The government says it will fund efforts by the Australian Bureau of Statistics (ABS) to avoid a repetition of the 2016 Census debacle, which involved a high-profile failure of its online component.
The 2016 eCensus suffered a series of distributed denial of service (DDoS) attacks that a government-commissioned review concluded were “predictable and defeatable”. On Census night the ABS eventually ordered the system to be taken offline out of concern that an attacker may have been exfiltrating data — although that turned out to be a false positive.
The 2019-20 budget states that the government will spend an additional $38.3 million over three years from 2019-20 to help the ABS deliver the 2021 Census. That additional funding “will address issues arising from the 2016 Census” — including the recommendations of the 2016 review led by Alastair MacGibbon, now the head of the Australian Cyber Security Centre (ACSC), and a Senate inquiry into the events of 9 August 2016.
The MacGibbon review found a range of shortcomings in the approach of ABS and IBM, which won the contract to deliver the online portion of the 2016 Census.
The Census suffered a series of four relatively small DDoS attacks that led to “preventable” outages due a “failed geoblocking strategy” dubbed Island Australia, the review found. The problems were compounded by a problem with a router restart during the fourth attack and a false positive from a network monitoring system indicating possible data exfiltration.
IBM was subject to withering criticism by then prime minister Malcolm Turnbull in the wake of the events, with the government in November 2016 announcing it had reached a confidential settlement with the technology company.
The report of the Senate inquiry into the events, released in late 2016, noted with concern that the ABS’s “funding has been eroded over a number of years while the demands and expectations placed on the organisation have increased.”
The ABS in September last year began seeking a provider to help deliver the online component of the 2021 Census. An approach to the market by the agency said that it expects during the next Census the “digital service will be the default and most convenient channel for the public”.
“The ABS will work closely with interested suppliers to confirm proposed solutions can deliver high standards of security, reliability and capacity required for the 2021 Census,” Chris Libreri, ABS general manager, Census and Statistical Services Division, said at the time.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.