General public lose confidence in government over recent Census debacle

By now all of you must have heard about the debacle that is the latest census. The intent of going electronic was right, but the execution left a lot to be desired! Unfortunately, the issues we had with the site has had a number of negative consequences. A full review will be commissioned, but in the meantime we can expect “heads to roll” and the IT supplier is likely to have to pay some sort of compensation. However, from my perspective, the biggest fallout is the big dent in confidence that this debacle has led to with the general public. Indeed, it will be a pity if this issue leads to future technology projects not getting off the ground due to this general lack of confidence.

Having looked at the potential fallout, let’s try and analyse what may have potentially happened. I am using the word ‘potentially’ here as no formal investigation has been conducted and as a result there is no official word on this. From what we have read and heard, any one of the following scenarios could have occurred:

  1. A distributed Denial of Service (DDoS) attack may have taken place from overseas, either overwhelming the internet connection to the website or the servers hosting the website themselves
  2. A similar attack could have occurred emanating locally from within Australia
  3. The web infrastructure hosting the website was not designed with enough capacity and when a large portion of the population tried to logon at the same time on Tuesday evening, the website failed
  4. A fourth scenario is possible where there was a failure in any of the system components of the web infrastructure leading to the outage, but this perhaps the least likely of all scenarios.

As stated before, without a full investigation being conducted, it is difficult to say which of the above may have eventuated.

Having discussed the possible scenarios above, let’s now look at the mitigations that could have been in place to prevent the issue. I will only concentrate on the first three as these are the likely scenarios:

  1. An international DDoS – there are many solutions in the market available from technology providers to help mitigate DDoS attacks. Attacks flooding the internet connection to the website are best addressed using any of a number of technologies available on the market in conjunction with the internet provider. Attacks targeting the website itself can be addressed using various technologies in conjunction with the website designer. To stop an overseas based DDoS attack, your internet provider could simply filter out all requests to the website originating from an overseas IP address. The point here is that there are many technology solutions in the market that can easily be obtained to address a DDoS attack.
  2. A local DDoS – the solutions discussed above are equally applicable to a local DDoS attack as well. The only exception is that it is counter intuitive to filter out local IP addresses for obvious reasons. DDoS attacks are quite common now and for something as prominent as the census website, protection against DDoS attacks should have been a mandatory requirement
  3. Inadequate capacity within the web infrastructure – this again can, and should have been, addressed with relative ease. Estimating peak load (e.g. 70% of the population logging on between 7.30pm and 11.30pm on census night) and then testing the ability of the website to handle this load should have clearly revealed its robustness in this scenario. If issues were found, adding more capacity and / or applying other technology solutions such as load balancers should have addressed the issue. The point to remember here is that your estimate of peak load has to be accurate in order to model the right amount of traffic and subsequently be able to detect any issues and remediate them. I suspect that this may have led to some of the issues we saw

The government’s initiative to use electronic means to carry out the census was a good call in utilising technology to make things more efficient and effective. Unfortunately, the execution was not quite on the mark and has potentially led to a general loss of confidence in projects of this type. A number of possible causes for this issue has been discussed ranging from overseas and local DDoS attacks to the infrastructure not being able to handle peak load. I have discussed some simple steps to mitigate these issues ranging from technology solutions to mitigate DDoS attacks to simple steps around load testing and then implementing technology solutions to address any issues determined. One can only hope that all parties involved can learn some key lessons from this situation and that we do not get a repeat of this with future technology initiatives.

Join the CSO newsletter!

Error: Please check your email address.

Tags hackersABSDoS attackscensus 2016IRAPAustralian GovernmentIT managementcyber securityDDoS attacksasdDDoS ProtectionddosNextgen Networkse-censuscensusAustralian Bureau of Statisticshacked computers#censusfailus governmentCDNsAustralian censushacking scandal

More about

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Ashwin Pal

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place