Nextgen and Vocus have denied IBM's claims.

In a submission to the parliamentary panel inquiring into the census debacle, IBM said that ahead of the census, it had anticipated and planned for the risk of DDoS attacks.

The main defence planned was geo-blocking, which was known internally at IBM as Island Australia.

But IBM has also admitted that its employees made errors, stating: "Regrettably, the 7.27 pm DDoS attack (the fourth attack on 9 August) also caused one of the mechanisms used by IBM to monitor the performance of the census site to miscarry.

"As a result, some IBM employees who were observing the monitor mistakenly formed the view that there was a risk that data was being exfiltrated from the website and that the risk needed to be further investigated.

"Out of an abundance of caution, IBM shut down access to the site and assessed the situation. The cause of the problem was identified. No data exfiltration occurred."

The census site was taken offline on 9 August at about 7.30pm, with claims that a distributed denial of service was to blame. No proof has yet been offered to back up this claim.

IBM said this method (geo-blocking) was chosen "because the primary risk of DDoS attacks of sufficient size to disrupt site availability was considered to be from foreign sources".

It pointed out that public access to the site was provided by two ISP links: one by Nextgen Networks and the other by Telstra.

On census night, the submission says, a DDoS attack from a foreign source hit the site at 7.27pm. There had been smaller attacks during the day.

"The attack was foreign-sourced and hit the census site via the Nextgen link at a time when IBM had already directed Nextgen (and Telstra) that Island Australia was to be in place and in circumstances where Nextgen had provided repeated assurances to IBM prior to the attack that it had done so," the submission says.

But IBM claims these assurances were incorrect.

It says it was told, a day after the attack had passed, that "a Singapore link operated by one of Nextgen’s upstream suppliers (Vocus Communications or Vocus) had not been closed off and this was the route through which the attack traffic had entered the Nextgen link to the census site".

IBM also claimed that Vocus had admitted the error during a teleconference with it, Nextgen and Telstra around 11pm on 9 August.

The submission says that if Nextgen, and through it Vocus, had properly implemented Island Australia, it would have prevented the DDoS attack and avoided the debacle that occurred.

"The geo-blocking arrangements are implemented by the ISPs at the direction of IBM. When a DDoS attack is attempted, and is sufficiently severe so as to warrant implementing the geo-blocking arrangement, IBM directs Nextgen and Telstra to put Island Australia into place," it said.

The submission said that both before and during the census, information about security processes was treated as confidential and "generally shared only on a need-to-know basis to ensure site security".

It said the Australian Bureau of Statistics and the Australian Signals Directorate were both aware that IBM intended to use geo-blocking.

"The ABS' IT security personnel considered geo-blocking to be an 'extremely effective control'," the submission says.

Additionally, IBM said, it understood that the ASD had been asked by the ABS to review the security arrangements for the site, "but the ASD declined to undertake a detailed review".

IBM and the ABS met the ASD on 21 July to seek input on security threats. "During the course of that discussion, IBM asked the ASD if it was aware of any intelligence relating to planned denial of service attack risk. The ASD said it was not and (said) that it would keep the ABS/IBM informed if such intelligence emerged. The ASD did not provide IBM with any such intelligence."

The submission further said that IBM was aware that the ABS met ASIO representatives on the same day (21 July) to discuss security issues relating to the census, but was unaware of what was discussed.