What were Australians doing on the evening of the 9th of August, 2016? All jumping on the bandwagon to fill out their Australian Bureau of Statistics (ABS) Census details on the Census website yet once logged in were confronted with error messages and website server not found notifications. The ABS confirmed that the issue was a website overload of demand causing a Distributed Denial of Service (DDoS).
A DDoS occurs when a high demand of a specific service is attempted to be accessed, this type of attack makes the service unavailable by overwhelming it with traffic from multiple sources similarly to the situation which happened to the “Click Frenzy: The Sale That Failed” back in November 2012.
Following thereafter, more bad news came to play, as several new updates were posted on the Census Australia’s twitter page stating that the website outage may have been caused by several Cyber Attacks and servers were to be taken offline to defend from these attacks.
Whether a Cyber Attack or DDoS, ABS should have clearly monitored and managed their Security Controls and catered for the service demand, and having millions of Australian’s personal information in ABS’s systems could potentially be a serious security concern. This issue cannot be taken lightly as Australians trust the Australian Government to protect them from non-disclosure and confidentiality of personal data.
This was the first time and maybe the last the ABS introduced the online Census Form, to go completely paperless, many people from the public have gone online to express their concerns, asking for who is responsible and are Australian’s privacy data safe and to sign up to a petition to scrub the online Census and go back to paper.
Luckily for those who were in the same pool as everyone else that could not complete the Census will not be fined and have up until end of September 2016 to complete the online Census Form. We hope next time round, mistakes and lessons learnt will prevent a reoccurrence of this type of event from eventuating.