In news that surprises no-one, the Census didn’t go as well as the ABS promised it would last night.
In fact, it went epically not-as-well. It was terrible. It prompted the hashtag #Censusfail, and that sums up the national sentiment toward the August 9 car crash of data collection.
First, let’s get all of that mock shock out of your system (and then we’ll explain what happened last night).
An ABS spokesman spoke to The Age yesterday and said some delightfully ironic things about the Census site’s capacity. He said it would be able to handle “1,000,000 form submissions every hour. That’s twice the capacity we expect to need.”
You might also like
He said the transition to online has driven a move to the “strongest encryption technology that current internet browsers will support. There is plenty of reserve capacity to cope if more than 80 per cent of Australians choose to complete the census online.”
Totally NOT overcompensating…
— Sarah McLain (@SarahMcLain_) August 9, 2016
As we found out last night, the website wasn’t as strongly supported as the ABS thought it was. David Kalisch, considered to be Australia’s top statistician, spoke to the ABC this morning to explain what fresh hell happened to the Census servers.
“The online census form was subject to four Denial of Service attacks yesterday,” he explained.
“The first three caused minor disruption, but more than 2 million forms were successfully submitted and safely stored. The scale of the attack, it was quite clear it was malicious.”
Timothy Pilgrim, the Australian Privacy Commissioner, has released a statement RE: an investigation into last night’s security breach.
“I am commencing an investigation of the Australian Bureau of Statistics (ABS) in regards to these cyber attacks, under the Australian Privacy Act 1988. My first priority is to ensure that no personal information has been compromised as a result of these attacks.
[The] ABS have confirmed that a decision was taken last night to shut down the website in order to protect personal data. Yesterday I noted that the Office of the Australian Information Commissioner has been briefed by the ABS on the privacy protections put in place for the Census. My office will continue to work with the ABS to ensure they are taking appropriate steps to protect the personal information collected through the Census.”
A Denial of Service attack doesn’t compromise the data being submitted, but (rather efficiently) shuts the whole thing down with a huge quantity of info. Considering the huge public backlash stemming from the ABS’ selective hearing, the breach was considered inevitable.
Explaining to The Australian that a DDoS attack was always on the cards, Steve Wilson, the managing director of LockStep, said
“They (the ABS) said this data is not identifiable, that the site is secure. It was red rag to a bull. A number of hactivists would say ‘I’m going to show you’.
“But there is very little you can about a well organised DDoS attack on finite budget.”
Given that millions of Australians can play Pokemon Go at once and it doesn't crash is a good reason to outsource the census to Nintendo
— Tim Beshara (@Tim_Beshara) August 9, 2016
It’s 110% appropriate to include this clip.