Making Sense Of The Whole Census Cock-Up

Making Sense Of The Whole Census Cock-Up
SHARE
THIS



In this guest post, Www.which-50 editor and B&T’s resident tech guru, Andrew Birmingham, casts his keen techy eye over this week’s Census debacle. And he’s deduced one thing – it was indeed a debacle…

My 11-year-old son recently implemented IP spoofing so he could hunt for Pokémon on Santa Monica Pier, roughly 12,000km away, from the comfort of his bedroom.

Stepping outside and blinking into the sunlight is so last year.

When he is not chasing Zubats and hatching eggs he is often to be found on Minecraft or CS Go where occasionally the competition gets a little fierce.

The kids routinely melt down when they get smashed by their opponents. That’s when lazy accusations of hacking and bots start getting bandied about. If it’s heated enough, they might well identify a competitor’s IP address and attack it with tools they download from the Internet.

Often a gang of them will pile on. It’s spectacular to behold.

YouTube provides all the training they need. Google delivers the arsenal.

Two things are worth noting. First, it’s so ridiculously easy to launch a distributed denial of service (DDoS) attack that even a child can do it.

And second, my son is still below the age of criminal liability.

As easy as it is to launch a DDoS, likewise the process of anticipating and mitigating against such an attack is straightforward these days.

If you are a giant and well-resourced government agency running your most important program for five years, it should be table stakes. Likewise, if you are a global technology vendor which has pocketed $10 million to prevent such an occurrence you should probably deliver on your promise.

We will know soon enough whether or not the old adage that no one ever got fired for buying IBM still holds true today.

Certainly there are plenty of public servants in the Queensland Health Department who suffered through a catastrophic payroll implementation a number of years ago who might be willing to share their views.

We don’t need to delve into the essential details of what happened on Tuesday night, as it has been covered thoroughly everywhere else.

The short version is simply this: the Australian Bureau of Statistics (ABS) — already under fire over its decision to build data profiles on every single Australian and hold them for four years — was brought low by a series of DDoS attacks that scuppered the Census and fuelled a gazillion #censusfail tweets.

There were four attacks specifically, according to the Bureau, the last of which lead them to abandon the program on the night. The Census site is still down.

Such a thoroughly predictable attack should have been manageable. Instead, the result was a shambles and a failure.

The more information that comes to light the worse it looks for both the ABS and IBM. For instance, Patrick Gray publisher of the excellent Risky Business cyber security podcast revealed yesterday in a post that both the vendor and the agency rejected an offer of DDOS projection from their upstream provider NexGen Networks.

Having at first defended the ABS, Prime Minister Malcolm Turnbull later unloaded on them and IBM.

He told a Sydney radio station, “There is no doubt there were failures in the system’s preparation for an entirely predictable denial of service attack. Measures that ought to have been in place to prevent these denial of service attacks were not put in place.”

For its part, the ABS is emphasising that a DDoS attack does not compromise data. That’s true and reasonable.

What is not reasonable is to go the next step and state unequivocally that no data was compromised. That’s because such attacks are often used as a feint for alternative attempts at network penetration.

Until a full analysis is conducted of everything that happened that night — not just the response to the DDoS — such guarantees are not worth a lick of spit.

Seriously, people?

According to Forrester Research’s John Brand, Forrester’s CIO Advisor, “This clearly demonstrates that large scale Internet platforms — whether hosted internally or on publicly available infrastructure — have to focus more seriously on threat intelligence and targeted near-real-time response capabilities.”

Brand says the the old approach of simply putting up barriers (e.g., multiple layers of firewalls) to provide confidence for protection doesn’t solve some of the underlying and very fundamental problems.

“The fact that these attacks happen either indicates a lack of understanding of the current threat landscape by the ABS and their service providers, or that an even more insidious approach to DDoS attacks has been developed that it is able to go completely undetected by current analysis and monitoring systems.”

Actually that last point seems a little unlikely to us, and is a little to flattering to the ABS and IBM.

Nevertheless, the point Brand is making is this: this situation should be a reminder that threat intelligence is not something to be ignored or underestimated.

 

Please login with linkedin to comment

census Designworks FreeviewPlus

Latest News

Verizon Media Academy Ends For 2021 With Youth Charity Pitch-Off
  • Advertising
  • Media

Verizon Media Academy Ends For 2021 With Youth Charity Pitch-Off

Verizon Media’s talent program has come to an end for the third year, closing with a hybrid pitch-off event for Musicians Making A Difference (MMAD). The Verizon Media Academy class of 2021, made up of 44 emerging leaders from across Australia and New Zealand media, advertising and marketing industry, were given just one hour to […]

Industry’s Gamers Unite For UnLtd’s Virtual Rocket League Comp
  • Advertising
  • Marketing
  • Media

Industry’s Gamers Unite For UnLtd’s Virtual Rocket League Comp

Social purpose organisation UnLtd’s Big Games competition has raised a combined $85,000 for children and young people at risk. Running over five weeks, the competition involved 32 teams from across the advertising, marketing and media industries battling it out virtually for a chance to qualify for the Rocket League final. The tournament culminated in a […]

Sam Worthington And Phoebe Tonkin To Star In New Stan Original Film ‘Transfusion’
  • Media

Sam Worthington And Phoebe Tonkin To Star In New Stan Original Film ‘Transfusion’

Stan has announced that the Stan Original Film Transfusion commenced filming in Sydney earlier this week and will premiere on Stan in 2022. Transfusion is a taut, muscular thriller starring Sam Worthington (Avatar) as Ryan Logan, a former Special Forces operative, who is battling to cope with life after the loss of his wife and is thrust […]

COVID-19 Saw Stock Imagery Return To Harmful Gender Stereotypes
  • Advertising
  • Marketing

COVID-19 Saw Stock Imagery Return To Harmful Gender Stereotypes

According to a decade of data collected by iStock, Australian brands turned to imagery depicting outdated gender stereotypes during the pandemic. Tracking the keyword ‘women’, iStock by Getty Images found that in 2020, ANZ brands and businesses reverted to gender stereotypes. Images of mothers home-schooling were used at almost twice the rate of images of […]

by B&T Magazine

B&T Magazine
Maddison Connaughton Ends Time As Editor Of The Saturday Paper
  • Media

Maddison Connaughton Ends Time As Editor Of The Saturday Paper

Schwartz Media is congratulating Maddison Connaughton on her three years as editor of The Saturday Paper. Connaughton has decided to finish up her editorship this month. “It’s been an honour to edit the paper,” Connaughton said. “The Saturday Paper is one of the brightest voices in Australian media and I have been happy to see […]

Teenage boy wearing headphones works at desk in his bedroom
  • Media

New Research Names Olivia Rodrigo And BTS The Most Popular Study Music

Research from EdBbirdie using Spotify data has identified the most popular songs to study to. After analysing thousands of studying and homework playlists on Spotify, American singer Olivia Rodrigo’s ‘drivers license’ came out as top song to study to. It featured on 48 study playlists, while other top songs included ‘Ophelia’ by The Lumineers, ‘Falling’ […]

Happy woman drinking tea and waving to someone while having video call over desktop PC in the evening at home.
  • Marketing
  • Opinion

Building A Successful Remote Marketing Team

Dayna Stewart is the Business Director – Digital Marketing, Media & Creative Services at The Nudge Group. Here, she discusses the challenges that come with building a successful marketing team when working remotely. Before COVID-19 changed the way businesses work, most marketing teams spent their days together in a meeting room collaborating on the next […]

Opinion

by B&T Magazine

B&T Magazine
Australia’s The Kid LAROI Joins Billie Eilish, Dua Lipa, Olivia Rodrigo And More In iHeartRadio Festival Line-Up
  • Media

Australia’s The Kid LAROI Joins Billie Eilish, Dua Lipa, Olivia Rodrigo And More In iHeartRadio Festival Line-Up

The line-up for the 2021 iHeartRadio Music Festival has been announced as the legendary event returns live in Las Vegas in September. This year, the epic two-day lineup for the iHeartRadio Music Festival main stage will feature performances by Billie Eilish, Cheap Trick, Coldplay, Dua Lipa, Florida Georgia Line, Journey, Khalid, Lil Baby, Maroon 5, Nelly, […]

Shop! ANZ Calls On Industry To Participate In ANZ Shopper And Retail Marketing Industry Survey
  • Marketing

Shop! ANZ Calls On Industry To Participate In ANZ Shopper And Retail Marketing Industry Survey

Shop! ANZ is calling on shopper and retail marketing professionals from all retail related disciplines to participate in the first ANZ Shopper and Retail Marketing Industry Survey in four years. This important research provides a guide of where the retail marketing industry in Australia and New Zealand has come from and what is anticipated to […]