In its latest move to protect critical infrastructure, the Australian federal government yesterday launched a secure Web site to report information security attacks, but the initiative has raised the ire of Australia’s Computer Emergency Response Team (AusCert) which has spent the last two years establishing a national reporting and alert system with a broad membership base.
Developed jointly by the Defense Signals Directorate (DSD) and the National Office of the Information Economy (NOIE), the ‘Onsecure’ Web site is for the exclusive use of commonwealth agencies whereas the AusCert national reporting scheme is used by both the business community and government.
Explaining how the two reporting mechanisms will work in parallel with each other, NOIE Chief Executive Officer John Rimmer said the aim of Onsecure is to respond more quickly to security threats and replaces the current system of reporting which utilizes snail mail and fax.
Rimmer said the current system managed by DSD and known as Isidras had mandatory protocols in place for government agencies to report security incidents but OnSecure was necessary to make it easier and faster to respond to hacking attempts, denial of service attacks or other information security breaches.
“It will also help the DSD to analyze incident reports more quickly and effectively, to identify any developing patterns and to assess the resulting threat level,” Rimmer said.
AusCert’s reporting scheme, which relies on government funding, is also used to analyze data and provide a measure for national threat levels.
Although AusCert data is currently shared with government, Rimmer said the government was seeking more data of its own.
He also admitted that the establishment of Onsecure will lead to “dual reporting” for commonwealth security professionals.
AusCert general manager Graham Ingram said Onsecure was developed with “little or no input” from the emergency response team with the reporting scheme it has developed over the past two years already including commonwealth agencies with whole of government agreements with four Australian states. Ingram said it will be difficult to develop a ‘national picture assessment’ of security threats if there are separate data pools for government reporting with information collected by separate reporting schemes.
As a result, Ingram will liaize with government to ensure information-sharing continues so data is not fractured and all reporting mechanisms operate in tandem.
“This information is important for analysis to ensure we have a clear understanding of threat levels and that includes government, business and the wider community,” he said.
“AusCert has a significant government membership base as they rely on our alerts, advisories and vulnerability information, but dual reporting is a concern because it’s tough getting organizations to report at all.”
OnSecure also has a public site, www.onsecure.gov.au, which makes information security resource material available to the general public and is funded through the government’s allocation of A$24.9 million (US$17.7 million) over four years in the 2002-03 budget for the e-security national agenda strategy.
As part of this strategy, the government allocated additional funding to NOIE, the DSD, the Australian Federal Police, the Australian Security Intelligence Organization and the Attorney-General’s Department to develop systems to protect, detect and respond to any attacks directed against Australia’s national information infrastructure.
The national information infrastructure includes the electronic systems underpinning critical services such as telecommunications, transport and distribution, energy and utilities, and the banking and finance sectors.