Making Sense Of The Whole Census Cock-Up
In this guest post, Www.which-50 editor and B&T’s resident tech guru, Andrew Birmingham, casts his keen techy eye over this week’s Census debacle. And he’s deduced one thing – it was indeed a debacle…
My 11-year-old son recently implemented IP spoofing so he could hunt for Pokémon on Santa Monica Pier, roughly 12,000km away, from the comfort of his bedroom.
Stepping outside and blinking into the sunlight is so last year.
When he is not chasing Zubats and hatching eggs he is often to be found on Minecraft or CS Go where occasionally the competition gets a little fierce.
The kids routinely melt down when they get smashed by their opponents. That’s when lazy accusations of hacking and bots start getting bandied about. If it’s heated enough, they might well identify a competitor’s IP address and attack it with tools they download from the Internet.
Often a gang of them will pile on. It’s spectacular to behold.
YouTube provides all the training they need. Google delivers the arsenal.
Two things are worth noting. First, it’s so ridiculously easy to launch a distributed denial of service (DDoS) attack that even a child can do it.
And second, my son is still below the age of criminal liability.
As easy as it is to launch a DDoS, likewise the process of anticipating and mitigating against such an attack is straightforward these days.
If you are a giant and well-resourced government agency running your most important program for five years, it should be table stakes. Likewise, if you are a global technology vendor which has pocketed $10 million to prevent such an occurrence you should probably deliver on your promise.
We will know soon enough whether or not the old adage that no one ever got fired for buying IBM still holds true today.
Certainly there are plenty of public servants in the Queensland Health Department who suffered through a catastrophic payroll implementation a number of years ago who might be willing to share their views.
We don’t need to delve into the essential details of what happened on Tuesday night, as it has been covered thoroughly everywhere else.
The short version is simply this: the Australian Bureau of Statistics (ABS) — already under fire over its decision to build data profiles on every single Australian and hold them for four years — was brought low by a series of DDoS attacks that scuppered the Census and fuelled a gazillion #censusfail tweets.
There were four attacks specifically, according to the Bureau, the last of which lead them to abandon the program on the night. The Census site is still down.
Such a thoroughly predictable attack should have been manageable. Instead, the result was a shambles and a failure.
The more information that comes to light the worse it looks for both the ABS and IBM. For instance, Patrick Gray publisher of the excellent Risky Business cyber security podcast revealed yesterday in a post that both the vendor and the agency rejected an offer of DDOS projection from their upstream provider NexGen Networks.
Having at first defended the ABS, Prime Minister Malcolm Turnbull later unloaded on them and IBM.
He told a Sydney radio station, “There is no doubt there were failures in the system’s preparation for an entirely predictable denial of service attack. Measures that ought to have been in place to prevent these denial of service attacks were not put in place.”
For its part, the ABS is emphasising that a DDoS attack does not compromise data. That’s true and reasonable.
What is not reasonable is to go the next step and state unequivocally that no data was compromised. That’s because such attacks are often used as a feint for alternative attempts at network penetration.
Until a full analysis is conducted of everything that happened that night — not just the response to the DDoS — such guarantees are not worth a lick of spit.
Seriously, people?
According to Forrester Research’s John Brand, Forrester’s CIO Advisor, “This clearly demonstrates that large scale Internet platforms — whether hosted internally or on publicly available infrastructure — have to focus more seriously on threat intelligence and targeted near-real-time response capabilities.”
Brand says the the old approach of simply putting up barriers (e.g., multiple layers of firewalls) to provide confidence for protection doesn’t solve some of the underlying and very fundamental problems.
“The fact that these attacks happen either indicates a lack of understanding of the current threat landscape by the ABS and their service providers, or that an even more insidious approach to DDoS attacks has been developed that it is able to go completely undetected by current analysis and monitoring systems.”
Actually that last point seems a little unlikely to us, and is a little to flattering to the ABS and IBM.
Nevertheless, the point Brand is making is this: this situation should be a reminder that threat intelligence is not something to be ignored or underestimated.
Latest News
DMARGE Founder Unveils Creator-Led Social Media Agency Feedstar
New creator-led social media agency Feedstar to be aimed directly at Gen Zs. Well, they'd hardly want print, would they?
TV Ratings (02/05/2024): A total of 1,753,000 Aussies Witness Port Adelaide’s Defeat
Seven's AFL numbers almost double that of the NRL last night. The NRL still easily winning for ruptured ACLs.
Hotglue Cashes In With La Trobe Financial Digital Media Account
Hotglue staffers learning their cashflows from their collaterals today after nabbing La Trobe Financial's digital media.
M&C Saatchi’s Sydney Creative Lead Exits
B&T's stopping short of calling it a revolving door at M&C at the present, but there's definitely heat on the hinges.
Taylor Swift’s Music Re-Enters TikTok As Universal Pens Landmark Deal
Yes, B&T may have spent 152 hours failing to get Taylor Swift tickets, but, as you'll read here, it's all behind us now.
HAVAS Red launches inaugural Influencer White Paper
Havas Red has debuted its first influencer white paper. Unless you print it out in colour, of course.
Two Sides Global Campaign Reports Increasing Greenwashing As Organisations Focus On Sustainability
New report confirms greenwashing's on the rise. Apparently Mars' 'work, rest & play' claims also under investigation.
Aruga Launches New HQ & Changed Ownership Structure
PR agency Aruga proves Brisbane is 'so hot right now'. So hot in fact, Adelaide's had to go on anti-anxiety meds.
Delicious & American Express Partner To Launch Month Out 2024 In Sydney
Cost of living got you eating noodles prepared in the two-minute style? Why not live vicariously through this.
Aussie Ad Market Continues Decline In March
The belt-tightening in adland shows signs of a turnaround soon. Bar the belt-loosening at the all-you-can-eat buffet.
VMA Focuses On Skills And Training For Members
If there was a post-COVID hangover (bar the anti-vax ranters) it was the rise in skills shortages. Here's another one.
Nearly 90% Of Consumers Want Transparency About AI Images, Finds Getty Images Report
Study finds consumers want transparency around AI images. Couldn't care less about photoshopped magazine covers.
The National Breast Cancer Foundation Partners With VML To Boost Funds
Anyone else feel we've exhausted the office morning tea for cancer? B&T proposes the office moonshine still instead.
Perry ‘Pez’ Lazaris Named New National Hit Network Announcer
Why is it mandatory for the media to only publish the nicknames of people in radio & underworld crime figures?
Before Adland: Garry Dawson’s Journey From Teacher To Marketer
Here, the Hopeful Monsters marketer talks his shift from the classroom to the room wherever marketers congregate.
Scott Cam Urges Tradies To Prioritise Sun Protection
The Block host promoting sun protection to tradies. Also, don't try getting into the RSL after 6pm wearing high viz.
PubMatic Study: Advertising On Retail Media Is 50% More Effective Than Social Media
New study finds retail media 50% more effective than social. B&T says two-for-one Tim Tams trumps the lot.
From MOWING to life GROWING: Jim Penman launches ‘Life Coaching’ services
Can't decide on getting the hedges trimmed or finding a deeper meaning to life? You're in luck with this new venture.
Budweiser Brazil Turns Songs That Name Drop The Iconic Brand Into Spotify Ads
It's strange that Budweiser never found a market among beer-swilling Aussies. Then again, neither did the fluffy duck.
Effie Worldwide Strengthens Board With 6 New Members
B&T hopes everyone's wearing their Maseur sandals at the Effies, as it's standing room only at the next board meeting.
Special Enlist A Penguin Named Nigel In Latest Energy Campaign For Contact
Special unveils Nigel the penguin in work for energy provider Contact. Apparently Percy the peacock was booked.
Anya Taylor-Joy, Chris Hemsworth & George Miller Ignite Sydney For Epic Mad Max Launch
The Mad Max film franchise is Australia's cinematic gift to the world. That & Chris Hemsworth's near perfect cheekbones.
IAS Launches First-To-Market Integration With Roblox To Provide 3D Immersive Measurement
Always thought you could do with better 3D immersive measurement? Happy days are ahead here.
Fast And Furious: Top Gear Australia Launch Thrilled Motorheads, Car Entusiasts And Guests
B&T is still no closer to knowing who the new Stig is, except that she is a woman and a ridiculously fast.
TV Ratings (02/05/2024): Seven’s The 1% Club Wins The Night
The 1% club did not live up to its name when it comes to TV ratings last night.
TRA Welcomes Raft Of New Hires; Bolstering Expertise Across Markets
Insights and research agency TRA announces slew of new hires. Still no news on the return of marble wash denim, however.
CX Lavender Hires Boston Consulting Group’s Kim Verbrugghe as Chief Strategy Officer
CX Lavender announces new strategy hire and channels 'acoustic folk act at local RSL' for the publicity pic.
Opinion: Community standards, will they be the death of us?
This columnist is talking community standards. Sadly not those people who put dogs in trolleys in supermarkets.
Tegel gets heads bobbing with new free-range chicken platform
Sure, there's a lot of moral considerations when buying a chook. Yet, not as baffling as buying eggs or canned tuna.
Study: 66% of Aussie men believe masculinity is under attack
Two-thirds of Aussie blokes say masculinity's under attack. That said, sales of Solo lemon drink appear robust.
‘Equal Writes’: Canyon reveals new campaign and refreshed brand for women and non-binary writers
As this brand redesign again proves, nothing beats black on white. Well, white on black in this instance.
Icon Agency bolsters consumer and integrated offer with major hires
Icon Agency unveils new recruits. As press photo confirms office moustache competition now a lay-down misère.
Clemenger launches agricultural graduate program
Has Farmer Wants A Wife triggered an interest in dagging & hay balers? This grads program may resonate.
Levi’s Appoint UM As Global Media Agency For $217m Account
Levi's are the jeans for rockstars, models & the cool kids. Although that's not stopped dads from ruining their image.
QMS Nabs Sean Rigby From oOh!media
Things set to get spicy at the next Outdoor Media Association dinner and dance as a rival gets poached.
Bumble Reveals New Brand Identity To Usher In New Era Of Dating
It's ironic that all the dating apps market themselves as having no weirdos, freaks or mummy's boys like their rivals.