August 10, 2016 | Graham

Census fail

The failure of the online census software carries multiple lessons for Australian democracy, but also Australian defence.

It demonstrates our toxic culture, where many will burn the town down to save it, and it gives a glimpse into how vulnerable our infrastructure could be in the event of international hostilities.

First some clarification, and for this I am relying on the official account being accurate. According to the ABS the failure was not the result of a hack, it was the result of a denial of service attack combined with a high number of form submissions, an overloaded router and a false positive. After that the ABS took the form offline.

So, no data was accessed from outside the system.

But that is not the impression that the public has been given with incompetent journalists being unable to read a media release properly, and using the terms “hacked” and “hackers” freely (such as this article from the ABC, posted around 1:30 pm today).

Hacking occurs when someone actually penetrates a system, not when they manage to close it down by overloading it (which is the mechanism used by a denial of service attack).

Why was the census targeted? One “expert” claimed it was because the ABS had declared it was “hack proof” which would be like a “red rag to a bull”, but what led the ABS to make this claim?

It was a response to a long campaign by activists that the census data were not secure. What else could the ABS respond “yeah sure, our system can be hacked”?

This is a classic heads you lose tales I win situation. No answer would satisfy the complainant.

A bit like Labor spokesman Andrew Leigh who, while saying he thought it was safe to provide your name, sought to give every impression that there were problems with the census, and criticised the government for not explaining it better.

Why the government should be taking the rap for what an independent agency does is a little fuzzy.

He was seeking to profit from the paranoia, while proclaiming the necessity of the Census, but covertly being happy to sacrifice it for political advantage.

Then you have independent Nick Xenophon, and a gaggle of Greens, undertaking to withhold their names, in defiance of the law, although not encouraging the public to necessarily follow suit (yeah right).

More positioning for political advantage.

When they say the Census is vital, don’t believe them. What they really see as being vital is giving the impression that the government is in disarray, so they can drive a harder bargain somewhere else, and bugger the Census.

Ironically the Internet makes all of this more potent as blow-hards, with and without IT expertise, advise everyone that not only is supplying your name risky, and the information is not secure, but the government is introducing the Australia Card by stealth.

One thing is sure. Once the dust settles we need to know what actually happened, and the contractor, and or appropriate staff, held accountable if they are at fault in the technical delivery of the service. (In this respect it is a little ominous that IBM was the provider of the botched Queensland Health payroll system).

The other thing that is sure is that buying new jets and submarines is not the end of defence expenditure.

The chaos around the Census is just a little foretaste of what could happen in a serious conflict. At least the census has good redundancy, in the shape of a hard copy form, built in. And perhaps it was over-caution that brought the site down rather than the attacks.

But in the world of the “Internet of things”, with many systems and their data effectively being in the cloud, and our supply lines and infrastructure being largely just in time and increasingly computer controlled via the Internet, it could be possible to bring us to our knees without even a shot being fired with real hacking.

If it’s not in the supermarket, I’m not sure about you, but I have no idea how to find, hunt and bring it home. Without power I don’t know how long I’d be able to live on the food in the pantry and the jug of water in the fridge. What would I use for cash if the ATMs were jammed, or the banking system brought down?

Perhaps that means the Internet has brought mutually assured destruction down to another level, making war actually unthinkable, or perhaps it means we need to rethink what vulnerability actually means in a modern, internet-connected world.

The Census fail may prove to be a blip, but it is a blip that should set us thinking. Especially with sabre rattling not just confined to the South China Sea, but occurring in the Olympic swimming lanes.


Posted by Graham at 4:14 pm | Comments (3) |
Filed under: IT Tags:


  1. Multiple lesson for Turnbull, too, who had some time waffling on about ‘his’ NBN when he was Communications Minister. I doubt the lessons will fall on fertile ground, however.

    I heard on radio a person claiming considerable knowledge of IT prior to his retirement, that the ABS could not have possibly done the required simulation of the huge number of hits to be expected on the new website, given the shocking failure of the site last night. Easier to blame hackers than fess up.

    Comment by ttbn — August 10, 2016 @ 6:12 pm

  2. Many people mostly journalists and politicians do not have a clue
    what happened.
    You probably get those emails that ask you to accept a job or talk to nice girl etc etc.
    In some of them if you click on the link they give it downloads a little program that is installed on your computer and then sends a message back to its boss with the ip address or the email address of the machine it installed itself onto.
    Then at sometime in the future the programs owner sends out a message to all those waiting programs and tells them to connect and keep on connecting to the web site whose address was in the message it just sent to thousands of computers that are holding
    the little program.

    That is what is a denial of service attack.
    If you want to blame someone blame those dills that click on anything that you are curious about instead of knowing what you are doing.

    Comment by Brad — August 10, 2016 @ 7:09 pm

  3. There is no need for the Govt to have our ID for Census info.In fact, anonymous info makes for more accurate stats.We have creeping fascism enabled by the umbrella of the exaggerations of terrorism. The New World Order ideal of one world Govt will totally en-salve all our humanity.Graham, are you on the side of freedom of the human spirit,or the way the Western Central Bankers debt money destruction?

    Comment by Ross — August 12, 2016 @ 7:14 pm

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.