Security arrangements were brought into focus yesterday with the arrest of David Cecil, whom federal police allege hacked into internet company Platform Networks, one of 13 internet providers offering services under the NBN.
While NBN Co itself was not breached in the alleged cyber attack, security experts say the high speeds and wide reach of the fibre network make it a "force multiplier", allowing much quicker dissemination of viruses and "botnet" attacks, where cyber criminals control infected computers.
Graham Ingram, the general manager of the Australian Computer Security Response Team, said: "Everything bad you can do online you can do much better and faster with a high-speed network."
Mr Ingram said NBN Co was under pressure to roll out the network quickly: "I have no doubt NBN Co has been balancing the need to deploy the network with the need to secure the network."
However, Mr Ingram said NBN Co should lead debate about the security of the high-speed network, even though it was providing the basic bitstream pipeline and internet service providers were providing customer access and network services.
"All parties involved in this need to be the ones fixing it," he said. "NBN Co needs to be leading the security debate."
NBN Co defended the security measures it had put in place to protect the new fibre network against cyber-criminals, saying tools and a dedicated security team had been installed to detect and prevent attacks.
An NBN Co spokesman said: "The NBN was not hacked. It has not been compromised. It has not been affected in any way by the incident being reported. Any suggestion therefore that the NBN system was 'compromised' is entirely wrong.
"Security is built into the NBN backbone network. NBN Co does have controls to detect and prevent cyber attacks and we expect the telcos and internet service providers operating over the network to do the same."
The expectation that ISPs protect internet services against security threats will mean providers -- such as Telstra, Optus and iiNet -- will be liable for any damage to the NBN should a hacker infiltrate their systems. That liability is outlined in NBN Co's wholesale broadband agreement to be released publicly today.
Australian Privacy Foundation chairman Roger Clark said recent hacking incidents at major companies, which led to personal details of millions of people being jeopardised, showed organisations needed to take extra care.
He said one way was to make companies accountable if their systems were hacked by introducing a law enabling consumers to sue companies for failing to keep personal details safe.
Opposition communications spokesman Malcolm Turnbull said cyber security was a vital issue of national security.
A spokesman for Communications Minister Stephen Conroy said that although security of the NBN was a matter for NBN Co, there were stringent controls and safeguards to detect and prevent cyber attacks.
SOurce:- Google