Making Sense Of The Whole Census Cock-Up

Making Sense Of The Whole Census Cock-Up
SHARE
THIS



In this guest post, Www.which-50 editor and B&T’s resident tech guru, Andrew Birmingham, casts his keen techy eye over this week’s Census debacle. And he’s deduced one thing – it was indeed a debacle…

My 11-year-old son recently implemented IP spoofing so he could hunt for Pokémon on Santa Monica Pier, roughly 12,000km away, from the comfort of his bedroom.

Stepping outside and blinking into the sunlight is so last year.

When he is not chasing Zubats and hatching eggs he is often to be found on Minecraft or CS Go where occasionally the competition gets a little fierce.

The kids routinely melt down when they get smashed by their opponents. That’s when lazy accusations of hacking and bots start getting bandied about. If it’s heated enough, they might well identify a competitor’s IP address and attack it with tools they download from the Internet.

Often a gang of them will pile on. It’s spectacular to behold.

YouTube provides all the training they need. Google delivers the arsenal.

Two things are worth noting. First, it’s so ridiculously easy to launch a distributed denial of service (DDoS) attack that even a child can do it.

And second, my son is still below the age of criminal liability.

As easy as it is to launch a DDoS, likewise the process of anticipating and mitigating against such an attack is straightforward these days.

If you are a giant and well-resourced government agency running your most important program for five years, it should be table stakes. Likewise, if you are a global technology vendor which has pocketed $10 million to prevent such an occurrence you should probably deliver on your promise.

We will know soon enough whether or not the old adage that no one ever got fired for buying IBM still holds true today.

Certainly there are plenty of public servants in the Queensland Health Department who suffered through a catastrophic payroll implementation a number of years ago who might be willing to share their views.

We don’t need to delve into the essential details of what happened on Tuesday night, as it has been covered thoroughly everywhere else.

The short version is simply this: the Australian Bureau of Statistics (ABS) — already under fire over its decision to build data profiles on every single Australian and hold them for four years — was brought low by a series of DDoS attacks that scuppered the Census and fuelled a gazillion #censusfail tweets.

There were four attacks specifically, according to the Bureau, the last of which lead them to abandon the program on the night. The Census site is still down.

Such a thoroughly predictable attack should have been manageable. Instead, the result was a shambles and a failure.

The more information that comes to light the worse it looks for both the ABS and IBM. For instance, Patrick Gray publisher of the excellent Risky Business cyber security podcast revealed yesterday in a post that both the vendor and the agency rejected an offer of DDOS projection from their upstream provider NexGen Networks.

Having at first defended the ABS, Prime Minister Malcolm Turnbull later unloaded on them and IBM.

He told a Sydney radio station, “There is no doubt there were failures in the system’s preparation for an entirely predictable denial of service attack. Measures that ought to have been in place to prevent these denial of service attacks were not put in place.”

For its part, the ABS is emphasising that a DDoS attack does not compromise data. That’s true and reasonable.

What is not reasonable is to go the next step and state unequivocally that no data was compromised. That’s because such attacks are often used as a feint for alternative attempts at network penetration.

Until a full analysis is conducted of everything that happened that night — not just the response to the DDoS — such guarantees are not worth a lick of spit.

Seriously, people?

According to Forrester Research’s John Brand, Forrester’s CIO Advisor, “This clearly demonstrates that large scale Internet platforms — whether hosted internally or on publicly available infrastructure — have to focus more seriously on threat intelligence and targeted near-real-time response capabilities.”

Brand says the the old approach of simply putting up barriers (e.g., multiple layers of firewalls) to provide confidence for protection doesn’t solve some of the underlying and very fundamental problems.

“The fact that these attacks happen either indicates a lack of understanding of the current threat landscape by the ABS and their service providers, or that an even more insidious approach to DDoS attacks has been developed that it is able to go completely undetected by current analysis and monitoring systems.”

Actually that last point seems a little unlikely to us, and is a little to flattering to the ABS and IBM.

Nevertheless, the point Brand is making is this: this situation should be a reminder that threat intelligence is not something to be ignored or underestimated.

 

Please login with linkedin to comment

Latest News

Zenith Sydney MD Karen Halligan To Depart
  • Media

Zenith Sydney MD Karen Halligan To Depart

Zenith Sydney's Karen Halligan has pulled-up stumps, although that's not to infer bad light had anything to do with it.

by B&T Magazine

B&T Magazine
PR Agency Hotwire Rebrands
  • Marketing
  • Media

PR Agency Hotwire Rebrands

PR agency Hotwire has rebranded, yet sadly not to "Hot Cocks Who Rock Your Socks Off". Which would've been far cooler.

Challenger Agency VCCP Wins Creative Account For Torrens University Australia
  • Advertising

Challenger Agency VCCP Wins Creative Account For Torrens University Australia

After a competitive pitching process involving five agencies, Torrens University Australia has appointed challenger agency VCCP as its new brand strategy partner and creative agency for 2018. Acclaimed for its work on dynamic brands including ING and Compare the Market in the financial services sector, Laureate Australia CMO Anne Da Cunha said VCCP’s reputation as […]

GumGum Appoints Ansible’s Sarah Baskerville As Victorian Sales Director
  • Advertising
  • Technology

GumGum Appoints Ansible’s Sarah Baskerville As Victorian Sales Director

AI advertising company GumGum has announced the appointment of Sarah Baskerville as its sales director for Victoria. Baskerville joins GumGum from Ansible, where she spent two years as its Melbourne mobile director. Prior to joining Ansible, she was head of specialist sales and partnerships at News Corp Australia, and also held a number of sales […]

The Diamond Concierge Gives Away $85K Ring In Campaign By McCann Queensland
  • Advertising
  • Campaigns

The Diamond Concierge Gives Away $85K Ring In Campaign By McCann Queensland

McCann Queensland’s second instalment of ‘The 5th C’ campaign launched over the weekend for online diamond retailer The Diamond Concierge, which received over 47million views around the world in the first 48 hours of it being released. In this second phase of the campaign, The Diamond Concierge gave away an $85,000 diamond ring, with Gold […]

Sparro Recruits Key Account Director Following Client Wins
  • Marketing

Sparro Recruits Key Account Director Following Client Wins

Digital marketing agency Sparro has announced the appointment of Hannah Jones (pictured above) as a key account director following a spate of client wins. Jones joins Sparro’s senior team alongside founders Cameron and Morris Bryant, overseeing a portfolio of accounts that includes Webjet, Domino’s Pizza, TAFE NSW, Temple & Webster, F45 Training and Bing Lee. […]

Women’s Health’s Jacqui Mooney On Driving A Women’s Brand In An Evolving Industry
  • Media

Women’s Health’s Jacqui Mooney On Driving A Women’s Brand In An Evolving Industry

In an industry facing change, Jacqui Mooney, editor of Women’s Health believes brands such as hers will continue to be a constant. Please note: this article was contributed by Magazine Networks. The magazine industry may be seeing substantial change but Jacqui Mooney has a goal that remains firm: to create happier, healthier lives for Australian women. […]

Why Consumer Brands Are Failing Aussie Mums
  • Marketing
  • Opinion

Why Consumer Brands Are Failing Aussie Mums

Is your game chainsaws or large marlin wall-hangings? Can't seem to attract the mums? This couldn't come soon enough.

Opinion

by B&T Magazine

B&T Magazine
Network Ten Creditors Approve CBS Deal
  • Media

Network Ten Creditors Approve CBS Deal

It seems the fight for Ten between CBS and media moguls Lachlan Murdoch and Bruce Gordon may finally be over.

by B&T Magazine

B&T Magazine
MKTG Signs Exclusive Commercial Partnership With PlayersVoice
  • Marketing
  • Media

MKTG Signs Exclusive Commercial Partnership With PlayersVoice

MKTG has announced it has signed an exclusive commercial partnership with newly-launched sports storytelling site PlayersVoice.com.au – an agreement that will see the agency move into a new territory of sports marketing. The partnership between MKTG and PlayersVoice will see the business managing brand partnership opportunities for the new platform; working with clients to deliver […]

Domo Introduces New Data Security Software Solution
  • Marketing
  • Technology

Domo Introduces New Data Security Software Solution

Domo has announced it has introduced new cloud security technology for its Bring Your Own Key (BYOK) software, which includes unique capabilities like rolling generation of data encryption keys and a built-in kill switch. Domo BYOK is the first BYOK enterprise software solution for cloud analytics and business intelligence, and builds on the company’s existing security, compliance and […]

Shopper Media Group Grows Sydney & Melbourne Sales Teams
  • Advertising
  • Marketing
  • Media

Shopper Media Group Grows Sydney & Melbourne Sales Teams

Shopper Media Group (SMG) has continued to grow its Sydney and Melbourne sales teams to keep up with the demand for Smartlite Panels for shopping centres. Ashley Munro joins SMG as group sales manager for Sydney, having previously worked in a similar role at NOVA Entertainment. Laura Mason has been appointed as SMG’s business manager […]

RIO DE JANEIRO, BRAZIL - AUGUST 14:  Usain Bolt of Jamaica competes in the Men's 100 meter semifinal on Day 9 of the Rio 2016 Olympic Games at the Olympic Stadium on August 14, 2016 in Rio de Janeiro, Brazil.  (Photo by Cameron Spencer/Getty Images)
  • Advertising
  • Media

Olympics, Census Prove Tough Hurdles For Media Agencies: SMI

Australia’s media agency market has experienced another tough month in August, according to the latest data by Standard Media Index (SMI). SMI noted the softer demand this time around was primarily due to the Rio Olympics and Census providing abnormal bookings last year, resulting in demand for August 2017 so far being back 12.1 per […]