Based on interviews with participants in the AISI, this report reveals how the AISI is valued and the important role it plays in how internet service providers manage malware.
Executive summary
The Australian Internet Security Initiative (AISI) is a program operated by the Australian Communications and Media Authority (the ACMA) to help AISI participants address the problem of computing devices that are ‘compromised’ by malware (or malicious software). Malware infections enable cyber criminals and state-sponsored actors to steal personal and sensitive information from these devices and control them remotely for illegal or harmful purposes, without the users’ knowledge. These infections often undertake activities that cause harm to other internet users, including the mass distribution of spam, hosting of phishing sites and facilitation of identity theft.
When this research was undertaken, there were 137 AISI members — including 18 universities — participating in the AISI program. These members receive daily AISI reports identifying internet protocol (IP) addresses on their networks observed as having malware infections. Members can use the information in the reports to identify the relevant customer or user with the malware infected computing device and help that customer or user to resolve the problem.
The ACMA introduced an online AISI portal in 2014 that provides access to more information on malware incidents associated with individual IP addresses than is contained in the daily AISI email reports. AISI members can download their AISI data directly from the portal to either complement or replace the data received in the daily AISI email
