SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
AI Security
#
AI
#
DDoS
Hacker scare shuts down Australia's census site
Mon, 15th Aug 2016
FYI, this story is more than a year old
By Sam Worthington, News Editor
Follow us

The Australian census website was shut down last week after reportedly being targeted by foreign hackers.

However, reports claim the federal government denies the census site was attacked or hacked, and that no data was lost.

Dr Jon Oliver, senior architect at Trend Micro, says he has complete confidence that the Australian Bureau of Statistics was prepared.

“Part of the problem is that they are collecting online a dataset of very high value in a short period of time, and anything of that value (with some controversy as well) will attract all manner of attackers including potentially sophisticated attackers,” says Oliver.

“There is also the possibility that more sophisticated attackers were attempting to breach the systems under the cover of a straight forward DDoS (Distributed Denial of Service​) attack. I agree with the ABS' decision to close the site down after they had compelling evidence that these attacks were indeed happening.

Dan Slattery, senior information security analyst at Webroot, says there is speculation that the attack happened as a protest against the ABS's decision to collect and save personally identifiable information alongside the census, for the first time this year.

“There were worries that there may be a data breach and this information will become public or used for malicious purposes. The ABS have reported 14 separate data breaches since 2013,” says Slattery.

“DDoS attacks are reasonably easy to achieve, hackers can purchase botnet resources and point the distributed power of the compromised systems towards a specific server or website. These attacks are designed to disrupt access and bring a service offline. It isn't designed to compromise data,” he adds.

Slattery also says that DDoS attacks are hard to stop because every server that is connected to the Internet is in some ways vulnerable.

“The best way to mitigate the effectiveness of a DDoS attack is to plan ahead. It is important to have thorough estimates of the typical load on the servers and potential peak usage,” says Slattery.

“Since the ABS was planning on most households filling out the census on the 9th August they would have planned for the potential of having millions of concurrent users.

It's reported that no data was compromised or lost amidst the shut down and about 2.33 million census forms were successfully submitted beforehand.

Related stories
Illumio unveils AI enhancements for faster Zero Trust Segmentation adoption
Business leaders anxious over data security – report
Half of online traffic in 2024 generated by bots, report finds
Trustifi launches innovative phishing detection training for MSPs
Cisco launches Hypershield for AI-driven security upgrade
Top stories
Fortinet recognised as Challenger in Gartner's 2024 Magic Quadrant for SSE
Coalition integrates cyber risk platform with top cloud services providers
Secolve & Asimily join forces to boost Australia's IoT security
Armis warns of major cyber-attack risk to 2024 global elections
i-PRO to support Genetec SaaS with new AI-enabled camera models