Making Sense Of The Whole Census Cock-Up

Making Sense Of The Whole Census Cock-Up
SHARE
THIS



In this guest post, Www.which-50 editor and B&T’s resident tech guru, Andrew Birmingham, casts his keen techy eye over this week’s Census debacle. And he’s deduced one thing – it was indeed a debacle…

My 11-year-old son recently implemented IP spoofing so he could hunt for Pokémon on Santa Monica Pier, roughly 12,000km away, from the comfort of his bedroom.

Stepping outside and blinking into the sunlight is so last year.

When he is not chasing Zubats and hatching eggs he is often to be found on Minecraft or CS Go where occasionally the competition gets a little fierce.

The kids routinely melt down when they get smashed by their opponents. That’s when lazy accusations of hacking and bots start getting bandied about. If it’s heated enough, they might well identify a competitor’s IP address and attack it with tools they download from the Internet.

Often a gang of them will pile on. It’s spectacular to behold.

YouTube provides all the training they need. Google delivers the arsenal.

Two things are worth noting. First, it’s so ridiculously easy to launch a distributed denial of service (DDoS) attack that even a child can do it.

And second, my son is still below the age of criminal liability.

As easy as it is to launch a DDoS, likewise the process of anticipating and mitigating against such an attack is straightforward these days.

If you are a giant and well-resourced government agency running your most important program for five years, it should be table stakes. Likewise, if you are a global technology vendor which has pocketed $10 million to prevent such an occurrence you should probably deliver on your promise.

We will know soon enough whether or not the old adage that no one ever got fired for buying IBM still holds true today.

Certainly there are plenty of public servants in the Queensland Health Department who suffered through a catastrophic payroll implementation a number of years ago who might be willing to share their views.

We don’t need to delve into the essential details of what happened on Tuesday night, as it has been covered thoroughly everywhere else.

The short version is simply this: the Australian Bureau of Statistics (ABS) — already under fire over its decision to build data profiles on every single Australian and hold them for four years — was brought low by a series of DDoS attacks that scuppered the Census and fuelled a gazillion #censusfail tweets.

There were four attacks specifically, according to the Bureau, the last of which lead them to abandon the program on the night. The Census site is still down.

Such a thoroughly predictable attack should have been manageable. Instead, the result was a shambles and a failure.

The more information that comes to light the worse it looks for both the ABS and IBM. For instance, Patrick Gray publisher of the excellent Risky Business cyber security podcast revealed yesterday in a post that both the vendor and the agency rejected an offer of DDOS projection from their upstream provider NexGen Networks.

Having at first defended the ABS, Prime Minister Malcolm Turnbull later unloaded on them and IBM.

He told a Sydney radio station, “There is no doubt there were failures in the system’s preparation for an entirely predictable denial of service attack. Measures that ought to have been in place to prevent these denial of service attacks were not put in place.”

For its part, the ABS is emphasising that a DDoS attack does not compromise data. That’s true and reasonable.

What is not reasonable is to go the next step and state unequivocally that no data was compromised. That’s because such attacks are often used as a feint for alternative attempts at network penetration.

Until a full analysis is conducted of everything that happened that night — not just the response to the DDoS — such guarantees are not worth a lick of spit.

Seriously, people?

According to Forrester Research’s John Brand, Forrester’s CIO Advisor, “This clearly demonstrates that large scale Internet platforms — whether hosted internally or on publicly available infrastructure — have to focus more seriously on threat intelligence and targeted near-real-time response capabilities.”

Brand says the the old approach of simply putting up barriers (e.g., multiple layers of firewalls) to provide confidence for protection doesn’t solve some of the underlying and very fundamental problems.

“The fact that these attacks happen either indicates a lack of understanding of the current threat landscape by the ABS and their service providers, or that an even more insidious approach to DDoS attacks has been developed that it is able to go completely undetected by current analysis and monitoring systems.”

Actually that last point seems a little unlikely to us, and is a little to flattering to the ABS and IBM.

Nevertheless, the point Brand is making is this: this situation should be a reminder that threat intelligence is not something to be ignored or underestimated.

 

Latest News

Why Programmatic Needs To Become A Branding Machine
  • Advertising
  • Marketing
  • Opinion
  • Technology

Why Programmatic Needs To Become A Branding Machine

In this opinion piece, Phil Murrell (pictured below), country manager for Australia and New Zealand at Sizmek, argues that programmatic ad spend needs to move up the branding funnel. When I started in digital advertising way back in 2004, we got our media insertion orders via the fax machine. We relied on that machine to […]

Opinion

by B&T Magazine

B&T Magazine
Do Not Disconnect… Why The Telephone Is Still As Relevant For Advertisers As Ever
  • Opinion

Do Not Disconnect… Why The Telephone Is Still As Relevant For Advertisers As Ever

In this guest post, CEO of Delacon, Michael Center (pictured below), argues in favour of something we don’t hear too much a bout these days – the good old fashioned telephone… It’s 142 years since Alexander Graham Bell made his first call on 10 March 1876 to his assistant Thomas Watson, where he uttered the […]

Opinion

by B&T Magazine

B&T Magazine
An Apology To Salmat’s Karen Lewis
  • Media

An Apology To Salmat’s Karen Lewis

Whoops! B&T's stuffed up and this certainly comes with our sincerest apologies for any offence caused.

by B&T Magazine

B&T Magazine
Adland Execs To Be Locked Up
  • Media

Adland Execs To Be Locked Up

Continuing adland's fascination with prison when it comes to charitable causes comes this latest trip to the slammer.

Australian Directors’ Guild Announces Mentorship Winners
  • Campaigns
  • Media

Australian Directors’ Guild Announces Mentorship Winners

Now in its second year, the Australian Directors’ Guild’s (ADG) Commercial & Content Directing Mentorship program announced its next round of eight mentoree recipients. The winners were announced at a special event held last night at FINCH, Sydney and attended by members of the screen and advertising industries. Acclaimed director, and ADG President, Samantha Lang, […]

Diversity Case Study Series: OMD
  • Advertising
  • Marketing
  • Media

Diversity Case Study Series: OMD

One need only look at the Cadbury Favourites chocolate selection to know it has nought to do with industry diversity.

by B&T Magazine

B&T Magazine
Eyeota Deep Dives Into Australian Automotive Purchase Behaviour
  • Media

Eyeota Deep Dives Into Australian Automotive Purchase Behaviour

Eyeota, the global leader in audience data, has today released its latest results on automotive purchase intentions in Australia. The results provide a deep dive into what motivates the buyer and segments those into six different personas.

APN Outdoor Joins The AANA
  • Marketing
  • Media

APN Outdoor Joins The AANA

AANA's annual Christmas dinner and dance got a teensy bit more crowded following this announcement this morning.

QMS Introduces ‘The Lonsdale’ To Melbourne
  • Advertising
  • Media

QMS Introduces ‘The Lonsdale’ To Melbourne

Digital outdoor media company QMS Media has turned on a new premium landmark digital billboard situated in the heart of Melbourne’s CBD. Delivering a commanding presence at the major intersection of Lonsdale and Russell Streets, ‘The Lonsdale’ offers extended dwell times to both vehicle and pedestrian traffic, impacting more than 2.2 million contacts per month. […]

Portrait of a woman looking through out the blinds. Office worker looking through window blinds
  • Opinion

The Lurking Brand Threats Facing CMOs

Treading on gardening rakes and possible alien abduction notable omissions from this CMO threats piece.

Opinion

by B&T Magazine

B&T Magazine
Women In Media Profile: Susannah George
  • Media

Women In Media Profile: Susannah George

B&T is delighted to profile Urbanlist supremo Susannah George who, we understand, is not related to George Brandis.

by B&T Magazine

B&T Magazine
Ikon Lands Avis Budget Group Account
  • Advertising
  • Marketing
  • Media

Ikon Lands Avis Budget Group Account

B&T chooses and recommends Avis and John Karandonis shoes. Hang on, that was the end of Sale Of The Century.

by B&T Magazine

B&T Magazine
Principals Appoints New Creative Director For Melbourne
  • Marketing

Principals Appoints New Creative Director For Melbourne

Branding design agency Principals has announced the appointment of Pip Ireland as its Melbourne creative director. Ireland, who has been freelancing with the agency for the past six months, has previously held roles at Designworks in New Zealand and Melbourne as well as Moon Communications in Sydney. Principals executive creative director Simon Wright said: “We’ve […]

Pureprofile Unveils Next-Level Audience Segmentation Offering With RDA Research
  • Media
  • Technology

Pureprofile Unveils Next-Level Audience Segmentation Offering With RDA Research

Global media and technology company Pureprofile has partnered with RDA Research to enable further audience segmentation across its audience profiles. RDA Research’s geoTribes is a unique classification system that rivals traditional geodemographic approaches by grouping consumers into fifteen ‘tribes’ based on their life stage and socio-economic status. Clients are then able to better understand consumer […]