Australians Propose ‘No Anti-virus – No Internet Connection’ Policy

So after a year of research and debate, what did the Aussies come up with? A policy to disconnect people from the Internet if they get infected by a virus..

Rather naive isn’t it? Plus if your ISP cuts you off, how exactly are you supposed to resolve the problem without a connection to do research and download updates/patches?

AUSTRALIANS would be forced to install anti-virus and firewall software on their computers before being allowed to connect to the internet under a new plan to fight cyber crime. And if their computer did get infected, internet service providers like Telstra and Optus could cut off their connection until the problem was resolved.

Those are two of the recommendations to come from a year-long inquiry into cyber crime by the House of Representatives Standing Committee on Communications. Results of the inquiry, titled Hackers, Fraudsters and Botnets: Tackling the Problem of Cyber Crime, were released last night in a 260-page report. In her foreword, committee chair Belinda Neal said cyber crime had turned into a “sophisticated underground economy”.

“In the past decade, cyber crime has grown from the nuisance of the cyber smart hacker into an organised transnational crime committed for vast profit and often with devastating consequences for its victims,” Ms Neal said.

Also if they push to make software developers legally responsible for flaws in their software I think the Aussie market is going to miss out on a lot of software that’s being sold elsewhere. Who’s going to want to sell software when a 0-day exploit in your software opens you up to direct claims from the consumers using your software?

I applaud what they are doing, because consumer education and Government action is required for a country to increase its level of information security and reduce the cases of phishing and fraud.

During its inquiry the committee heard a growing number of Australians were being targeted by cyber criminals and that increasing internet speeds were likely to make the situation worse. It also heard the problem was costing Australian businesses as much as $649 million a year.

The committee looked at several different examples of cyber crime, including hacking, phishing, malware and botnets. Among its final 34 recommendations were:

  • The creation of an around-the-clock cyber crime helpline.
  • Changes to the law to make unauthorised installation of software illegal.
  • Companies who release IT products with security vulnerabilities should be open to claims for compensation by consumers.

Another of its recommendations was to create a new “e-security code of practice” that would define the responsibilities of internet service providers and their customers.

There’s no realistic way that the ISPs can monitor the level of security on consumers computers, Microsoft is already pushing this hard with its ‘Action Center’ that warns users if they have disabled the firewall, don’t have anti-virus software installed or have not configured Windows Update.

Either way I don’t think consumers and software producers will be very happy if the government do actually implement this policy.


Posted in: Legal Issues, Malware, Privacy

, , , , ,

Latest Posts:

APT-Hunter - Threat Hunting Tool via Windows Event Log APT-Hunter – Threat Hunting Tool via Windows Event Log
APT-Hunter is a threat hunting tool for windows event logs made from the perspective of the purple team mindset to provide detection for APT movements hidden in the sea of windows event logs.
GitLab Watchman - Audit Gitlab For Sensitive Data & Credentials GitLab Watchman – Audit Gitlab For Sensitive Data & Credentials
GitLab Watchman is an app that uses the GitLab API to audit GitLab for sensitive data and credentials exposed internally, this includes code, commits, wikis etc
GKE Auditor - Detect Google Kubernetes Engine Misconfigurations GKE Auditor – Detect Google Kubernetes Engine Misconfigurations
GKE Auditor is a Java-based tool to detect Google Kubernetes Engine misconfigurations, it aims to help security & dev teams streamline the configuration process
zANTI - Android Wireless Hacking Tool Free Download zANTI – Android Wireless Hacking Tool Free Download
zANTI is an Android Wireless Hacking Tool that functions as a mobile penetration testing toolkit that lets you assess the risk level of a network using mobile.
HELK - Open Source Threat Hunting Platform HELK – Open Source Threat Hunting Platform
The Hunting ELK or simply the HELK is an Open-Source Threat Hunting Platform with advanced analytics capabilities such as SQL declarative language, graphing etc
trape - OSINT Analysis Tool For People Tracking Trape – OSINT Analysis Tool For People Tracking
Trape is an OSINT analysis tool, which allows people to track and execute intelligent social engineering attacks in real-time.

13 Responses to Australians Propose ‘No Anti-virus – No Internet Connection’ Policy

  1. netalien June 22, 2010 at 2:18 pm #

    All one could say is thank god security software is so darn good protecting users from getting infected.

    How are they planning to monitor all this avoids me as well. I would imagine that they’re hoping to catch malware based on network activity perhaps? or are they going to ask microsoft for the action center report data? or should users be forced to send security software logs to their ISP?

    Also, once the damage is done. (by malware or whatever) how users are supposed to resolve the issues without a live connection to get patches, updates and cleaning tools? again, thank god things like antivirus are so good at proactive/reactive defense :)

  2. Rvx June 22, 2010 at 2:34 pm #

    What if they run Linux?

  3. netalien June 22, 2010 at 6:11 pm #

    There are antivirus and firewalls for linux so if the move is about forcing users to have those applications installed, having linux instead of windows doesn’t matter.

  4. Scooter June 22, 2010 at 9:58 pm #

    “Plus if your ISP cuts you off, how exactly are you supposed to resolve the problem without a connection to do research and download updates/patches?”

    I’m of the firm belief that anti-virus software ONLY lets you know your computer has started traveling a downward spiral. Once it starts detecting problems, you know you’re computer is hosed. Once I’ve confirmed a computer has ever been infected, I will no longer trust it until the thing is formatted entirely. You can reinstall without network quite easily and install patches and updates from behind a NAT router first thing when connection is restored.

  5. netalien June 23, 2010 at 4:40 am #


    Let’s suppose there are average users who don’t have a clue how to format and reinstall. Let’s also pretend that they don’t have the knowledge to understand what’s causing the system to misbehave, assuming that such a people exist, they will be like those users who go to forums asking how to recover their systems from whatever is wrong, right?

    Since such people do actually exist, internet access isn’t just about getting patches, there’s also consulting, many people doesn’t understand why their system fails, or if they think that it’s because of that scary word “malware” they don’t really know what to do so they go to forums, look up google, chat, irc, facebook or whatever in order to get help, to ask for a solution.

    Blocking access to this facility is counterproductive and isn’t only because patches and uptades.

  6. jack June 23, 2010 at 6:39 am #

    how can they monitor customers’ traffic for malware activities because it’s too steath sometimes?

  7. ju5tp4551ng June 23, 2010 at 8:23 am #

    As the Internet moves into the realm of being a necessity. Governments are going to have to give up this simplistic notion of being able to cut people off from it. Suppose you are a tele-worker and your PC gets a virus, how are the support guys going to fix it and should getting a virus effect your livelyhood. Some business banking is provided free, however, the only access is via the Internet, there’s no branch support, and is it not a democratic right to be able to use a PC without a firewall or anti-virus, after all, in a world full of STDs people still have unprotected sex. So if as a result you get an infection is the solution going to be “cut it off”!

  8. Roger June 23, 2010 at 1:23 pm #

    I live in Southern Indiana and this is a regular practice of one of the Cable ISP’s in my area. They turn off access and wait for the customer to call in for service. They then inform them that they are infected and require them to contact an IT service provider to clean the computer(s). Only after this is done and the tech calls, will the service be restored. Stupid, but has been in place for a couple of years. I talked to some people in this department which is simply called “abuse” and they said that it is cheaper for them to do it this way then to deal with the bandwidth costs associated with machines infected and sending out large amounts of SPAM.

  9. doug June 23, 2010 at 1:51 pm #

    anyone that uses an antivirus on linux is a noob

  10. Phill June 24, 2010 at 2:05 am #

    > in a world full of STDs people still have unprotected sex. So if as a
    > result you get an infection is the solution going to be “cut it off”!

    No but perhaps it should be ‘put it in a protective bubble so it cant hurt anyone else’. This proposal (as stupid as it is) could work the same way – a computer looks infected so throw it off into a safe/quarantine area.

  11. Morgan Storey June 24, 2010 at 7:11 am #

    I live in Australia, and think this is actually a good idea. The way it works from what I have heard is reactive (not proactive). So an ISP here recieves a complaint from company x that they are being spammed or DDOS’ed from an ip that is one of their clients, they have the choice of either cutting them off, or putting them in a walled garden that gives them access to av updates and nothing more.
    Basically trying a NAC of sorts for the internet. It isn’t a terrible idea, but it could be used maliciously, just think you have a small competitior vying for a contract, you put through a complaint and get their mailserver cut off, bam you get the drop on them.

    @doug: sorry but I run AV and rkhunter on any of my Linux machines, there are rootkits, trojans and the like for Linux. I also run SElinux and some policies on the way /tmp and /var can be mounted (no exec for tmp). Heck on windows I run software restriction policies but I still run AV. Defense in depth anyone.

  12. Sean July 23, 2010 at 11:32 am #

    personally i dont give a shit, i can lie and say i run AV all the time, when in fact i only run a scan maybe once a year and uninstall the rest of the time, i have never had a virus . this is the truth

  13. Morgan Storey July 26, 2010 at 4:13 am #

    @Sean: This law (like most laws) is designed for the lowest common denominator, most computer users who won’t think twice about running some app a complete stranger has emailed them, who love installing mouse themes and toolbars. For the rest of us we could probably survive without AV indefinately, but they have to cater to people who have no experience or the nous to navigate the big bad internet safley.
    Look at it like this, I am certain I could drive most roads at usually double there speed limit, but I don’t and can’t due to the speed limits inforced.