AUSCERT

AUSCERT
Name	AUSCERT
Type	Non-profit Advanced Computer Emergency Response Team
Founded	1993
Headquarters	Gold Coast, Queensland, Australia
Region served	Australia, Pacific Rim
Services	Incident response, vulnerability handling, awareness, training

AUSCERT is an Australian not-for-profit computer emergency response team providing cybersecurity incident handling, threat intelligence, and education for public and private sector members. Founded in the early 1990s, it operates as a coordinated point of contact for cybersecurity incidents across Australian universities, corporations, and critical infrastructure. AUSCERT engages with international CERTs, standards bodies, and law enforcement to disseminate advisories, coordinate responses, and run exercises that enhance national and regional resilience.

History

AUSCERT was established amid a global rise in networked computing and coordinated cyber incidents, contemporaneous with the formation of CERT Coordination Center, FIRST (organization), and national teams such as CERT-EU and US-CERT. Its early work paralleled developments at institutions like Queensland University of Technology, Griffith University, and University of Sydney, responding to outbreaks and worms similar to Morris worm-era incidents. Over time AUSCERT aligned with international frameworks developed by bodies such as ISO/IEC JTC 1/SC 27 and NIST guidance, while contributing to regional exercises alongside APCERT members and bilateral engagements with Computer Emergency Response Team of Japan and CERT NZ. Key milestones included expansion of membership from academic consortia to telecommunications firms like Telstra, financial institutions such as Commonwealth Bank, and energy sector operators comparable to AGL Energy.

Organization and Governance

AUSCERT is structured as a membership-based non-profit with a board of directors and operational teams mirroring roles found in organizations like ICANN and SANS Institute. Governance draws on best practices from standards organizations including ISO and oversight mechanisms similar to those used by Australian Prudential Regulation Authority-regulated entities. Membership tiers, technical committees, and advisory panels include representatives from universities such as Monash University, technology companies like Cisco Systems and Microsoft, and government agencies akin to Australian Signals Directorate and Attorney-General's Department. Legal and policy coordination occurs with agencies comparable to Australian Cyber Security Centre and international partners including Europol and INTERPOL liaison programs.

Services and Activities

AUSCERT offers services common to national CERTs and industry CSIRTs: security incident triage and handling, vulnerability coordination, mailing lists, and subscription advisories comparable to offerings from CERT/CC and US-CERT. It delivers training and exercises informed by curricula from SANS Institute and collaborates with academic research groups at institutions such as University of New South Wales and RMIT University. Outreach includes webinars and conferences resonant with events like Black Hat and AusCERT Conference-style gatherings, while operational tooling interoperability aligns with platforms from vendors such as Splunk and Cisco Talos. AUSCERT maintains classified and unclassified channels for information sharing with entities like Five Eyes partners and regional organizations such as APCERT.

Incident Response and Advisories

AUSCERT handles incident intake, coordination, and advisory dissemination in a manner similar to CERT Coordination Center protocols and FIRST incident handling frameworks. It publishes advisories that cross-reference vulnerability identifiers used by MITRE and standards from CVE and NVD databases, and coordinates disclosure timelines with vendors including Microsoft, Adobe Systems, and Oracle Corporation. For severe incidents it liaises with law enforcement counterparts like Australian Federal Police and international agencies such as FBI Cyber Division to support investigations and preservation of forensic evidence. Incident response playbooks reflect guidance from ISO/IEC 27035 and incorporate threat intelligence feeds often correlated with sources such as MISP and industry ISACs like Financial Services Information Sharing and Analysis Center.

Partnerships and Collaboration

AUSCERT maintains partnerships across academia, industry, and government mirroring collaborative models seen in FIRST (organization) and regional clusters like APCERT. Strategic collaborations include engagements with technology vendors such as Cisco Systems, cloud providers comparable to Amazon Web Services and Google Cloud Platform, and research consortia at universities like University of Queensland. It participates in multi-stakeholder initiatives similar to Global Forum on Cyber Expertise and contributes to capacity-building programs alongside development agencies and regional CERTs such as CERT Indonesia and CERT Philippines. Collaborative exercises and information-sharing align with programs run by ENISA and multilateral security dialogues involving ASEAN partners.

Impact and Notable Incidents

AUSCERT has influenced incident coordination practices across Australian higher education, telecommunications, and utilities sectors, comparable in scope to national CSIRT impacts in other countries. Notable involvement includes response coordination during high-profile malware campaigns and vulnerability disclosures affecting widely used software from vendors like Microsoft, Adobe Systems, and Oracle Corporation. AUSCERT’s advisories and training have been cited in institutional cybersecurity improvements at organizations such as University of Melbourne and financial institutions akin to National Australia Bank. Its role in regional cooperation has strengthened response capacities across APCERT members and contributed to policy dialogues involving entities like Australian Cyber Security Centre and Department of Home Affairs.

Category:Computer security organizations Category:Cybersecurity in Australia