IBM pays Australian government for Census website collapse on Aug 9

By @vitthernandez on
IBM
A woman passes by the IBM offices in New York City, U.S., October 17, 2016. Reuters/Brendan McDermid

Australian Prime Minister Malcolm Turnbull is blaming contractor IBM for the collapse of the Australian Bureau of Statistics’ (ABS) website on Aug 9. To cover the cost of the incident, IBM – which opened a $12-billion data centre in Melbourne and Sydney in 2014 – made a “very substantial” multimillion dollar settlement.

A new report says the 40-hour failure was because of significant and obvious oversights on the part of IBM in the delivery of the online national survey. The oversights include failure by IBM to adequately test the technology and insufficient online protection even if the census was identified as a high-risk project, News.com.au reports.

Turnbull stresses the website crash was not the result of a clever attack or a deliberate hacking attempt by foreign groups. “This was a series of common or garden, utterly predictable, utterly foreseeable denial of service attacks. It’s not hacking, it’s really just bombarding a website with a lot of hits so the server is clogged up,” Turnbull explains.

The report says there were four minor Distributed Denial of Service attacks on the night of Aug 9 which the eCensus failed to withstand. IBM failed to test a router restart or have a backup synchronised and in place which were significant contributors to the failure of the online national survey that day.

While IBM failed in its contractual obligation to deal with the problem, the report also criticises delayed preparation for the eCensus by ABS and decision to keep names and addresses of first-time participants. Because of the incident, the committee report recommends an open tender process in selecting an IT supplier and more scrutiny in picking the technology for the next eCensus in 2021.

Minister were not spared by the report. David Kalisch, head of ABS, is placed on probation, while all government ministers and senior public servants would be sent to a cyber bootcamp to learn Cyber Security 101, Gizmodo reports. Alastair MacGibbons, author of the review, says Kalisch would be required to make a monthly report on how the ABS is addressing its shortcomings.