Census Failure 'Not A Hack, Not An Attack'. So What Was It?

The Government and ABS blamed the crash on a "confluence of events".

10/08/2016 12:28 PM AEST | Updated 10/08/2016 4:46 PM AEST
AFP/Getty Images
Don't mention the Census.

CANBERRA -- Australians are being told the debacle of the complete and continued failure of the 2016 Census website as not an attack nor hack, rather an "attempt to frustrate", while the latest five yearly Census has been given the tag as "worst ever".

The Turnbull Government and Australian Bureau of Statistics (ABS) have tried to explain away the crashing of the 2016 Census website on Tuesday blaming it on a "confluence of events" and foreign hackers, but have rejected descriptions of the events of the past 24 hours as an "attack".

Andrew Meares FAIRFAX
Small Business minister Michael McCormack and Australian Statistician David Kalisch.

Millions of Australians were unable to complete their compulsory Census forms online Tuesday after the ABS website was subject to four "malicious" distributed denial of Service (DDoS) attacks of "varying nature and severity" throughout Tuesday.

ABS Census
The Census website is "unavailable".

A DDoS attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources.

The last DDoS attempt was described as "large scale" and led to the "hardware failure" of an overloaded router. The chief statistician David Kalisch then "cautiously" shut the site down to protect data.

"The ABS server was not compromised at all," Prime Minister Malcolm Turnbull told reporters in Sydney.

"There was a confluence of events which caused Mr Kalisch at around 7.45pm last night to make the decision to take the site down."

Frustrations with the Census shutdown continue to be vented on social media, particularly over the time wasted. However, other have found the funny side of the massive stuff-up.

The source of the DDoS attempt is unknown and the Australian Signals Directorate, the Privacy Commissioner are now investigating, while an internal ABS inquiry is expected.

Labor is now being describing Census 2016 as "the worst-run Census in Australian history" and has called for the resignation of the minister responsible for the Census, Michael McCormack, who has been in the job for just three weeks.

"This has been the worst-run Census in Australian history. One of the worst IT debacles Australia has ever seen," the Shadow Assistant Treasurer, Andrew Leigh told reporters in Canberra.

"Millions of hours of Australians' time has been wasted, dealing with a Census that's management was botched."

"To fail to anticipate those hacking attempts is a failure of the Government."

Appearing to contradict earlier explanations from the ABS and the advice of many tech experts, the Minister rejects any use of the word "attack".

"This was not an attack, nor was it a hack," the minister responsible for the Census, Michael McCormack, told reporters in Canberra.

"Rather, it was an attempt to frustrate the collection of Bureau of Statistics Census data. ABS Census security was not compromised. I repeat, not compromised and no data was lost."

Andrew Meares, FAIRFAX
Small Business minister Michael McCormack.

When pressed by reporters, Mr McCormack said that he felt "by saying attacked, it looks as though and it seems as though and it is so that information was then gained".

"A hack is when someone gets into a system, reefs what they want and then uses it for malicious purposes."

"There was no attack, there was no hack, because that sort of information did not get out."

The Prime Minister's Special Adviser on Cyber Security Alastair MacGibbon disagreed with McCormack, saying the site was attacked. MacGibbon told Sky News he thought Minister McCormack was trying to say it wasn't a hack.

"It's hard to know whether [the attack] was a nation state or some other malicious actor," MacGibbon said on Wednesday afternoon.

Prominent crossbench senator Nick Xenophon has ridiculed the minister's explanation saying denying the DDoS incidents were not attack was like invoking the famous Black Knight scene from Monty Python, "it is just a flesh wound."

The Census website was still down as of midday on Wednesday.

"We are working to get the online system up as quickly as possible and I need to be assured about the robustness of our arrangements before I put it back online," Kalisch said.

Senator Xenophon has flagged a Senate inquiry into the Census, particularly into the ABS's actions.

"They guaranteed that this wouldn't happen," he told Today. "They have also guaranteed that we wouldn't be having problems that we wouldn't be having problems that our data would be safe."

"I think we just need more explanations."

"I will be pushing for a Senate inquiry into this because if people are fair dinkum about this Census being robust and, you know, doing the right thing by all Australians, I think we need to hear more about it."

While the eCensus software is managed in-house, the ABS chose to outsource the eCensus hosting to IBM Australia, at a cost of $9.6 million.

Melbourne-based firm Revolution IT was awarded hundreds of thousands of dollars this year to perform 'load testing', to determine the system's resiliency.

More On This Topic