Making Sense Of The Whole Census Cock-Up

Making Sense Of The Whole Census Cock-Up
SHARE
THIS



In this guest post, Www.which-50 editor and B&T’s resident tech guru, Andrew Birmingham, casts his keen techy eye over this week’s Census debacle. And he’s deduced one thing – it was indeed a debacle…

My 11-year-old son recently implemented IP spoofing so he could hunt for Pokémon on Santa Monica Pier, roughly 12,000km away, from the comfort of his bedroom.

Stepping outside and blinking into the sunlight is so last year.

When he is not chasing Zubats and hatching eggs he is often to be found on Minecraft or CS Go where occasionally the competition gets a little fierce.

The kids routinely melt down when they get smashed by their opponents. That’s when lazy accusations of hacking and bots start getting bandied about. If it’s heated enough, they might well identify a competitor’s IP address and attack it with tools they download from the Internet.

Often a gang of them will pile on. It’s spectacular to behold.

YouTube provides all the training they need. Google delivers the arsenal.

Two things are worth noting. First, it’s so ridiculously easy to launch a distributed denial of service (DDoS) attack that even a child can do it.

And second, my son is still below the age of criminal liability.

As easy as it is to launch a DDoS, likewise the process of anticipating and mitigating against such an attack is straightforward these days.

If you are a giant and well-resourced government agency running your most important program for five years, it should be table stakes. Likewise, if you are a global technology vendor which has pocketed $10 million to prevent such an occurrence you should probably deliver on your promise.

We will know soon enough whether or not the old adage that no one ever got fired for buying IBM still holds true today.

Certainly there are plenty of public servants in the Queensland Health Department who suffered through a catastrophic payroll implementation a number of years ago who might be willing to share their views.

We don’t need to delve into the essential details of what happened on Tuesday night, as it has been covered thoroughly everywhere else.

The short version is simply this: the Australian Bureau of Statistics (ABS) — already under fire over its decision to build data profiles on every single Australian and hold them for four years — was brought low by a series of DDoS attacks that scuppered the Census and fuelled a gazillion #censusfail tweets.

There were four attacks specifically, according to the Bureau, the last of which lead them to abandon the program on the night. The Census site is still down.

Such a thoroughly predictable attack should have been manageable. Instead, the result was a shambles and a failure.

The more information that comes to light the worse it looks for both the ABS and IBM. For instance, Patrick Gray publisher of the excellent Risky Business cyber security podcast revealed yesterday in a post that both the vendor and the agency rejected an offer of DDOS projection from their upstream provider NexGen Networks.

Having at first defended the ABS, Prime Minister Malcolm Turnbull later unloaded on them and IBM.

He told a Sydney radio station, “There is no doubt there were failures in the system’s preparation for an entirely predictable denial of service attack. Measures that ought to have been in place to prevent these denial of service attacks were not put in place.”

For its part, the ABS is emphasising that a DDoS attack does not compromise data. That’s true and reasonable.

What is not reasonable is to go the next step and state unequivocally that no data was compromised. That’s because such attacks are often used as a feint for alternative attempts at network penetration.

Until a full analysis is conducted of everything that happened that night — not just the response to the DDoS — such guarantees are not worth a lick of spit.

Seriously, people?

According to Forrester Research’s John Brand, Forrester’s CIO Advisor, “This clearly demonstrates that large scale Internet platforms — whether hosted internally or on publicly available infrastructure — have to focus more seriously on threat intelligence and targeted near-real-time response capabilities.”

Brand says the the old approach of simply putting up barriers (e.g., multiple layers of firewalls) to provide confidence for protection doesn’t solve some of the underlying and very fundamental problems.

“The fact that these attacks happen either indicates a lack of understanding of the current threat landscape by the ABS and their service providers, or that an even more insidious approach to DDoS attacks has been developed that it is able to go completely undetected by current analysis and monitoring systems.”

Actually that last point seems a little unlikely to us, and is a little to flattering to the ABS and IBM.

Nevertheless, the point Brand is making is this: this situation should be a reminder that threat intelligence is not something to be ignored or underestimated.

 

Latest News

Starts At 60 Makes Two Executive Appointments
  • Media

Starts At 60 Makes Two Executive Appointments

Mature-age media platform Starts at 60 has welcomed two new leaders to its executive team as it looks to scale up and broaden its commercialisation. Amena Reza (pictured above, right) moves into the role of chief operating officer. She was formerly the managing director of ML Design, and is a chartered accountant and a non-executive […]

HubSpot Creates ‘Marketing Hub Starter’ For Small Businesses
  • Marketing
  • Technology

HubSpot Creates ‘Marketing Hub Starter’ For Small Businesses

Marketing software player HubSpot has launched Marketing Hub Starter, a new software offering that aims to give growing teams the tools they need to start marketing right. This new tier of HubSpot’s platform is designed with small businesses in mind, consolidating the capabilities of existing disparate marketing tools into one platform and offering an affordable […]

Market Research Industry Cracks Down On Shonky Behaviour With New Digital Platform
  • Marketing

Market Research Industry Cracks Down On Shonky Behaviour With New Digital Platform

The Association of Market and Social Research Organisations (AMSRO) has launched a digital platform to highlight fake or illegitimate research activities to the public. ‘Phish of the Day’ enables AMSRO members, as well as the general public, to report any scams or non-genuine market and social research activities to the association. These might include telemarketing […]

Pooled Energy Appoints Magnum & Co And The Wired Agency
  • Advertising
  • Marketing

Pooled Energy Appoints Magnum & Co And The Wired Agency

Swimming pool electricity retailer Pooled Energy has appointed Magnum & Co and sister agency The Wired Agency to its roster, following a competitive pitch. Magnum & Co will handle Pooled Energy’s social media and PR, while The Wired Agency has been appointed to manage the company’s search and display advertising. Both agencies will collaborate with […]

Masculinity Roasted In Clever New Ad
  • Advertising
  • Campaigns

Masculinity Roasted In Clever New Ad

Think masculinity means drinking a case without chundering? Well, rediscover it (& possibly yourself) with this top ad.

by B&T Magazine

B&T Magazine
WPP AUNZ Partners With Career Trackers Indigenous Internship Program
  • Advertising

WPP AUNZ Partners With Career Trackers Indigenous Internship Program

Advertising and marketing network WPP AUNZ has joined the Career Trackers Indigenous Internship Program as part of its commitment to a diverse workforce, and the creation of opportunities that inspire excellence. As part of the program, WPP AUNZ has welcomed its first three interns: Abi-Leigh Dillon (WPP AUNZ), Amy Mccutcheon (MediaCom) and Jacinta Evans (Ogilvy), […]

Taboo Goes On A Hiring Spree
  • Advertising

Taboo Goes On A Hiring Spree

Taboo has gone a hiring spree. And when it comes to sprees, that's far better than a shooting one or a farting one.

M&C Saatchi Group’s 1440 Shuts Up Shop
  • Marketing

M&C Saatchi Group’s 1440 Shuts Up Shop

Sadly, M&C Saatchi's 1440 is no more. And chances of it being reborn as 1550 not looking much chop either.

by B&T Magazine

B&T Magazine
Luke Kelly Becomes A Partner At HBT
  • Advertising
  • Marketing
  • Technology

Luke Kelly Becomes A Partner At HBT

B&T's not sure what's with that twirly thing in the press photo, suffice to say a vortex to an alternate dimension?

Women In Media Profile: Alison Michalk
  • Media

Women In Media Profile: Alison Michalk

If B&T's Women in Media profiles were an animal they would be a gazelle or lioness, or even a lioness eating a gazelle.

by B&T Magazine

B&T Magazine
Grant Broadcasters Makes Several Changes To Senior Executive Team
  • Media

Grant Broadcasters Makes Several Changes To Senior Executive Team

Independent media company Grant Broadcasters has announced a number of changes to its executive ranks. Grant Cameron will move up to become non-executive chairman for the company, and Alison Cameron (pictured above) – currently the chief operating officer – will assume the CEO role. Dugald Cameron remains responsible for the family’s investment portfolio and is […]

Shopper Media Group Partners With Mist To Offer New Tech & AI-Driven Capabilities
  • Advertising
  • Media

Shopper Media Group Partners With Mist To Offer New Tech & AI-Driven Capabilities

Australian retail out-of-home (OOH) business Shopper Media Group (SMG) has announced a partnership with AI-powered wireless networks provider Mist. The partnership will see SMG offer new WiFi, analytics and location-based services across the company’s portfolio of Australian shopping centres. Mist currently provides WiFi and location services using virtual Bluetooth LE technology to businesses across all […]

Indy Agency This Is Flow Wins Cruiseco’s $5 Million Media Account
  • Advertising
  • Media

Indy Agency This Is Flow Wins Cruiseco’s $5 Million Media Account

Travel organisation Cruiseco has announced the appointment of Sydney independent agency This is Flow (TIF) to handle its $5 million media account. This is the first time Cruiseco has appointed an agency, having managed its communications internally. Cruiseco is the largest and broadest distributor of cruise products in the Southern Hemisphere. With a membership base […]

Women In Media Profile: Naomi Shepherd
  • Media

Women In Media Profile: Naomi Shepherd

Need a Monday morning pick-me-up? You could stand naked next to the office fridge or read these inspiring words.

by B&T Magazine

B&T Magazine