Presumably, this is because most of the politicians and public servants have little clue about the technology failure and are desperate to cover for their incompetence. In large part, most of the tech "experts" who have been on display have also spouted the government line, probably in the hope that future public sector contracts would fall their way.
There has been one tech analyst, who appeared on the ABC News 24's Breakfast programme, who did not fit the mould. Mark Gregory from RMIT University was the only person who expressed serious doubts about the governmental excuses. He said nothing should be taken for granted until there was some evidence either way.
Technical people like him are what we need to cut through all the bulldust. One person who is an expert in this art is Craig Sanders, a systems administrator of many decades, and one who can speak plainly. Many years ago, following a major distributed denial of service of attack on the Internet's root name servers, he was one who educated me on the phenomenon. This time was no different with Sanders; he calmly and clearly pointed me in the direction of the evidence that was needed.
Such companies are a dime a dozen these days and every single one which had even the slightest evidence would have been all over the media trying to put their faces in front of a camera – or trying to get a few words in print or online.
Not a single company showed up with even a skerrick of evidence. That should speak for itself.
The Australian government and the ABS officials, chief statistician David Kalisch foremost, are sticking to the "foreign hand" defence. If they're making that claim, however, they should be able to back it up with some very conclusive data – network traffic graphs at a minimum, including graphs during the time of the alleged DDoS and during their testing of expected peak load.
And one would expect to see significant differences there, even taking into account the fact that synthetic load tests rarely reflect real-world usage.
They should also be able to provide IP addresses — or at least, a list of source IP country codes — with packet and/or hit counts to prove a DDoS. It must be borne in mind that if a significant percentage of packets/hits — over 40% — were from outside our borders, there may have been a DDoS.
The claims of a foreign hand would be greatly strengthened if the ABS make their router and web-server logs — suitably anonymised, e.g. only the first three octets of IPv4 addresses — available for analysis by independent third parties. These need not be publicly available, but at least they should be provided to respectable and trustworthy outsiders who were not involved in setting up their site.
If this cannot be, or is not, done, then there are sufficient grounds to suspect that the ABS and the government are merely offering excuses for poor planning and testing.
Another fact arguing against the government excuses is the website digitalattackmap.com which shows clearly that there was no significant DDoS targeted at any website in Australia on census night.
This site tracks only big DDoS attacks, but any attack capable of taking down the census website should have been big enough to show up there. To put it another way, if it wasn't big enough to show up there, then it would not have been big enough to take down the census site.
It is easy to see on the digitalattack site that there have been other DDoS attacks which targetted Australia in the last month or so; in other words, Australia is not a foreigner to the kind of attacks that are big enough to register on digitalattackmap.com.
The most recent was on 2 Aug at 09:46 GMT (19:46 AEST) and it lasted for 13 minutes, peaking at about 34Gbps. Hence the question to Prime Minister Malcolm Turnbull, his cohorts, Kalisch, IBM and Revolution IT, the main players, is: show us the proof.
Rick Moen, a veteran sysadmin from California, who has also provided extremely valuable insight in the past, was inclined to be somewhat mellow this time.
"As someone who does large-scale Operations work, I sympathise with Kalisch's problem," he said. "My understanding is that ABS's rollout to digital submission is new this year, and it's difficult to make huge systems like this scale well on initial rollout, even after load testing.
"Problems can occur from unexpected software problems, failure to include hardware load balancing, router errors, plain shortage of capacity, and in a variety of other places. Good planning and reviews should get the kinks out, over time."
Moen said he found Kalisch's explanation, that the ABS took the site offline to terminate a claimed denial of service attack, strange, as this attack was aimed at precisely that objective. "I applaud his bureau putting emphasis on protecting Australian citizens' privacy and security, and wish his group a better experience going forward," he added.