Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Australia Online Census Shutdown After Cyber Attacks

 

Cyber Attack Hits Australia Online Census Service

 

Cyber Attack Hits Australia Online Census Service

Australia was forced to reassure its citizens that their personal data was secure Wednesday, after malicious attacks by overseas hackers prompted an embarrassing shutdown of the online census.

Australians are required to complete the census every five years or face fines, and this was the first time there had been a major push for people to fill in the survey online.

But as thousands of people headed to the official website Tuesday evening, a series of denial-of-service attacks — attempts to overwhelm an online system to prevent people accessing it — prompted authorities to take the site offline.

“It was an attack, and we believe from overseas,” said David Kalisch from the Australian Bureau of Statistics, which organises the census.

“The scale of the attack, it was quite clear it was malicious,” he told the Australian Broadcasting Corporation.

The census website was not back online Wednesday.

The attacks are an embarrassment for the government, which earlier this year confirmed that the weather bureau, which reportedly owns one of the nation’s largest supercomputers, suffered a “cyber intrusion” in 2015.

The Labor opposition jumped on the incident, labelling it “the worst-run census in Australian history” and “one of the worst IT debacles Australia has ever seen”.

But Prime Minister Malcolm Turnbull insisted that no data had been compromised.

The ABS had acted with “an abundance of caution” in shutting down the site after a large-scale denial of service attempt followed by a hardware failure when a router became overloaded, he said.

“The site has not been hacked, it has not been interfered with,” he told reporters in Sydney.

The statistics bureau reassured Australians that their data was secure, with Kalisch saying the shutdown “actually confirms the strong position that the ABS has taken in terms of security”.

Some 2.33 million online forms were submitted before the outage and safely stored.

“The data that comes to ABS is encrypted and it was secured and received safely at the ABS… we have it at the ABS, no-one else has it,” Kalisch said.

On its Twitter account, the ABS Census insisted that no fines would be imposed on the thousands of people unable to complete the survey, provoking even more anger.

“Fine yourselves for the completely incompetent way this was handled,” wrote one respondent to @ABSCensus.

Australians officially have until September 23 to complete the census, with some two thirds of respondents expected to use the internet rather than paper to complete the survey this year.

Written By

AFP 2023

Click to comment

Expert Insights

Related Content

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cybersecurity Funding

Forward Networks, a company that provides network security and reliability solutions, has raised $50 million from several investors.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Network Security

Cisco patched a high-severity SQL injection vulnerability in Unified Communications Manager (CM) and Unified Communications Manager Session Management Edition (CM SME).

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Vulnerabilities identified in TP-Link and NetComm router models could be exploited to achieve remote code execution (RCE).