The architects of the online census system which went into meltdown on August 9 have apologised for their mistakes, saying traffic from Singapore was behind the decision to take the website offline, but maintained that no personal data was at risk.
Executives from IBM appeared before the Senate economics reference committee on Tuesday, fronting up for their first detailed public explanation of what exactly happened to force the website offline and leave millions of people unable to fill in their census. The incident soon spawned the #censusfail hashtag.
IBM Australia's managing director Kenny Purcell began by saying he "unreservedly" apologised for the incident, and that the site was not hacked but instead came under attack and was taken offline to protect private information being accessed.
"No personal information was compromised in any way as a result of the census night events," he said.
"Data submitted by the Australian public was at all times safely and securely stored.
"The site was not hacked. The denial of service attacks meant the site was unavailable to the public for a period of time but nothing more."
The three IBM executives outlined in detail the four attacks that the e-census site received on August 9 -- at 10.10am, 11.45am, 4.50pm and 7.27pm -- the last of which prompted officials to take the website offline. It has not been confirmed where the attacks came from, and IBM initially did not reveal much more, but later said a large volume of traffic had come from Singapore.
"Beyond stating the key attack originated outside Australia, we don't propose to comment further on who the culprits may be. We are fully assisting the AFP's investigation and don't want to compromise that process," Purcell said.
However, engineer Michael Shallcross later added more detail.
"We eventually discovered that the traffic was coming primarily from Singapore on one particular router on which the geoblocking rules had not been effectively implemented and that was the primary source of the volume of traffic coming down the NextGen link," he said.
Purcell said a large amount of traffic coming from overseas earlier in the day had prompted IBM to institute its Island Australia safeguard, a geoblocking measure which stopped overseas traffic reaching the site. However, the executive said the measure was "not properly applied" by an internet service provider, which allowed foreign traffic in.
"In short, the geoblocking protocol was not properly applied by one of the ISPs and this error occurred in circumstances where we had received repeated assurances from the ISP that the protocol was properly in place," Purcell said.
"That resulted in attack traffic getting through to the e-census site which in turn caused a number of effects which led to IBM's decision to suspend public access to the site.
"It was the pattern. Two incidents within the space of a couple of hours suggested this was a concerted attack and therefore we should invoke the Island Australia protocol and that was agreed with the ABS."
IBM said they were ready to restore the system after three hours, but the Australian Bureau of Statistics instructed them to wait. It took 40 hours for the site to come back online. Purcell said he had "reached out to the Australian government to seek to resolve the additional costs" of the census incident, but that they "hadn't concluded the discussions".
Purcell also confirmed no staff had been sacked over the stuff-up.