[AusNOG] census issues tonight

francisfides at mailup.net francisfides at mailup.net
Wed Aug 10 13:19:49 EST 2016


Crikey's piece on all this is the most measured I've read:

> The Australian Bureau of Statistics has claimed it took the census
> website down last night after four Distributed Denial of Service
> (DDoS) attacks on the site in order to protect the data.
>
> The ABS said that the 2016 online census form was “subject to four
> Denial of Service attacks of varying nature and severity” yesterday,
> and after the fourth attack, the ABS took the site offline to “protect
> the integrity” of the census data.
>
> A DDoS attack is a common tool used to disrupt sites and services
> online by essentially getting thousands or millions of computers to
> team up and attempt to overwhelm a site with traffic. There are an
> estimated 2000 DDoS attacks per day, and they’re not very expensive to
> organise. According to a Trend Micro report from 2012, US$150 can buy
> a week-long DDoS attack.
>
> Contrary to how this story has been — and will be — reported by many
> media outlets today, a DDoS attack is not a hack, because no data is
> breached via DDoS, but a DDoS attack can often be used as a cover
> for a hack.
>
> ABS chief statistician David Kalisch told the ABC this morning that
> the 2 million or so census forms filed online before it all fell down
> were secure, but that the malicious attack had come from overseas. The
> Privacy Commissioner is investigating.
>
> *Several people have pointed out, however, that DDoS attack mapping
> tools such as Kaspersky and Norse showed no large-scale DDoS attacks
> targeting Australia last night.*
>
> The ABS claimed before the census that it could handle approximately 1
> million census form submissions online, but questions are now being
> raised about whether ABS had conducted appropriate load testing and
> adequate resources for census night, when everyone would be logging in
> to fill in their form online.
>
> *Brisbane-based Revolution IT was paid close to $500,000 to perform
> load testing to ensure it was supposed to all go smoothly, and IBM — a
> frequent troublemaker for government IT — was paid $9.6 million for
> the design development and implementation of the online version of the
> census. Look for these companies being hauled before a parliamentary
> committee in the near future.*
>
> If it was a DDoS attack, the ABS’ boasting claims about the security
> and integrity of its systems has possibly goaded someone into testing
> the ABS’ bravado.
>
> The fact remains that the ABS should have prepared for this. If the
> ABS is outsourcing the census, it can outsource it properly to cloud
> service providers that can handle the traffic and mitigate DDoS
> issues. The US census spent reportedly US$11.8 million on its online
> census in 2010, and planned in advance for the potential for DDoS
> attacks. US Census CIO Brian McGrath:
>
> “That was a huge concern for us that in the height of the decennial
> activity if we were a target of a DDoS attack or the site would go
> down or the performance would go down that it would reflect negatively
> on the Census Bureau and deter citizens from participating.”
>
> As with much of the ABS’ handling of the census in 2016, there is an
> issue with communication. The ABS’ census account on Twitter was
> telling people well after 7.30pm last night to keep trying to log onto
> the census site, despite ABS now saying that at 7.30pm a decision had
> been made to shut down the census website.
>
> The ABS has said it expects to restore the site later this morning,
> and has said people have until September to fill out the census form,
> but Labor’s Andrew Leigh is already warning the data might now be less
> reliable than it otherwise would have been due to people delaying
> filling out the census or not filling it out at all.
>
> Kalisch and the minister responsible, Michael McCormack, spoke to
> media this morning, with McCormack repeatedly claiming that it wasn’t
> an attack or a hack, but an attempt to frustrate the ABS.
>
> McCormack explained that when the first few attacks happened at the
> start of the day, the ABS and IBM made a decision to block all
> international traffic to the site. This block eventually fell over,
> and a Telstra router failed, so the ABS made a decision to take the
> site offline in order to protect the data.
>
> McCormack stressed that no data had been lost, and no data had been
> compromised. Approximately 2.33 million people had completed the
> census before the site went down.
>
> The Prime Minister’s cybersecurity adviser, Alastair MacGibbon,
> said that most of the traffic originated from the United States but
> was subject of an investigation by Australian Signals Directorate.
> MacGibbon suggested that the attention drawn to security concerns
> around this year’s census might be to blame for people targeting
> the site:
>
> “The more we talk about it, the more people decide to see if they are
> better than we are. In this case what I’d say, it almost ended up a
> draw. They managed to tip over some systems. The ABS made a decision
> to turn that website off in order to ensure that the data wasn’t
> compromised.”

--

  francisfides at mailup.net

On Wed, Aug 10, 2016, at 13:08, Roland Dobbins wrote:
> On 10 Aug 2016, at 7:19, Mark Andrews wrote:
>
> >  The public does know the difference between a denial of service
> > attack / overloaded server and a data breach.
>
> Actually, most of them don't.  Nor do most journalists.
>
> -----------------------------------
> Roland Dobbins <rdobbins at arbor.net>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20160810/52278fc7/attachment.html>


More information about the AusNOG mailing list