UOW computer science and security experts uncover the issues behind the biggest IT meltdown in recent Australian history.
S ecurity experts across Australia are trying to piece together what happened on the night of 9 August when the Australian Bureau of Statistics (ABS) online Census crashed under the weight of hundreds of thousands of people attempting to complete the online survey.
It is the first time the ABS has attempted to carry out national survey online.
By now many people, including many with little or no interest in technology, would be familiar with terms such as distributed denial of service attack (DDoS), which have been cited as possible reasons for the site’s outage. As the finger pointing and recriminations ensue, UOW information and communications technology and cyber security experts clear up the misconceptions and provide insights into what went wrong and why.
An attack or poor planning?
Professor Katina Michael, from the School of Computing and Information Technology, says that for all intents and purposes, the evidence for an attack on the site does not stack up.
“Network activity maps on the night of 9 August don’t show evidence of an attack from overseas. All the maps are showing no activity for the night in question.”
Professor Willy Susilo, Head of the School of Computing and Information Technology and Director of the Centre for Computer and Information Security Research, agrees that the events that unfolded do not indicate a denial of service.
“In denial of service, computers have been turned into ‘zombies’ and hence they will follow directions from the ‘master’ says,” Professor Susilo says. “At some stage, the master will instruct all of those zombies to attack one particular target, and in this case it could be the ABS Census site.
“They mentioned the possibility of four attacks, but by the time the fourth attack happened, the website would have been closed down to ensure the security of the data. This does not sound like a denial of service attack to me.”
Preparing for rush hour
Professor Michael says it’s possible that technical resources for the Census were not dimensioned properly. “In teletraffic theory there is a notion of the ‘busy hour of traffic’, which is a well known phenomenon in engineering.
“It is nice that the Digital Census was tested for 1 million users per hour filling out the form, and that worked fine during the early part of 9 August. However, by 6pm less than two million forms had been completed.”
Professor Michael says a likely scenario is that people had their dinner, cleaned up, and then headed for the internet to fill out the form all at once. Instead of one million users, up to four million users hit the form all at once. Professor Michael says there might have been constraints on network and system resources that couldn’t scale in time that slowly brought the web page down to a grind and then completely offline.
Professor Susilo says the prospect of a denial of service attack is predictable and the calculations of the site loading should have factored in the possibility of heavy traffic bringing the site down. An ‘unintentional’ denial of service can happen when a site doesn’t expect the type of traffic profile that hits it.
“The main issue in this case is due to the hype that everyone has to enter the Census on 9 August 2016 night,” Professor Susilo says. “By having every single Australian to go to the same site, this in itself constitutes a denial of service attack. In any case, ABS (and hence IBM) should have foreseen that this would happen. If they didn’t see this, then there is a problem on their side.”
He says banning IP addresses from outside Australia accessing the site should have been standard procedure. “The main problem is that the Census is compulsory to all Australians. It would make more sense if the Census was voluntarily, and if the person is away, then there is nothing that should be reported.”
Professor Katina Michael says that in 2015 the ABS itself questioned whether or not they should have a census in 2016. A question she says had a major impact on the events that followed.
“There were time and resourcing constraints for Census 2016 that everyone is well aware of and it’s possible the ABS tried to bite off more than it could chew in a very short space of time and failed miserably at this, not recognising the risk at large of a failure.”
The hang over
Professor Michael, who is also a board member of the Australian Privacy Foundation, says the event could be detrimental to the reputation of Australia’s technology industry.
“This doesn’t fare well on Australia’s technical capacity. It doesn’t look good to the international communities trusting in our government practices and in doing business with Australia, and it doesn’t look good for the future of e-voting,” she says.
“Frankly, it has disrupted the delicate balance we once had with the importance of collecting data from citizens to help in the infrastructure and service provisioning for Australia and its great future.”
Professor Michael says there are remaining questions around data use and privacy and she supports the Australian Privacy Foundation’s call for the data collected in this Census to be scrapped and the process to be started again.
“Citizens must be aware of how their data will be utilised and this should be debated in parliament. We also need to amend the current Census and Statistical Act and be clear about the collection and use of data without the compulsory requirement for names to be stipulated.”