ISPA to launch cyber security code in South Africa
SECURITY| May 4, 2012, 8:13 a.m.
South Africa's Internet Service Providers' Association (ISPA) has announced it will lead the development of a new voluntary code of practice to improve cyber security for end-users.
Known as the icode, and developed in conjunction with Australia's Internet Industry Association, which pioneered the approach in 2010, the code will provide a consistent approach for South African ISPs to help inform, educate and protect their customers in relation to cyber security. South Africa would become the second country in the world to implement network level protection of vulnerable end users under the icode banner.
By following the code, ISPs will contribute to reducing the number of compromised computers in South Africa and enhance the overall security of the South African and international Internet.
"The increasing threat of zombied computers - computers which have been essentially hijacked and are under the control of criminals or other third parties - presents a real risk to users. Identity theft, fraud, and increases in spam are all possible consequences of compromised computers."
"The problem we now face as an industry," said ISPA spokesperson Ant Brooks, "is the sophistication of attacks on end-user computers. Scanning at the network level by ISPs can provide an early warning to users when the user may be completely unaware there's a problem with their computer."
"An infected computer is not only bad for the end-user, it's also a problem for the integrity of networks themselves because it increases the amount of spam and other "bad traffic". This is why ISPs are telling us they will support the scheme."
Australia's Internet Industry Association chairman Bruce Linn welcomed the announcement. "The Australian experience has shown that end-users appreciate knowing that their ISP is watching for signs of infection on the network.
Most users are initially very surprised to find out that their machine may be infected by 'malware' such as viruses. But they are relieved when they are given the information and tools to restore their computer's security."
The initiative was also welcomed by the banking sector. "South Africa's banks are committed to educating consumers about online security, and constantly review security measures to offer South African Internet users as safe an online banking experience as possible," says Mrs Kalyani Pillay, CEO of the South African Banking Risk Information Centre (SABRIC).
"SABRIC welcomes the launch of the icode project, and is encouraged by the commitment of ISPs towards assisting their customers with the security of their computers and their personal information."
ISPA spokesperson Ant Brooks emphasised that the new code was designed to protect the privacy of end-users.
"The network level scanning that allows ISPs to detect signs of infected machines does not in any way involve looking at what users are themselves doing online. On the contrary, the scheme is designed to reduce the incidence of the single biggest threat to end-user privacy -- the presence of malware which can steal personal information and relay it to criminals overseas."
The code is designed to respond to this challenge by providing a consistent approach for South African ISPs to help inform, educate and protect their customers in relation to cyber security. ISPA believes a uniform national (and international) approach is warranted. The code will deliver a standard set of best practices for ISPs to follow to preserve the integrity of their networks.
The icode is expected to contain four main elements:
- A notification/management system for compromised computers
- A standardised information resource for end users
- A comprehensive resource for ISPs to access the latest threat information
- A reporting mechanism in cases of extreme threat back to national security agencies to facilitate a national high level view of attack
MORE SECURITY NEWS
Identity thieves target used hard drivesCompanies need to take measures to wipe the hard drives of obsolete technology before selling or donating it, warns Xperien. Read More
Cybercrime in South Africa: The battlefield has shiftedAlthough the majority of South African businesses are investing in their security infrastructure, many are doing so in the wrong places. Read More
RSA acknowledged by Frost & Sullivan for excellence and innovation in its network security forensicsRSA, The Security Division of EMC, has been determined by Frost & Sullivan as winner of the 2016 Global Frost & Sullivan Enabling Technology Leadership Award in Network Forensics for RSA Security Analytics. Read More
Top targets for cyber attacks in East AfricaGovernments are East Africa’s top target sector for cyber attacks, followed by telecoms and financial services, says a report by Control Risks. Read More
Connecting the dots: respond-to-alerts based security posture will not protectAccording to an Arbor paper, “Connecting the Dots in Enterprise Security”, advanced threats target a specific company, are designed to bypass traditional controls, and comprise a planned and orchestrated set of attack activities. Read More
DNS attacks on the increase, concern for SA firmsSouth African organisations will likely see an increase in the volume and severity of network attacks over the coming years, says Arbor Networks. Read More
RSA: 75 percent of organisations at significant risk of cyber incidentsRSA, The Security Division of EMC, has released data demonstrating that organisations that invest in detection and response technologies, rather than perimeter-based solutions, are better poised to defend against cyber incidents. Read More
DDoS attacks don’t have to mean ‘game over’The problem of inadequate protection from DDoS attacks is a growing concern for South African organisations, says Arbor Networks. Read More
DNS attacks on the increase, concern for SA firmsArbor Networks Annual Worldwide Infrastructure Security Report provides a rare insight into the nature of today’s network security threats, and the ways in which enterprise network operators and service providers are facing up to these challenges. Read More
Arbor Networks Spectrum v2.1 pioneers new network approach for security teamsArbor Networks Inc., the security division of NETSCOUT, has introduced version 2.1 of Arbor Networks Spectrum, its advanced security analytics and threat-hunting platform, to the African region. Read More
FEATURED STORYGovernment should encourage youths in ICT early
Youths should be given more encouragement to develop their ICT skills, an 11-year-old app developer told Kokumo Goodie.
BEST READ NEWS
IN DEPTHIBM Opens First Cloud Data Centre in South Africa
IBM is opening a new IBM Cloud Data Centre in Johannesburg, South Africa. The new cloud center is the result of a close collaboration with Gijima and Vodacom and is designed to support cloud adoption and customer demand across the continent.