About the icode


As Internet connectivity and usage has increased, cyber security has become a significant concern for governments, the public and the Internet industry. A key threat to Internet security is the large number of consumer devices that have been compromised by criminals and infected with malware, spyware and viruses. These machines are commonly referred to as “zombies” and networks of zombie machines are called “botnets”. So-called zombie botnets are used for criminal activities including identity theft, distribution of child pornography, facilitation of phishing attacks and other illegal activities.

The icode project is an industry-driven initiative to identify infected machines, inform affected consumers that they may be at risk, provide support to enable those consumers to disinfect their machines, and reduce their risk of re-infection.

Objectives of the icode

The objectives of the icode are:

  • to instil a culture of cyber security within South African ISPs and their customers;
  • to provide a consistent message in plain language to customers, in order to raise awareness of cyber security risks, educate users on steps that they can take to better protect themselves online, and to assist customers who may have infected machines;
  • to encourage ISPs to identify compromised computers on their networks;
  • to develop mechanisms for ISPs to share information and collaborate on cyber security concerns affecting South Africa ISPs; and
  • to encourage ISPs to identify and report any cyber security issues that may affect South Africa’s critical infrastructure or that may have a national security dimension

Scope of the icode

The icode is voluntary for all South African ISPs and does not limit participation to members of ISPA. Non-ISPA members can participate fully in the icode. A trusted logo signifies to users that their ISP complies with the icode.

The icode is not intended to deal with cyber security measures in an exhaustive or exclusive manner. Rather, it is envisaged that the measures outlined in the icode will change over time, in response to the changes in the nature of malicious activity.

It should be stressed that no component of the icode involves the interception of private communications or the inspection of any consumer’s private data. Any process of identifying potentially infected machines on an ISP’s network involves only an analysis of traffic patterns and similar technical reviews. Instead, implementation of the icode offers some protection to consumers from potential identity theft due to compromised machines.