Hacker

Australians in the dark over census DoS attack

Life
Image: IDGNS

10 August 2016

The Australian Bureau of Statistics (ABS) has blamed Denial of Service attacks originating from overseas for the outage which hit the census website last night. But security experts have expressed their doubts.

The website received three DoS attacks through the evening, the Bureau said, but after a fourth attack at around 7.30pm, it decided to close down the system.

“Probably when many people had finished their dinner and were sitting down to use the online census form we had a fourth attack where we took the precaution of closing down the system,” ABS chief David Kalisch told ABC Radio’s AM programme.

“At this stage the information we’ve received is that [the attacks] came from an international source but we don’t know any more.”

He said the Australian Signals Directorate was investigating, but Australians could rest assured that their data was safe.

“If anything it actually confirms the strong position the ABS has taken to ensure the integrity of the data and Australians can be assured that data is secure at the ABS where they lodged it and we took the precaution of closing down the system to ensure the integrity of the data.

“We will take a precautious approach where if there are various aspects that we’re not comfortable with the security of the system we will take it down rather than let it operate.”

More than 2 million forms were submitted before the outage.

Despite the outage, the Census’ Twitter account continued to tweet people encouraging them to log on: “Tonight’s Census night. Login now – it’s your moment to make a difference.”

DoS doubts
A number of security experts, however, have expressed their doubts over whether the outage was the result of DoS attack.

Dr Mark Gregory of RMIT University told ABC News Breakfast this morning that people needed proof that the outage was the result of an attack

“A denial of service attack is when they get millions of computers trying to access their systems at the same time. You are overwhelming their computing power by doing that.

“Interestingly enough, the system, as we have learnt, was built to handle about a million transactions in an hour. A million people doing their return in an hour. Now, my understanding is that most Australians have dinner, sit down, try and do the census. If you had five or six million households trying to do their census at the same time, that’s similar to a denial of service attack.

“We need some proof this was from outside Australia and not just simply Australians trying to do the census.”

He added that some of the statements from the ABS’ management had been “outrageous”.

Cybersecurity pundit Matthew Hackling tweeted that there was “nothing unusual DDoS wise for Australia” happening at the time of the outage.

ABS hired IBM to run the census’ online data collection portal using its Australian SoftLayer cloud. Big Blue was paid more than $9.5 million to design, develop and implement the e-census.

The bureau also paid nearly $400,000 in consultancy fees and load testing on the national census and agricultural census to Melbourne-based company Revolution IT.

IDG News Service

Read More:


Back to Top ↑

TechCentral.ie