IIA releases draft eSecurity for ISPs

The proposed IIA Trustmark

The Internet Industry Association (IIA) has released a draft eSecurity code to help Internet service providers (ISPs) to improve security for their customers.

The code, which will be finalised by December 1, 2009, takes in four main elements:

• Identification of compromised computers
• Customer contacts
• Provision of information and advice to fix the compromised system
• A reporting function for alerting about serious scale threats

The number of spam messages and malware is growing daily. The IIA claims about 200,000 million spam messages clog inboxes each day. The average zombie PC can send 10,000 spam messages a day.

According to the IIA, there are about 100,000 'zombies' in Australia at present. Zombie infections also account for about 90 per cent of spam worldwide.

The association hopes the voluntary code will provide a fair and uniform approach to reducing malware-infected systems. It will not include SMS or smartphone mobile devices.

It calls on ISPs to actively monitor systems for malicious activity and compromised computers as part of normal network management activities and notifying trusted third party sources. Providers must also provide standard security information to their customers.

ISPS will be encouraged to monitor mail queues and network traffic patterns for anomalies or patterns using:

• Ingress antivirus and spam checking
• Ingress address validation (not accepting any packets from computers that have source addresses not assigned within the ISP's allocation block)
• Gateway IPS/IDS
• Internal firewall systems
• Internal systems used to identify well known trojan/viruses using well known TCP and UDP port numbers Reports from customers.

ISPs who are compliant with this code will be entitled to use a special IIA Security Friendly ISP Trustmark on their websites.

The IIA is calling for public response to the draft code by via email at securitycode@iia.net.au by Friday, October 30, 2009.