By: Paul Kenyon
While many readers will be familiar with the Department of Homeland Security in the U.S., there are similar security initiatives being planned, or already under way, elsewhere in the world. In Australia, for example, under the guidance of Prime Minister Julia Gillard and her federal team, the government is carving out something of a name for itself in the IT security arena. This development is somewhat surprising considering Australia’s relative youth and the fact that the country has around 22 million citizens — big enough to make its weight felt in international terms, but small enough to be flexible in the modern world of IT matters.
A key example of this is the Defence Signals Directorate (DSD), Australia’s equivalent of the Department of Homeland Security, which has analyzed some of the attack methods used by cybercriminals and come up with four main techniques for blocking them. The government, moving swiftly in response, has started rolling out these techniques across its IT infrastructure, reportedly to great effect.
The third and fourth techniques center on the idea of whitelisting — that is, forcing Australian public-sector computer users to install only approved, or whitelisted, applications, and only allowing similarly approved and risk-analyzed emails to be viewed. This means that on their office computers Australian government employees can only access their corporate email and browse a limited number of websites, which, in turn, means they have far less of a chance of infecting their PCs than “civilian” Internet users.
In addition to its controlled-software-and-Internet-usage approach to IT, the Australian government has been highly proactive in quickly patching high-risk security vulnerabilities in both the operating systems and software that its many computers run.
Based on an analysis of its Internet usage during 2010, in fact, the DSD concluded that at least 85 percent of the targeted cyber-intrusions it responded to during the year could have been prevented by using the four main mitigation techniques. All four are highlighted in a 35-point report, “Strategies to Mitigate Targeted Cyber Intrusions,” which found that although resistance to the idea of patching operating systems and software was low, the costs involved on the financial and staff-training side of things were still quite high.
That’s not to say that Australian public-sector staff response to the report’s recommendations, which included control over both portable and data devices, was entirely positive. The report’s authors found a high degree of staff resistance to the idea that their access to USB sticks and other forms of low-cost data storage was to be restricted.