13

III. Activity Reports from APCERT Members

Full Members 1. AusCERT Activity Report 2008 Australian Computer Emergency Response Team – Australia 1. About AusCERT 1.1. Introduction As the national CERT, AusCERT serves Australias national interest by improving Internet security for Australian Internet users. AusCERT does this by:  collecting, analyzing and providing advice about computer network threats and vulnerabilities;  helping to mitigate Internet attacks directed at Australian Internet users and networks; and  providing education and advice about issues affecting Internet security in Australia and globally. AusCERT is the primary point of contact for handling incidents sourced from Australian networks or to provide information about threats and vulnerabilities that could affect Australian Internet users and networks. Increasingly, AusCERT has used its unique operational vantage monitoring, analyzing and mitigating cyber attacks to advocate best practice in Internet security, particularly in areas involving cooperation between entities around the world and attack impact mitigation.

1.2. Establishment

AusCERT was officially established on 8 March 1993 through the collaboration of three Brisbane based universities, including the University of Queensland. Over time, as the Internet grew and government, business and ordinary users began to use the Internet for daily communications and business, so AusCERTs focus changed from being university centric to include the interests of all sectors. AusCERT is an independent, non-government, self-funded not-for-profit team of information and technical security professionals based at the University of 14 Queensland. The University of Queensland is one of Australias premier learning and research institutions. AusCERT is recognized as the national computer emergency response team CERT by the Australian government.

1.3. Staffing

AusCERT employs 17 staff. Eight Coordination-Centre staff provide incident handling and security bulletins services to AusCERT members, the public and contacts overseas. Staff are on call on a 24 hour basis to help assist with emergency computer security incidents for members outside of core hours. Coordination Centre staff also monitor and initiate action to mitigate malware attacks, inter alia, directed at Australian Internet users in general as part of its national CERT role. There are three managers who cover the Australian Access Federation project, Analysis and Assessments and Training and Education. One team member provides infrastructure support; two cover administrative support for day to day operations. Daily business planning is covered by the Operations Manager and the General Manager. All managers contribute to the strategic direction of AusCERT.

1.4. Constituency

AusCERTs constituents are Australian Internet users in the public and private sector, home and business. Given that AusCERTrelies on revenue from its subscribers, member organisations remain the highest priority. However, many of its activities done in support of its national CERT role provides general benefits to its membership by helping to contribute to increased level of security for Australia. AusCERT works closely with Australian government agencies, industry and technology vendors and provides computer security and incident handling advice to a range of subscribers throughout Australia, New Zealand and the Asia-Pacific region. All Australian universities and the majority of New Zealand universities are members of AusCERT and there is a strong relationship with the Council of Australian University Directors of Information Technology CAUDIT.

2. Activities Operations