Cookies on Pinsent Masons website

This website uses cookies to allow us to see how the site is used. The cookies cannot identify you. If you continue to use this site we will assume that you are happy with this

If you want to use the sites without cookies or would like to know more, you can do that here.

Australian census website offline after attack

A census website run by the Australian Bureau of Statistics (ABS) has been shut down after being hit by several denial of service attacks.11 Aug 2016

The ABS said it was "subjected to an attempt to frustrate its collection of census data" on 9 August.

ABS systems deflected three denial of service attacks during the day, but a fourth attack in the evening coincided with a large increase in traffic to the site as Australians logged on to complete the census. A router also became overloaded, and a 'false positive' alarm occurred in system monitoring, the ABS said.

Applying "an abundance of caution", the ABS decided to shut down the census form, it said.

The Australian government and Australian Signals Directorate (ASD) have been informed of the issue. Reviews by IBM, the ASD and the ABS "have confirmed that this was not a hack – no census data was compromised", the ABS said.

The system will be restored when ABS is confident that it is "robust and secure" and after clearance from the ASD, it said.

"The ABS apologises to the Australian public for inconvenience caused and reassures Australia that no data has been lost or compromised. The ABS has an unblemished record of protection of data and there has never been a breach in relation to census data. The protection of census data has and always will be our first priority," ABS said.

ABS head David Kalisch told Australian ABC News that he believed the attacks were a deliberate attempt to sabotage the census.

Cyber security expert Paul Haswell of Pinsent Masons, the law firm behind Out-Law.com said: "The ABS is in a difficult position. Even though no data appears to have been compromised and the attacks have sought purely to bring down the ABS census website, users of the site are understandably nervous regarding the security of their data."

"Data collected as part of any census, if compromised, would be incredibly valuable to hackers and could expose affected users to inconvenience, fraud and identity theft. Even though ABS is doing the right thing and reacting quickly by temporarily shutting down the site, this is unlikely to quell the fears of those who have submitted or are trying to submit their census forms," he said.

"The ABS now faces not only a technological battle, ensuring that the site is as protected against cyberattack as it can be, but one to reassure the Australian public that their data is safe," Haswell said.

The move to an online census, along with plans to store census data for four years instead of the usual 18 months, has raised privacy fears in Australia and brought calls for a boycott, the Sydney Morning Herald said.