Australian Census Website Taken Down Under by Cyberattack


Sometimes when an organization is afraid that a distributed denial of service (DDoS) attack is about to take down its website, perhaps it should just beat the hackers to it and shut the site down itself.

At least that’s what the Australian government did to its census 2016 website.

The Australian Privacy Commissioner says that he is satisfied that no personal information was taken from the Census system. On the night of Aug. 9 the Australian Bureau of Statistics (ABS) thought that the website had been the target of a distributed denial of service (DDoS) attack from outside Australia as hundreds of thousands of Australians were attempting to access the site to fill out their census form.

Australian officials have since given a variety of conflicting explanations for what had happened.

The chief statistician said that there were four DDoS attacks. The Minister for Small Business said it was “neither an attack nor a hack.” And the prime minister’s cybersecurity advisor said there was a DDoS attack that was compounded with a number of technical issues, including the failure of the ABS’s geoblocking system and a router failure.

Either way, the ABS’s chief statistician shut down the website as a precaution in order to protect personal information.

Global media resource The Conversation questioned whether the census website was even capable of handling the amount of legitimate visitors to the website. A higher volume of traffic than a website can handle is indistinguishable from a DDoS attack, which according to a recent study, is most likely to happen on a Tuesday, just like the Aug. 9 attack against the Aussies.

Prime Minister Malcolm Turnbull, criticized his own government for the incident, calling a DDos attack “absolutely commonplace and highly predictable.” And if it was a result of too much traffic on an unprepared website, all the ABS had to do was Google “Obamacare website” to avert this embarrassing incident.

Turnbull has maintained that it was a cyberattack routed through the U.S., and the website was more than prepared to handle the highest spike in traffic that occurred.

To keep up with the constantly evolving world of privacy and security sign up for the Bloomberg BNA Privacy and Security Update.