Federal cyber minister Dan Tehan wants to force telcos to block malware and ransomware travelling across their networks. 

Mr Tehan has written an op-ed calling on the public and private sectors to become active in cyber defence.

“Just as we trust banks to hold our money, just as we trust doctors with our health, in a digital age we need to be able to trust telecommunications companies to protect our information from threats,” Mr Tehan said in a piece for the West Australian.

The minister said the government is looking for any “roadblocks” in current legislation that may prevent the private sector and government from stopping malware.
“As cyber exploits become increasingly sophisticated, we want the private sector to step up and provide their customers — business and consumers — with products that reduce the risk of malicious cyber activity and give users the choice to purchase additional security services.

“The private sector drives innovation and product development, not government. Industry must be empowered to design and implement products the public want,” he wrote.

“It would allow users — who may not know malware when they see it — to buy products where their provider takes greater responsibility for security and gives the user peace of mind that they have reduced their risk.

“Technology should improve our online experience, like stopping spam emails and providing SMS authentication for your banking services.”

John Stanton, CEO of telco lobby the Communications Alliance, said there had not been any direct communication from the government about the plans, and that the Government should be wary of asking service providers to monitor network elements beyond their control.

“Many viral infections result not from a lack of available protection, but rather because consumers choose not to protect their services,” Stanton told iTnews.

“Similarly, on many occasions malware and/or viruses use over-the-top (OTT) applications as their entry point. That is, applications that sit on the service providers’ networks but are not offered, operated or controlled by the service provider.

“Industry has a strong vested interest – for commercials reasons among others – in ensuring that its networks are resilient to attacks and safe for consumers to use. Service providers are typically very active in this regard.”