Australian Cybersecurity Panel Recommends Disconnecting Unprotected Computers From Net

A report into cybercrime by the Australian House of Representatives Standing Committee on Communications titled, "Hackers, Fraudsters and Botnets: Tackling the Problem of Cyber Crime," has recommended that Australians "be unable to access the Internet without having anti-virus and firewall programs installed and a virus-free machine," says a story in the Sydney Morning Herald.

The 260-plus page report goes on to state, among its 34 recommendations, that there is:

  • an obligation by an Internet Service Provider (ISP) to provide basic security advice when an account is set up to assist the end user to protect themselves from hacking and malware infections;
  • a mandatory obligation to inform end users when their IP address has been identified as linked to an infected machine(s);
  • a clear policy on graduated access restrictions and, if necessary, disconnection until the infected machine is remediated;
  • the provision of basic advice and referral for technical assistance for remediation; and
  • a requirement that acceptable use policies include contractual obligations that require a subscriber to (a) install anti-virus software and firewalls before the Internet connection is activated; (b) endeavour to keep e-security software protections up to date; and (c) take reasonable steps to remediate their computer(s) when notified of suspected malware compromise.

Needless to say, the report's recommendations have sparked controversy, with some questioning the legal authority of the government to determine the terms of ISP contracts with their customers; others questioning whether only certain anti-virus software will be acceptable and who decides that; and still others questioning how corporate networks would be policed.

I'd be interested in hearing from Risk Factor readers how they would feel about not being allowed to connect to the Internet unless you have up-to-date anti-virus software installed or if you have an infected machine.

What about the feasibility of the scheme?

Finally, would you voluntarily sign up with an ISP that followed the recommendations listed above?

Related Stories

Risk Factor

IEEE Spectrum's risk analysis blog, featuring daily news, updates and analysis on computing and IT projects, software and systems failures, successes and innovations, security threats, and more.

Contributor
Willie D. Jones
 

Newsletter Sign Up

Sign up for the ComputerWise newsletter and get biweekly news and analysis on software, systems, and IT delivered directly to your inbox.

Advertisement
Advertisement