Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Thursday, 11 August 2016 09:46

Census 2016: ABS needs to provide proof of DDoS Featured


Like many other issues in Australia, Tuesday night's census debacle has turned into a political bunfight, with the technology being very much a minor debating point.

Presumably, this is because most of the politicians and public servants have little clue about the technology failure and are desperate to cover for their incompetence. In large part, most of the tech "experts" who have been on display have also spouted the government line, probably in the hope that future public sector contracts would fall their way.

There has been one tech analyst, who appeared on the ABC News 24's Breakfast programme, who did not fit the mould. Mark Gregory from RMIT University was the only person who expressed serious doubts about the governmental excuses. He said nothing should be taken for granted until there was some evidence either way.

Technical people like him are what we need to cut through all the bulldust. One person who is an expert in this art is Craig Sanders, a systems administrator of many decades, and one who can speak plainly. Many years ago, following a major distributed denial of service of attack on the Internet's root name servers, he was one who educated me on the phenomenon. This time was no different with Sanders; he calmly and clearly pointed me in the direction of the evidence that was needed.

If the census website crashed due to foreign intervention — either through a denial of service or a distributed denial of service how is it that none of the major security companies around the world did not notice it? You would need an attack of some magnitude to take down the ABS census site.

Such companies are a dime a dozen these days and every single one which had even the slightest evidence would have been all over the media trying to put their faces in front of a camera – or trying to get a few words in print or online.

Not a single company showed up with even a skerrick of evidence. That should speak for itself.

The Australian government and the ABS officials, chief statistician David Kalisch foremost, are sticking to the "foreign hand" defence. If they're making that claim, however, they should be able to back it up with some very conclusive data – network traffic graphs at a minimum, including graphs during the time of the alleged DDoS and during their testing of expected peak load.

And one would expect to see significant differences there, even taking into account the fact that synthetic load tests rarely reflect real-world usage.

They should also be able to provide IP addresses — or at least, a list of source IP country codes with packet and/or hit counts to prove a DDoS. It must be borne in mind that if a significant percentage of packets/hits over 40% were from outside our borders, there may have been a DDoS.

The claims of a foreign hand would be greatly strengthened if the ABS make their router and web-server logs suitably anonymised, e.g. only the first three octets of IPv4 addresses available for analysis by independent third parties. These need not be publicly available, but at least they should be provided to respectable and trustworthy outsiders who were not involved in setting up their site.

If this cannot be, or is not, done, then there are sufficient grounds to suspect that the ABS and the government are merely offering excuses for poor planning and testing.

Another fact arguing against the government excuses is the website which shows clearly that there was no significant DDoS targeted at any website in Australia on census night.

This site tracks only big DDoS attacks, but any attack capable of taking down the census website should have been big enough to show up there. To put it another way, if it wasn't big enough to show up there, then it would not have been big enough to take down the census site.

It is easy to see on the digitalattack site that there have been other DDoS attacks which targetted Australia in the last month or so; in other words, Australia is not a foreigner to the kind of attacks that are big enough to register on

The most recent was on 2 Aug at 09:46 GMT (19:46 AEST) and it lasted for 13 minutes, peaking at about 34Gbps. Hence the question to Prime Minister Malcolm Turnbull, his cohorts, Kalisch, IBM and Revolution IT, the main players, is: show us the proof.

Rick Moen, a veteran sysadmin from California, who has also provided extremely valuable insight in the past, was inclined to be somewhat mellow this time.

"As someone who does large-scale Operations work, I sympathise with Kalisch's problem," he said. "My understanding is that ABS's rollout to digital submission is new this year, and it's difficult to make huge systems like this scale well on initial rollout, even after load testing.

"Problems can occur from unexpected software problems, failure to include hardware load balancing, router errors, plain shortage of capacity, and in a variety of other places. Good planning and reviews should get the kinks out, over time."

Moen said he found Kalisch's explanation, that the ABS took the site offline to terminate a claimed denial of service attack, strange, as this attack was aimed at precisely that objective. "I applaud his bureau putting emphasis on protecting Australian citizens' privacy and security, and wish his group a better experience going forward," he added.

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinatrs and campaigns and assassistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.



iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.


Sam Varghese

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News