Fight to fix failed Census
It’s been over 24 hours since #CensusFail, and mixed messages are still flying.
Millions of Australians are yet to be counted in the important quinquennial tally, after the Census website was taken down amid an apparent cyber attack.
This is what we actually know;
- IBM was paid about $9 million to design and host the Census system, and did so using their SoftLayer platform
- DNS information suggests the Census was spread across 10 web servers all up; 2 hosting the landing page and 8 running the actual Census collection
- Based on the IP addresses of the servers, all 10 were hosted in IBM’s datacentre at Baulkum Hills
- An Australian firm called Revolution IT was contracted to perform load testing on the Census platform, and did so using an HP product called Loadrunner, which comes with a $375,000 software licensing fee
- According to a piece in the Sydney Morning Herald today, the apparent DDoS attacks were “simple and predictable”, and could have come from anywhere
Both the Australian Bureau of Statistics (ABS) and the Federal Government have struggled to control the damage, both technical and reputational, delivering a range of mismatched causes and consolations.
ABS's David Kalisch said the Census website was attacked in a DDoS attack from a foreign country, but Small Business Minister Michael McCormack (whose portfolio includes the Census for some reason) said it was not an attack, and that the site was brought down by overly cautions administrators.
In a press conference at lunchtime on Tuesday the ABS said it fell victim to a number of simultaneous issues, when geo-blocking software, a hardware router and monitoring software all failed.
The Prime Minister insists “there was no penetration of the ABS website”, and reports say the Australian Signals Directorate is investigating who might be responsible for the attack.
The Prime Minister's special cyber security advisor Alastair MacGibbon explained the exact moment the Census site was taken offline after three big spikes in traffic.
"The reason why the fourth incident was significant was because there are two failures. The first was a geo-blocking service fell over, and that's one of the main defences used against denial of service.
“Once we lost the capability of preventing the geo-location of data coming in, then the router failed. As a result of that there was information inside the system that the ABS and IBM took very cautiously so not knowing what that information was, made a decision to take it off line.”
Tech analysts have questioned this explanation, saying geo-blocking firewalls of this kind do not simply “fall over”, and even if they did fail or were attacked, the only way they would give up and let all the data through would be due to design flaws in the ‘rules’ that define legitimate and illegitimate data.
The debacle has also been linked to consistent public sector job cuts.
There are still questions about whether this was an attack at all.
The ABS says it tested its site under conditions of about 1 million users per hour, but estimates of the actual load at peak time (approx. 7pm to 10 pm) suggest it might have been several times higher, causing the site to fail on its own.
Another missing point, if it was an attack, is that no group has claimed responsibility. Whether perpetrated by ‘black hat’ or ‘white hat’ hackers, an event of this kind is almost always claimed quickly, so as to capitalise on the publicity for whatever it is the hackers were trying to prove.
While the damage control continues, the director of privacy consulting firm Salinger Privacy and former NSW deputy privacy commissioner Anna Johnston says the census is ruined.
“I think they should scrap the 2016 census,” she told the ABC.
“I think the quality of the data has been so compromised because of all the people who couldn't get through last night or got halfway through filling it in last night and it dropped out.
“They should scrap, start again and, when they're ready, run it in a way that better treads that fine line between protecting privacy and collecting good quality data.
“That means committing it to being — as it always has been — an anonymous national snapshot instead of a tool for detailed data linking on individuals.”
She called for a Senate inquiry.
“In saying that the census should be scrapped for 2016, I’m not saying we try and repeat it again in six or 12 months,” Ms Johnston said.
“I think there needs to be a Senate inquiry into how the ABS is going to handle privacy and information security moving forward.
“I think there should be proper national debate.”