ABS Census debacle: Cyber attack? What cyber attack?
CENSUS bosses had little concern about the type of cyber attacks that shut down the census website for nearly two days, new documents reveal.
Emails released under a Freedom of Information request show there was minimal concern about Distributed Denial of Service attacks by census manager Duncan Young in the three months leading up to the 2016 census.
The ABC reports Mr Young received correspondence over the period containing just nine sentences about DDoS attacks, which overload a website by simulating a rush of users trying to access it at the same time.
"At high level, our architecture resists DDoS attacks via use of multiple layers of security," an email sent in April said.
"In general terms, our experience is that most external DDoS attacks are stopped at the border firewall or, increasingly, in front of it, as cloud services are more widely utilised."
The Australian Bureau of Statistics told the ABC it had canvassed a wide range of documents, including those sent to Australian Bureau of Statistics boss David Kalisch, but found no other correspondence about DDoS attacks.
Labor MP Andrew Leigh, whose ACT electorate covers the ABS' headquarters, has blamed the Turnbull Government for the Census website outage.
Mr Leigh told the ABC the Government should have asked the ABS if it was prepared for DDoS attacks.
"The census is the biggest peacetime logistical operation in Australia," he said.
"And yet the Turnbull Government weren't prepared for the inevitable denial of service attacks that ended up shutting it down."
A senate committee inquiry last year found the census was a failed online project with inadequate protection against even a "minor attack".
The report also found contractor IBM had failed to adquetly test the technology.
After the report was released, Prime Minister Malcolm Turnbull said the census fail was "utterly predictable" but levelled the blame at IBM.
The contractor paid a "very substantial" but undisclosed multi-million dollar settlement over the incident.
"This was not a particularly clever attack or some great international assault on the Census," Mr Turnbull said at the time.
"This was a series of common or garden, utterly predictable, utterly foreseeable denial of service attacks," he said.
"It's not hacking, it's really just bombarding a website with a lot of hits so the server is clogged up.
"It's completely predictable."
Small Business Minister Michael McCormack told the ABC the government had accepted all of the recommendations of the census review.
Mr McCormack said there had been positives in the 2016 census' online component.
"More than 96 per cent of Australian households completed their census, which is on par with the 2011 census," Mr McCormack said.
"A record 58 per cent of Australians completed their census online."