Turnbull blames IBM, ABS for Census website failure

18

news Prime Minister Malcolm Turnbull has put some the blame for the failure of the Census website on the shoulders of IBM, saying the measures the firm put in place for the functioning of the site were “inadequate”.

However, the Australian Bureau of Statistics (ABS) didn’t get off scot-free, with the PM saying the bureau’s “failure” had “inconvenienced millions of Australians”.

The Australian Bureau of Statistics (ABS) has said that the site was shut down as a “precaution” following a combination of heavy site traffic, a hardware failure, and a distributed denial of service (DDoS) attack.

Answering questions from a journalist, though, the Prime Minister seemed to cast some doubt on the ABS claim that heavy site traffic was a significant factor in the shutdown.

The site, designed to enable Australians to easily fill out and return their Census forms online, was provisioned to deal with the submission of up to 260 forms per second. However the highest rate it reached was 150, according to Turnbull, so a “very high” submission rate had been planned for.

Addressing the denial of service attacks – of which the site received four on Census night – Turnbull said they were “absolutely predictable”.

Part of the job of the service provider, in this case IBM, he went on, was to ensure that there were measures to repel denial of service attacks.

“The fact is that the measures put in place were inadequate. That is the fact,” the PM said.

Turnbull also said the DDoS incident had been compounded by “at least one hardware failure” according to the the Australian Signals Directorate, which is investigating the issues and overseeing the “rectification”.

“Anomalous traffic on the night” had also thought to have been an issue, but turned out to be “quite innocent”. However, it “caused the ABS to take the site down”.

In summary, Turnbull suggested the site was “not crashed” by the DDoS attack but by “a confluence of events which caused the ABS to make that decision”.

Conceding that there was “a failure on the part of the – there were failures on the part of ABS and its systems provider”, the PM said “All of that is subject to review.”

“Which heads roll where and when will be determined once the review is complete. Right now, my objective, as Prime Minister, is to ensure that the site is back up, it should be restored today … But there has clearly been a failure,” Turnbull said.

Expressing the need to be “absolutely straight and frank with the Australian people”, he continued: “This has been a failure of the ABS. We have inconvenienced or the ABS has inconvenienced millions of Australians. It shouldn’t have happened. I am not happy about it. None of us are.”

Answering a query over the transparency of any future review, the PM promised it “will certainly be transparent”.

“If there are national security issues, then they will be dealt with in the normal way. Obviously national security, there are some things that can’t be disclosed,” he said.

While the identity of the DDoS attackers is not known, Turnbull said the current information suggests “they appeared to be coming from the United States”, although it is “relatively straight forward to be able to route traffic using virtual private networks and other techniques through the US. That will be investigated. That is being investigated.”

The PM added that, according to David Kalisch, Australian Statistician and ABS chief, 2.3 million forms have so far been completed online.

Additionally, “[th]ere are 3.7 million forms that are either with households or on their way to households. We are talking about – so the statistician advises me – about 10 million households, so you can do the math yourself,” Turnbull said.

“Once the site is restored, and as I said my advice is it should be restored today, we will be encouraging Australians to complete it,” he concluded.

Image credit: Parliamentary Broadcasting

18 COMMENTS

  1. They make massive cuts to the public sector and trash it with their outsourcing and privatisations. Then blame the bribing contractor.

    Stand up to these fascists. He needs to stand down and take responsibility.

  2. I wonder how long the LNP can blame the public servants for their policies, before they simply stop working for them.

    • With their cuts, how long will there be any PS around to blame. if I buy wrong programme to do job, can’t blame company that produced the programme.

  3. Inadequacy then blame someone else. A continuing theme with the coalition clowns but I’m not surprised given their clusterfuck approach to the NBN. No one else should be surprised either.

  4. http://www.news.com.au/technology/online/hacking/what-does-this-digital-attack-map-tell-us-about-the-alleged-census-attack/news-story/2c06914dec07beca6079801634b99a58
    What does this digital attack map tell us about the alleged Census attack?

    However, a tool devised by Google Ideas and cyber security company Abor Networks to track DDoS attacks around the world, the Digital Attack Map, failed to detect any unusual activity in Australia at the time the alleged attacks took place.

    If accurate, it gives credence to accusations widely circulating on social media and beyond that mysterious overseas hacker story is a cover for the real culprit — incompetence.

    • That is such garbage reasoning. The Digital Attack Map by Arbor shows only the top 2% of attacks. Arbor collects its data from ISPs, and as far as I am aware, neither Telstra or Optus have made an agreement with Arbor, which means that no data comes from them. There are DOS in Australia every day.

      Any “security professional” who believes this digital attack map logic should turn in his/her credentials and go back to school. If you have a security camera in the front of your house, and it didn’t show any burglars, will you still try to use your remote when your TV is gone? Maybe they actually thought about the monitoring and crept in through the back door.

      http://www.itnews.com.au/news/telstra-optus-stay-out-of-arbor-atlas-alliance-139470
      My traceroute to abs.gov.au ended at Optus, so it could be the ISP.

      • IBM hosting was using Telstra to provide network connectivity to the census site as well I believe so its pretty likely the DDOS will not have been recorded.

        That said the biggest ‘DDOS’ was ‘local’ i.e. the more than 1 million (census worst case web limit …. *sigh*) Aussies doing their census duty and logging in at the usual 7pm to fill out the census questions (just maybe if the ABS et al had advertised that you had ~6 weeks to fill out the form then maybe that localised DDOS would have been manageable.

        • Good point, there was too much emphasis on filling out the form online on Census night itself, and not enough info that you had until September to submit the form , just needing to make a note on Census night who was in the residence.

          They might get another meltdown on the last day of the deadline. 😀

          • I agree with alain again (wow twice in two days) it must have been the government’s fault, for not making it clear…

            Although I suppose we could just blame Shorty, IBM, ABS and anyone else…

            After all there was plenty of media coverage/ads about the Census, but it certainly wasn’t clear that there was ample time and it didn’t have to be done there and then.

            No wonder FTTP is beyond them and they struggle with obsolete copper based tech, if they couldn’t even make the Census details clear to everyone.

            But, you won’t be popular at HQ for saying that now will you?

            You’re welcome

          • I mean instead of lying about having to wait 15 minutes during the 48hr period (they took the entire site offline ffs) they could have had a basic page saying don’t fret you have until 18th of September to fill this out.

            I mean a million or three people hitting refresh every 15 minutes is still a reasonable DDOS style event.

            The only notification I basically saw about the Census was the single A4 page (no date other than 9th provided on it). Aside from that there was only the news about names being kept that I knew off. (I wasn’t alone amongst my friends either … we were all waiting to be good lil Jedi’s on the 9th ;) ).

          • to be fair Rizz blaming IBM isn’t a terrible start being they netted ~20million over multiple years/contracts (along with the company that got paid $400k to stress test the system).

            + have to blame the muppet that came up with the requirement for only 1 million concurrent users though given there was no marketing campaign to say don’t all do it at the same time.

            I mean that’s a worst case load of less than 10%, when for the last 100 odd years 100% of folks are told to fill it out at the same time across the country :/

          • Of course Simon… I agree…

            I was just prodding the village idiot alain, because he didn’t realise he just inadvertently bagged his heroes… ;)

  5. The knuckle-dragging Australian government couldn’t build a modern, secure telecommunications network even if they tried.

    DDoS Attack Heaven

    They couldn’t even build a simple brick shit house.

    Fiber To The Home networks running on Layer 2 provide built in preventative measures for such attacks

  6. Just your typically dysfunctional govt department:

    http://www.canberratimes.com.au/federal-politics/political-news/code-red-how-the-bureau-of-statistics-bungled-the-2016-census-20160811-gqqpxf.html

    Political parties claim they can’t find the savings to balance the budget. Every dept the same.

    Friday drinks raised a dept in Victoria looking at starting their own cloud platform. They’re not happy with private sector pricing, they believe they can do it better/cheaper. The hubris, outcome entirely predictable (as was NBNCo). Get ready taxpayers…

  7. IBM SoftLayer’s security management is compliant with U.S. Government standards which as based on National Institute of Standards and Technology (NIST) 800-53 framework which is defined for U.S. Federal Government information systems.

    To protect servers against DDoS attacks a SoftLayer Network Operations Center team monitors network performance & security 24×7. Should a DDoS attack occur automated controls are in place, however the primary objective is to maintain performance integrity of the cloud infrastructure.

    SoftLayer can’t stop a DDoS attack, but it can shield from the effects of the attack. SoftLayer removes the target from the public network for a time period and null-routes incoming connections.

Comments are closed.