AusCERT incident response metrics
Date: 22 December 2010
Original URL: http://www.auscert.org.au/render.html?cid=1921&it=13760
In its role as the Australian Computer Emergency Response Team, AusCERT provides incident response services to its members, the Australian public and the wider global community.
This incident response work can be reactive; for example, in response to a request for assistance from a member or the international CERT community; or proactive, where AusCERT independently looks for evidence of attacks and host compromise in the public domain and attempts to mitigate these incidents and/or notify affected parties.
The majority of AusCERT's work as a computer security incident response team involves proactively looking for evidence of Internet attacks directed at Australian Internet users and organisations with an online presence. AusCERT uses a number of methods to locate, analyse and mitigate these attacks.
We proactively look for the following types of attack:
The action we take includes:
The following graphs reflect this activity and provide an indication of the volume of attacks that have targeted or had an impact on Australian Internet users.