The Australian Bureau of Statistics (ABS) is currently in front of a Senate committee that wants to know why millions of Australians were unable to fill out their Census forms on August 9.
ABS chief statistician David Kalisch wasted no time landing the blame squarely at the feet of IBM.
Earlier today, IBM managing director Kerry Purcell confirmed the outage was caused by a distributed denial of service (DDoS) “attack”, brought down by an unusually large level of traffic believed to have come from Singapore.
However, IBM in the past has blamed another contractor, Vocus, for leaving one link open which allowed international traffic to bypass geo-blocking safeguards.
Purcell told the committee today that no private data was compromised and IBM was ready to have the website back up and running three hours after the attack.
He said the website was kept offline for another 40 hours at the request of the Australian Bureau of Statistics.
But Kalisch, perhaps also stung by former ABS chief statistician Bill McLennan’s claim earlier that the bureau now lacks “numbers of people with experience”, said IBM’s system should have been “robust” enough to cope with the traffic – then had a subtle dig at the man who once held his job.
“The ABS of today is more complex and advanced than the ABS of 15 years ago,” Kalisch said.
He said given he was assured the site was secure, Kalisch was surprised to hear it had been brought down by “relatively small-scale DDoS attacks”.
It took the ABS until 2am to determine whether any private data had been taken, hence the bureau’s decision to keep the website offline for so long.
“We wanted to be as sure as we could be that it wouldn’t be vulnerable to a second DDoS attack,” Kalisch said.
He promised the ABS would adopt “a more rigorous approach” to the 2021 Census.