger botnet than that uncovered in California.

The recruitment of ISPs by a national government to track down bots and help disinfect them is novel though.

The Australian Internet Security Initiative (AISI) is being run as a three-month trial by the Australian Communications and Media Authority (ACMA).

ACMA has developed an application that can identify computers located in Australia that are being used for illicit reasons.

The application identifies IP addresses that have been used and the affected IP addresses are then fed to the relevant ISP that controls them. Their customers can then be contacted about the problem.

The five ISPs chosen will regularly receive a list of IP addresses that identify threats. If the computer's owner is contacted by an ISP and is unwilling or unable to disinfect their machine, the ISP may remove the owner's connection to the internet until the problem is solved.

The acceptable usage policies of the ISPs customer contracts will be used to police the scheme.

It is believed that the majority of spam sent around the world is generated by zombie computers.

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close