Turnbull warns 'heads will roll' after DDoS attacks causes chaos in Australian digital census
The government has moved to assure citizens that no personal data was hacked.
Australian Prime Minister Malcolm Turnbull has warned that "heads will roll" after the country's first digital census went into meltdown on 9 August in what has been blamed on a series of distributed-denial-of-service (DDoS) attacks.
In the wake of a 43-hour outage, the website is now coming back online, with the government being forced to launch an official probe into the incident. In statements to local media, a "bitterly disappointed" Turnbull hit out at the Australian Bureau of Statistics (ABS) and contractor IBM for the failures.
"I too am very angry about this. I am bitterly disappointed about this," he told 2GB radio host Alan Jones on 11 August. "This has clearly been a failure on the part of the ABS, absolutely a failure on the part of the ABS."
He continued: "I know there are lots of people out there trying to find out who is to blame and you know, which heads should roll and so forth; my objective as the prime minister is to ensure that we get this site back. Which heads we roll, where and when is something that will follow."
Many are now forecasting an inevitable clash with technology giant IBM, which was given a $9.6m contract to manage the census website. Turnbull said the firm should have been better prepared for the "predictable" threat of cyberattack.
"The denial of service attacks were completely predictable [and] should have been repelled readily," he said. "They weren't, because of failures in the system that had been put in place for ABS by IBM. A denial-of-service attack is as predictable as the rain will fall one day or the sun will come up."
In reaction to the census fiasco, IBM said the company "genuinely regretted the inconvenience" caused by the outages. "IBM's priority over the last two days was to work with the ABS to restore the census site. We are committed to our role in the delivery of this project," a spokesperson said.
"The Australian Signals Directorate (ASD) has confirmed no data was compromised. Our cyber-security experts are partnering with national intelligence agencies to ensure the ongoing integrity of the site."
Conflicting reports
Echoing initial reports from the ABS, the Prime Minister said the DDoS attacks appeared to have originated in the US – however noted that didn't mean it was the true location of the culprit. "It is relatively straightforward to be able to route traffic using virtual private networks and other techniques through the US," he said, "that will be investigated."
Meanwhile, speculation is mounting that the census computer system was not brought down by DDoS attack alone. Others have said that it was a mixture of cyberattack, weak hardware and so-called "anomalous traffic."
"The site was not crashed by denial of service but it was a confluence of events that caused the ABS to make that decision," Turnbull said during a recent press conference in Canberra. "But there is no doubt there was a failure on the part of ABS and the systems provider."
Now, Australian citizens will have until 23 September to fill in the online census. Those unable to do so will not be hit with a fine, officials have said. However, what is now worrying the government is the potential for another attack once systems are restored.
The PM's cyber security advisor, Alastair MacGibbon, has said there are "no absolutes" in cybersecurity but promised that "everything conceivably possible able to be done will be done to protect" the website. "Every effort is being made," he added.
Previously, independent senator Nick Xenophon called the outages "a monumental failure of a government program of the first order'' and called for an inquiry to be launched. He said: "For the ABS, for the government to say this is not a cyberattack is a bit like Monty Python's Black Knight saying he just copped a flesh wound."
"The government needs to provide a much great level of assurance of the security of the census than was provided in their press conference earlier today. If they cannot do so in the next 24 hours, they need to seriously consider putting the census on hold until an urgent and rigorous inquiry is conducted.''
© Copyright IBTimes 2024. All rights reserved.