World leaders should put cyber security on agenda: Internet body

SYDNEY Tue Jun 14, 2011 3:15am EDT

A journalist checks the U.S. Senate's website in Washington, D.C. June 13, 2011, after it was hacked over the weekend. REUTERS/Stelios Varias

A journalist checks the U.S. Senate's website in Washington, D.C. June 13, 2011, after it was hacked over the weekend.

Credit: Reuters/Stelios Varias

SYDNEY (Reuters) - World leaders should put cyber security on the international agenda at forums such as the G20 and bring pressure to bear on "slower-moving" nations to take a stand against hacking, the co-founder of a global industry body said on Tuesday.

Peter Coroneos, co-founder of the International Internet Industry Association and head of Australia's industry body, said such leadership by major powers could support and hasten early industry efforts to adopt global anti-hacking safeguards.

"Getting the issue elevated to a level like the G20 would be a good way to promote engagement with economies that might otherwise move a little slower," Coroneos told Reuters.

"We saw that with the nuclear arms limitation treaty, where you did have a couple of early movers," he added.

Recent cyber attacks on multinational firms and institutions, from Google and Citigroup to the International Monetary Fund, have raised fears that governments and the private sector are losing the battle against hackers.

Google pointed the finger at China for an attempt to gain access to the Gmail accounts of assorted activists, and global miner BHP Billiton has also harbored concerns about high-tech espionage from China and its rivals.

Coroneos did not want to discuss any Chinese role in such hacking, but said hackers typically used networks of "zombie" personal computers, unprotected machines in homes anywhere in the world, to launch their attacks on secure databases.

"It's really the weapon of choice," he said.

Australia has taken a lead in forming a government and private-sector partnership to combat cyber hacking, announcing plans to draw up a cyber defense strategy and backing a campaign by Internet service providers to eradicate zombie computers.

Australian ISPs recently adopted a code of practice designed to identify and fix zombie computers with techniques such as monitoring for unusual activity in normally dormant periods, such as overnight when users are usually asleep.

The users are notified of any suspicious activity, without breaching privacy, and are also told how to secure their computers, either by themselves or with professional help.

"In the first six months of its operation, 90 percent of the ISP user base is security compliant," Coroneos said.

Australia's Internet Industry Association, which represents local ISPs, is now working with Internet associations in other countries to develop similar codes overseas, Coroneos said.

"If we want to really tackle it effectively we have to tackle it in multiple jurisdictions simultaneously around the world," he said, adding that ISP groups in the United States, Europe, India and Argentina were now looking at the Australian code as a basis for international cooperation.

"We have started to have a dialogue to see if this is something we can do in a coordinated way," Coroneos said.

(Reporting by Mark Bendeich; Editing by Sanjeev Miglani)

FILED UNDER: