Australian online census shut down by cyber attacks

0
157

Australia’s first attempt to conduct a census online was in disarray after several cyber attacks and a hardware failure led to the website being shut down, officials said Wednesday.

The Australian Bureau of Statistics shut down the site to protect data Tuesday night shortly after a blocking shield failed to stop traffic from a fourth denial-of-service attack that came from somewhere overseas, the government said.

Prime Minister Malcolm Turnbull said the bureau of statistics shut down the site “out of an abundance of caution” and would reopen it once the bureau, government security agency Australian Signals Directorate and the systems provider IBM were confident that it was safe from cyber attack.

“I want to assure Australians that the unequivocal advice we have received…is that their Australian census data is safe, it has not been compromised,” Turnbull told reporters.

The bureau’s chief statistician, David Kalisch, said he decided to shut down the site after the blocking failure led to an overloaded router breaking down, potentially making data vulnerable to hacking during a peak period, and the performance monitoring system “throwing up some queries to us that we needed to investigate.“

Special Adviser to the Prime Minister on Cyber Security, Alastair MacGibbon, said while government agencies routinely weather such cyber attacks without disruption, the bureau of statistics was the victim of a confluence of events.

“There were a series of events that only by lining them up end-on-end led to the unfortunate circumstances of last night,” MacGibbon said.

The opposition blamed underfunding for the bureau for the failure, saying it would reduce responses to the census and compromise the results.

“This has been the worst-run census in Australian history and one of the worst IT debacles Australia has ever seen,” opposition lawmaker Andrew Leigh said.

The bureau of statistics said 2.33 million Australians, including Turnbull, managed to access the site on Tuesday before it was shut down.

Australia’s Privacy Commissioner Timothy Pilgrim said in a statement he was investigating the cyber attack “to ensure that no personal information has been compromised.“

Australian security officials were attempting to determine the source of the attacks, officials said. The census is conducted every five years, but the decision to conduct it primarily online and to keep the information for four  years before it was destroyed instead of the usual 18 months heightened privacy concerns this year.

Several senators announced that they would risk fines by refusing to include their names and addresses in their census forms. Officials attempted to allay fears by boasting that the bureau of statistics had never been hacked.

After the site was shut down, thousands of people who telephoned the bureau for an explanation were told by a recorded message to call back Wednesday.

While the census focuses on people’s circumstances on Aug 9, forms started to be accepted a week before that date and will continue to be accepted until Sep 23. About 3 million traditional paper census forms were provided to householders on request.

Conducting most of the survey online was estimated to save $76 million.