{"id":57740,"date":"2020-07-23T06:00:05","date_gmt":"2020-07-22T20:00:05","guid":{"rendered":"https:\/\/www.aspistrategist.ru\/?p=57740"},"modified":"2023-07-10T18:11:32","modified_gmt":"2023-07-10T08:11:32","slug":"how-internet-service-providers-can-defend-the-undefendable","status":"publish","type":"post","link":"https:\/\/www.aspistrategist.ru\/how-internet-service-providers-can-defend-the-undefendable\/","title":{"rendered":"How internet service providers can defend the undefendable"},"content":{"rendered":"
<\/figure>\n

On the whole, the internet has been a tremendous boon for society, but it has also exposed all of Australia\u2014our people, our economy and our government\u2014to sources of unexpected danger from across the entire planet. Criminals, crooks and scammers in other countries can now reach out and hurt us by stealing our data, our identities and our money, and by disrupting our businesses. And although these crimes can be perpetrated in cyberspace, our justice system is historically designed for the physical world and these criminals are usually beyond the reach of our laws.<\/p>\n

When it comes to national security, cyber operations are now one of the main ways that states engage in strategic competition to gain advantage without warfare.<\/p>\n

The entirety of online Australia is subject to attack, but the sad truth is that only a minority of Australian people and organisations are able to defend themselves. According to the latest official figures<\/a>, a new cybercrime is reported to Australian authorities every 10 minutes\u2014a staggering statistic given that perhaps less than a third<\/a> of these crimes are actually reported.<\/p>\n

Even large businesses are not immune from online dangers. This year alone BlueScope Steel, transport company Toll Holdings and brewer Lion Australia have had their operations interrupted by ransomware. If large operations are not immune, how are the 98% of Australian businesses<\/a> with fewer than 20 employees to cope?<\/p>\n

An ASPI International Cyber Policy Centre report<\/a> released today examines \u2018Clean Pipes\u2019, the concept that internet service providers (ISPs) offer enhanced levels of default security to their customers.<\/p>\n

Some of the most effective security interventions in recent decades have involved providing \u2018invisible\u2019 security\u2014security that is delivered by default to end users without requiring any skills or work on their part. These default protections have occurred at many different layers in our computing and communication infrastructure.<\/p>\n

For example, one of the ways that operating systems manufacturers such as Microsoft and Apple have made their products more secure is through automatic updates that allow security improvements to be distributed without requiring any user intervention. Building on top of these operating system improvements, browser manufacturers have built systems (Google\u2019s Safe Browsing<\/a> and Microsoft\u2019s Defender SmartScreen<\/a>, for example) that warn users before they head to dangerous sites. These initiatives aren\u2019t perfect, but Google\u2019s transparency report<\/a> states that its Safe Browsing service issues five to 10 million warnings a week to users.<\/p>\n

Our ISPs are well placed to implement similar initiatives that improve the security of millions of Australians without their needing to be cybersecurity experts. Conceptually, this requires that ISPs positively identify threats, have some ability to proactively deal with them (such as warning users, blocking attack traffic or removing bogus traffic), and be able to adjust their responses dynamically as the environment changes.<\/p>\n

ISPs already have some of these systems in place to protect their own networks and, to a greater or lesser extent, already use that capability to protect their customers. So this is not a case of building an entirely new system to protect Australians. Until now there\u2019s been no widespread belief\u2014among either ISPs or their customers\u2014that providing enhanced default security to customers was an ISP\u2019s job, and nor has any obligation or regulation been imposed by government. In the absence of any expectation or obligation, the investments needed to provide a more secure service haven\u2019t been made.<\/p>\n

This hands-off approach to security may have been appropriate for the early days of cyberspace, but as the internet has become increasingly important and the consequences of online crime and interference have become more dire we need more robust protections. The Australian government should drive greatly expanded adoption of Clean Pipes to provide more effective protection across more ISPs\u2014protecting more Australians more effectively. The key advantage of this approach is that it provides advanced scalable protection for the millions of Australians who cannot provide for their own online security.<\/p>\n

Recently announced<\/a> government funding of over $35 million to develop a \u2018new cyber threat-sharing platform\u2019 and over $12 million towards \u2018strategic mitigations and active disruption options\u2019 could certainly assist in the implementation of a Clean Pipes program. Without an injection of government funds and leadership, it\u2019s likely that the status quo will continue.<\/p>\n

Australian governments don\u2019t have a stellar track record of explaining<\/a> their internet<\/a> initiatives<\/a> to the public. To avoid Clean Pipes being mired in unnecessary controversy, government actions and communications should maintain a clear focus on protecting users, and keep copyright enforcement and removal of abhorrent material to their own separate mechanisms.<\/p>\n

Clean Pipes is an idea whose time has come. Everyone involved in delivering services on the internet needs to accept an obligation to protect their users.<\/p>\n","protected":false},"excerpt":{"rendered":"

On the whole, the internet has been a tremendous boon for society, but it has also exposed all of Australia\u2014our people, our economy and our government\u2014to sources of unexpected danger from across the entire planet. …<\/p>\n","protected":false},"author":618,"featured_media":57744,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false,"footnotes":""},"categories":[1],"tags":[416,2138,692],"class_list":["post-57740","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-australian-government","tag-cybersecurity","tag-internet"],"acf":[],"yoast_head":"\nHow internet service providers can defend the undefendable | The Strategist<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.aspistrategist.ru\/how-internet-service-providers-can-defend-the-undefendable\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How internet service providers can defend the undefendable | The Strategist\" \/>\n<meta property=\"og:description\" content=\"On the whole, the internet has been a tremendous boon for society, but it has also exposed all of Australia\u2014our people, our economy and our government\u2014to sources of unexpected danger from across the entire planet. ...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.aspistrategist.ru\/how-internet-service-providers-can-defend-the-undefendable\/\" \/>\n<meta property=\"og:site_name\" content=\"The Strategist\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/ASPI.org\" \/>\n<meta property=\"article:published_time\" content=\"2020-07-22T20:00:05+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-07-10T08:11:32+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2020\/07\/GettyImages-846822020.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"683\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Tom Uren\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@ASPI_org\" \/>\n<meta name=\"twitter:site\" content=\"@ASPI_org\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Tom Uren\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#website\",\"url\":\"https:\/\/www.aspistrategist.ru\/\",\"name\":\"The Strategist\",\"description\":\"ASPI's analysis and commentary site\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.aspistrategist.ru\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-AU\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-AU\",\"@id\":\"https:\/\/www.aspistrategist.ru\/how-internet-service-providers-can-defend-the-undefendable\/#primaryimage\",\"url\":\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2020\/07\/GettyImages-846822020.jpg\",\"contentUrl\":\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2020\/07\/GettyImages-846822020.jpg\",\"width\":1024,\"height\":683,\"caption\":\"(FILES) A picture taken on October 17, 2016 shows an employee walking behind a glass wall with machine coding symbols at the headquarters of Internet security giant Kaspersky in Moscow. The US government banned the use of Kaspersky security software in federal offices on September 13, 2017, saying the Russian company has risky ties to Russian intelligence that threaten US national security. \/ AFP PHOTO \/ KIRILL KUDRYAVTSEV (Photo credit should read KIRILL KUDRYAVTSEV\/AFP via Getty Images)\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.aspistrategist.ru\/how-internet-service-providers-can-defend-the-undefendable\/\",\"url\":\"https:\/\/www.aspistrategist.ru\/how-internet-service-providers-can-defend-the-undefendable\/\",\"name\":\"How internet service providers can defend the undefendable | The Strategist\",\"isPartOf\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/how-internet-service-providers-can-defend-the-undefendable\/#primaryimage\"},\"datePublished\":\"2020-07-22T20:00:05+00:00\",\"dateModified\":\"2023-07-10T08:11:32+00:00\",\"author\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/b143103fc9b3a4ae0d5e4b22c5eba93a\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/how-internet-service-providers-can-defend-the-undefendable\/#breadcrumb\"},\"inLanguage\":\"en-AU\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.aspistrategist.ru\/how-internet-service-providers-can-defend-the-undefendable\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.aspistrategist.ru\/how-internet-service-providers-can-defend-the-undefendable\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.aspistrategist.ru\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How internet service providers can defend the undefendable\"}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/b143103fc9b3a4ae0d5e4b22c5eba93a\",\"name\":\"Tom Uren\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-AU\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/216436cb30ac616a4eacffdffe5ff739?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/216436cb30ac616a4eacffdffe5ff739?s=96&d=mm&r=g\",\"caption\":\"Tom Uren\"},\"url\":\"https:\/\/www.aspistrategist.ru\/author\/thomas-uren\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How internet service providers can defend the undefendable | The Strategist","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.aspistrategist.ru\/how-internet-service-providers-can-defend-the-undefendable\/","og_locale":"en_US","og_type":"article","og_title":"How internet service providers can defend the undefendable | The Strategist","og_description":"On the whole, the internet has been a tremendous boon for society, but it has also exposed all of Australia\u2014our people, our economy and our government\u2014to sources of unexpected danger from across the entire planet. ...","og_url":"https:\/\/www.aspistrategist.ru\/how-internet-service-providers-can-defend-the-undefendable\/","og_site_name":"The Strategist","article_publisher":"https:\/\/www.facebook.com\/ASPI.org","article_published_time":"2020-07-22T20:00:05+00:00","article_modified_time":"2023-07-10T08:11:32+00:00","og_image":[{"width":1024,"height":683,"url":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2020\/07\/GettyImages-846822020.jpg","type":"image\/jpeg"}],"author":"Tom Uren","twitter_card":"summary_large_image","twitter_creator":"@ASPI_org","twitter_site":"@ASPI_org","twitter_misc":{"Written by":"Tom Uren","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebSite","@id":"https:\/\/www.aspistrategist.ru\/#website","url":"https:\/\/www.aspistrategist.ru\/","name":"The Strategist","description":"ASPI's analysis and commentary site","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.aspistrategist.ru\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-AU"},{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.aspistrategist.ru\/how-internet-service-providers-can-defend-the-undefendable\/#primaryimage","url":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2020\/07\/GettyImages-846822020.jpg","contentUrl":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2020\/07\/GettyImages-846822020.jpg","width":1024,"height":683,"caption":"(FILES) A picture taken on October 17, 2016 shows an employee walking behind a glass wall with machine coding symbols at the headquarters of Internet security giant Kaspersky in Moscow. The US government banned the use of Kaspersky security software in federal offices on September 13, 2017, saying the Russian company has risky ties to Russian intelligence that threaten US national security. \/ AFP PHOTO \/ KIRILL KUDRYAVTSEV (Photo credit should read KIRILL KUDRYAVTSEV\/AFP via Getty Images)"},{"@type":"WebPage","@id":"https:\/\/www.aspistrategist.ru\/how-internet-service-providers-can-defend-the-undefendable\/","url":"https:\/\/www.aspistrategist.ru\/how-internet-service-providers-can-defend-the-undefendable\/","name":"How internet service providers can defend the undefendable | The Strategist","isPartOf":{"@id":"https:\/\/www.aspistrategist.ru\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.aspistrategist.ru\/how-internet-service-providers-can-defend-the-undefendable\/#primaryimage"},"datePublished":"2020-07-22T20:00:05+00:00","dateModified":"2023-07-10T08:11:32+00:00","author":{"@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/b143103fc9b3a4ae0d5e4b22c5eba93a"},"breadcrumb":{"@id":"https:\/\/www.aspistrategist.ru\/how-internet-service-providers-can-defend-the-undefendable\/#breadcrumb"},"inLanguage":"en-AU","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.aspistrategist.ru\/how-internet-service-providers-can-defend-the-undefendable\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.aspistrategist.ru\/how-internet-service-providers-can-defend-the-undefendable\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.aspistrategist.ru\/"},{"@type":"ListItem","position":2,"name":"How internet service providers can defend the undefendable"}]},{"@type":"Person","@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/b143103fc9b3a4ae0d5e4b22c5eba93a","name":"Tom Uren","image":{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/216436cb30ac616a4eacffdffe5ff739?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/216436cb30ac616a4eacffdffe5ff739?s=96&d=mm&r=g","caption":"Tom Uren"},"url":"https:\/\/www.aspistrategist.ru\/author\/thomas-uren\/"}]}},"_links":{"self":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/57740"}],"collection":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/users\/618"}],"replies":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/comments?post=57740"}],"version-history":[{"count":6,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/57740\/revisions"}],"predecessor-version":[{"id":81045,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/57740\/revisions\/81045"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/media\/57744"}],"wp:attachment":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/media?parent=57740"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/categories?post=57740"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/tags?post=57740"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}