Australian prime minister promises ‘very thorough review’ after census website attacks
The Australian government’s lead on cyber security policy Alastair MacGibbon is to carry out an investigation after the country’s census website was shut down following a series of attacks from overseas.
The Australian Bureau of Statistics (ABS) yesterday decided to take down the site after four ‘denial of service attacks’, which occur when when hackers orchestrate thousands of compromised computers to overwhelm a website with traffic.
Prime minister Malcolm Turnbull, who blamed a “failure in a portion of [the site’s] defences” and “a hardware failure”, promised a “very thorough review of the events” headed by MacGibbon, who was appointed the government’s first ever special adviser on cyber security in May.
MacGibbon will be supported by the Australian Signals Directorate – an Australian government Department of Defence intelligence agency responsible for signals intelligence and information security, the Treasury and the ABS.
The investigation is likely to focus on tech giant IBM’s efforts to protect the A$470m (US$360m) project.
The government has been unable to say when the website will be online more than 36 hours after it was shutdown.
MacGibbon stressed that no data was extracted and the site was not penetrated but admitted the episode was “a bit embarrassing” during an interview with ABC NewsRadio.
Asked why the website failed to cope with such “standard” attacks, MacGibbon said: “The prime minister has asked me to review that very question and I’ll be doing that with quite some vigour and quite forensically as soon as I can.”
Chief statistician David Kalisch last night assured the public that their personal information was not compromised.
He said ABS aimed to have the website up and running as soon as possible to allow people to complete their census forms.
“We have steps in place to counter attacks, [but] this one, there was one breach that did actually get through via a third party … and believe that we’ve plugged that gap,” he said.
In the lead-up to census night, the ABS spent hundreds of thousands of dollars on load testing the website and said its servers could handle one million forms per hour.
Two-thirds of Australians were expected to complete the census online this year, rather than on paper.
Debate about privacy concerns has been raised despite assurances from the government that security would not be compromised.
The ABS is now working with authorities to determine the source of the attacks.