This quarantine approach is similar to a cybersecurity idea proposed by Microsoft’s Scott Charney in a blog post earlier this month in which he compared the internet to the healthcare system. He said that computer users needed to be vaccinated against computer viruses and quarantined if they were infected.
White House cybersecurity coordinator Howard Schmidt told AP that the United States is looking at a number of ways to improve cybersecurity, including the Australian plan. That cybersecurity plan allows ISPs to send warnings to customers who have been taken over by a botnet; if no action is taken, then the ISP would have the ability to quarantine the customer.
"Without security you have no privacy. And many of us that care deeply about our privacy look to make sure our systems are secure", Schmidt said, adding that ISPs can help "make sure our systems are cleaned up if they're infected and keep them clean."
Some cybersecurity experts are skeptical about using the quarantine approach in the United States.
Prescott Winter, former chief technology officer for the National Security Agency who is now at California-based cybersecurity firm ArcSight, said in the AP article that “the United States is probably going to be well behind other nations in stepping into a lot of these new areas….I think that, quite frankly, there will be other governments who will finally say, at least for their parts of the Internet, as the Australians have apparently done, we think we can do better."
Cybersecurity expert James Lewis, a senior fellow at the Center for Strategic and International Studies, said that ISPs are nervous about any increase in regulations and about customers reaction to monitoring or other security controls. Online customers, he said, may not want their service provider to cut off their Internet access if their computer is infected. And they may balk at being forced to keep their computers free of botnets or infections.
Lewis told AP that consumers may be amenable to having their ISP warn them of cyber attacks and help them clear the malicious software off their computers by providing instructions, patches or anti-virus programs.