Networking wonks say lousy planning, not DDOS, caused #Censusfail
Nope, no unusual traffic here say operators and security types
The failure of the Australian census seems to be a failure of planning.
The Federal Government is blaming a distributed denial of service attack (DDoS) and an abundance of caution for sending the once-every-five-years Antipodean citizen survey into a grinding halt beginning last night and continuing as of the time of writing.
Yet your correspondent would hazard should the question of 'what will bring down the Census' be asked on Family Feud, the top scoring answer would be a DDoS attack.
So how is it that the world's most boring attack vector was able to crush a multi-million dollar Federal Government operation some five years in the planning?
Multiple prominent networking and security people The Register has spoken to have not seen evidence of a large DDoS attack.
That does not mean the attack did not happen, or that apparent woeful internal technical failures were solely to blame, and the Government has lied about the cause of the outage.
Skeeve Stevens, founder of peering provider eintellego Networks, is one of many in the telco community who has not seen evidence of a large flood capable of taking down Census assets. ("Although I could have taken it out in the blink of an eye," Stevens reckons.)
Distributed denial of service attack mitigation company Arbor has not seen attack traffic either.
Nor have other networking and security specialists at rival global DDoS attack mitigation companies. Some of these folks strongly question whether there was a DDoS at all.
Arbor reckons DDoS mitigation and best practice infrastructure should have punted the attackers, had it been in place.
It is not known if DDoS mitigation was used, or indeed what any controls were in place, other than a geo-IP blocker that failed and let in bad traffic from the United States, so says the Government.
And that bring us to the central question; how is it that an attack vector any internet idiot can pull off with DDoS booter services was able to best the Federal Government and its AU$9.6m Census contractor IBM?
Tech company CSC reckoned in 2014 that sarong-clad Byron Bay hippies were the chief threat to the State of New South Wales' eVoting platform, so easy is it to launch DDoS attacks as a means of protest.
A large portion of tech-savvy Australians had as much reason as those besieged anti-coal protesters to want to launch a DDoS; the Government had rebuffed their more than 12 months of opposition to the new requirement that the Census would record and pair their names and addresses to their answers, storing it for four years.
So it was obvious a DDoS attack on Tuesday night would be a likely event.
The Register will not reiterate the hacking community's universal claims of failure by overpaid thought leaders and underpaid and overworked interns, since details are still forthcoming, but that the surely chief disruption vector to Tuesday night was the cause of the outage ought to lead to some hard questions being asked.
And with Prime Minister Malcolm Turnbull losing the day's media cycle, losing public confidence in government cyber security, and losing progress towards national e-voting in Australia, you can bet he will asking them. ®