The Federal Government’s proposed ISP-level filtering policy may be exploited by hackers targeting legitimate websites, according to Arcsight CEO, Tom Reilly.
Arcsight is a network security vendor which has worked closely with the US government and a number of its intelligence agencies.
Reilly recently spent two days in Canberra where he met with federal government officials and discussed cyber security concerns.
“I think filtering will be very difficult to make it work,” Reilly said. “You can spend hundreds of millions of dollars putting the technology in place, trading a lot of acrimony and concerns across a large part of the population and not achieve the objective.”
One key point Reilly refers to is the potential for hackers to manipulate a mandatory Internet filter to cause damage to legitimate businesses.
“If you’re going to filter out sites that have allegedly concerning information, let’s say child porn, a lot of times those businesses don’t know content is placed on their website and you bring down a business,” he said. “Hackers - if they wanted to – can put child porn on the Parliament House website, so do you bring that down as well?
“That’s an extreme but it is a very complex issue.”
Reilly said community sites, such as Facebook, are dominated by user generated content. He highlighted the difficulty in controlling the types of material being posted.
Reilly used the Facebook memorial sites of two murdered Queensland minors, which were defaced this month with images of pornography and bestiality, as an example of inappropriate content inflicted on legitimate websites.
“But do you bring down Facebook? No, you don’t,” Reilly said.
The Arcsight chief recommended education, providing families with their own filters as well as spending money on tracking down the producers of questionable content, as a better solution to a mandatory ISP clean-feed.
The filtering policy has been met with strong opposition from major organisations including Google and Yahoo!.