Australian government pins Census collapse on geoblocking failure and overloaded router
The Australian government is laying the blame of last night's failure of the Census website on a "confluence" of events.
Minister for Small Business Michael McCormack told reporters this morning that the event was not a hack, nor an attack.
Latest Australian news
"It was an attempt to frustrate the collection of Australian Bureau of Statistics Census data," he said.
McCormack said three events occurred in rapid succession, which led to the Australian Bureau of Statistics (ABS) making the decision to pull the Census site down.
"Had these events occurred in isolation, the online system would have been maintained," the minister said. "There was a large scale denial of service attempt to the Census website and online form ... following, and because of this, there was a hardware failure.
"A router became overloaded. After this, what is known as a false positive occurred. This is essentially a false alarm in some of the system monitoring information. As a result the ABS employed a cautious strategy which was to shut down the online Census form to ensure the integrity of the data already submitted was protected."
According to the ABS, 2.33 million online forms were submitted prior to the site outage, with 3 million households opting for the paper form.
McCormack detailed a timeline of events, which saw an initial 11-minute traffic spike at 10:08am which caused a 5-minute outage, and service resumed without action by the ABS or its vendor IBM which is running the Census on its SoftLayer service.
At 11:46am, another spike and outage was seen that caused the ABS and IBM to take the decision to block all international traffic to the site until midnight. Further traffic increases at 4:58pm, and 6:15pm were handled by measures already in place, the minister said.
"At 7:30pm the online Census form monitoring systems detected a significant denial of service. This event took a different form than those previous," McCormack explained.
"At 7:45pm the ABS made the decision to shut down the online form to protect the system from further incidents.
"At 8:50pm the online form system was restored. However, overload protocols were activated to prevent connections until the state of the systems and their integrity could be assessed.
"ABS issued a public message at 11:00pm to advise that the form would not be available for the remainder of the night and updates would be provided in the morning.
"The system was restored at approximately 11:00pm but was not brought online as a precaution. While all systems were thoroughly checked. The ABS, IBM, and ASD continued to consult and work to resolve any issues right throughout the evening."
McCormack said all completed Census data was backed up and transferred into the ABS storage environment, and no data was lost or compromised.
"The ABS was able to take adequate precautionary measures to protect the storage of the data," he said.
ABS chief David Kalisch said the router that failed belonged to Telstra.
"There was the geoblocking that didn't work effectively. There was a hardware router failure with a supplier to us," he said.
"This was coming through our system in terms of the monitoring information and the intelligence that we have through IBM, that they were seeing that through another ISP that wasn't doing the geoblocking, and then the router failure that took place with Telstra."
Telstra later strongly denied the claims made by Kalisch.
Despite the outage, Kalisch maintained the government and the ABS were prepared to handle the Census.
Special Adviser to the Prime Minister on Cyber Security Alastair MacGibbon said handling denial of service attempts was a normal part of business for the government.
"The vast bulk of those are handled in the normal course of business," he said. "The reason why the fourth incident was significant was because there were actually two failures. The first was a geoblocking service fell over ... that's one of the main defences used against denial of service."
"Then the router failed, and as a result of that, there was information inside the system that the ABS and IBM took very cautiously, so not knowing what that information was, made a decision to take it offline.
"The attack was no more significant than the types of attacks we would see all the time against Australian Government systems. It's just that there was a confluence of events."
According to MacGibbon, the incident was not a defeat for the ABS.
"The more we talk about it, the more people decide to see if they are better than we are," he said.
"In this case what I'd say us, it almost ended up a draw."
"They managed to tip over some systems."
"But there was a lot of conjecture about the ABS Census, and we see the consequences of that conjecture."
Prime Minister Malcolm Turnbull told reporters today that a review into the incident would be completed by MacGibbon, and will be supported by the Australian Signal Directorate, Treasury, and the ABS.
"The site was scaled for mass participation," Turnbull said. "There was a maximum of only 150 forms a second, it's built for 260, so they had it built to very high scale."
Australian Privacy Commissioner Timothy Pilgrim, who was previously satisfied with the protections put in place by the ABS, said he would begin an investigation into the ABS to ensure no personal information was compromised.
"My office will continue to work with the ABS to ensure they are taking appropriate steps to protect the personal information collected through the Census," Pilgrim said.
More on Census 2016
- ABS blames Census 2016 site failure on DDoS attack
- Shorten calls for post-Census review as OAIC remains satisfied
- More politicians join Census boycott, but not the libertarian
- Senator Xenophon refuses to complete Census
- ABS quietly drops Census data security claim
- ABS tells Australian government there will be no Census data breaches in future
- Census privacy risks are not what they seem
- Census should not collect names, everyone should have a number instead: Labor
- Australian online Census name fields restricted to ASCII printable characters