13
III. Activity Reports from APCERT Members
Full Members 1. AusCERT Activity Report 2008
Australian Computer Emergency Response Team – Australia
1. About AusCERT 1.1. Introduction
As the national CERT, AusCERT serves Australias national interest by improving Internet security for Australian Internet users.
AusCERT does this by: collecting, analyzing and providing advice about computer network threats and
vulnerabilities; helping to mitigate Internet attacks directed at Australian Internet users and
networks; and providing education and advice about issues affecting Internet security in
Australia and globally. AusCERT is the primary point of contact for handling incidents sourced from
Australian networks or to provide information about threats and vulnerabilities that could affect Australian Internet users and networks.
Increasingly, AusCERT has used its unique operational vantage monitoring, analyzing and mitigating cyber attacks to advocate best practice in Internet
security, particularly in areas involving cooperation between entities around the world and attack impact mitigation.
1.2. Establishment
AusCERT was officially established on 8 March 1993 through the collaboration of three Brisbane based universities, including the University of Queensland. Over
time, as the Internet grew and government, business and ordinary users began to use the Internet for daily communications and business, so AusCERTs focus
changed from being university centric to include the interests of all sectors. AusCERT is an independent, non-government, self-funded not-for-profit team of
information and technical security professionals based at the University of
14 Queensland. The University of Queensland is one of Australias premier learning
and research institutions. AusCERT is recognized as the national computer emergency response team
CERT by the Australian government.
1.3. Staffing
AusCERT employs 17 staff. Eight Coordination-Centre staff provide incident handling and security bulletins services to AusCERT members, the public and
contacts overseas. Staff are on call on a 24 hour basis to help assist with emergency computer security incidents for members outside of core hours.
Coordination Centre staff also monitor and initiate action to mitigate malware attacks, inter alia, directed at Australian Internet users in general as part of its
national CERT role. There are three managers who cover the Australian Access Federation project,
Analysis and Assessments and Training and Education. One team member provides infrastructure support; two cover administrative support for day to day
operations. Daily business planning is covered by the Operations Manager and the General Manager. All managers contribute to the strategic direction of
AusCERT.
1.4. Constituency
AusCERTs constituents are Australian Internet users in the public and private sector, home and business. Given that AusCERTrelies on revenue from its
subscribers, member organisations remain the highest priority. However, many of its activities done in support of its national CERT role provides general
benefits to its membership by helping to contribute to increased level of security for Australia.
AusCERT works closely with Australian government agencies, industry and technology vendors and provides computer security and incident handling advice
to a range of subscribers throughout Australia, New Zealand and the Asia-Pacific region. All Australian universities and the majority of New Zealand universities
are members of AusCERT and there is a strong relationship with the Council of Australian University Directors of Information Technology CAUDIT.
2. Activities Operations