August 12, 2016

Why Australia's Census Website Crashed, China's NSA Innocent!


China's NSA HQ, in northern Beijing, is innocent, in this case, of hacking the Australian Census for 2016 Website (the cartoon below reflects the chaos).


The national Census of every Australian is mercifully held every 5 yeas. BUT August 9, 2016 was the first time the public were invited to mainly fill out their forms using a huge, "perfected", Census Website.

On Census Night, Tuesday August 9, 2006 bad become worse when, not thousands but millions of Australians tried to fill out their Census Forms online. But the Census website crashed when most tried on "Census Night" August 9, 2016.

China, always easy to blame, was blamed for launching a diabolical Distributed Denial of Service (DDoS) attack on Australia Census website - but there seems no convincing proof of that. 

Confirming the accuracy of this sequence, once the government's contradictory statements are ironed out, Australia’s SkyNews reported today (August 12, 2016) http://www.skynews.com.au/news/top-stories/2016/08/12/no-resignations-yet-over-census-debacle.html :

“Mr Turnbull told reporters [today] the attacks appeared to have originated in the United States, but the actors were not necessarily American.

'It is not very difficult to route traffic through another country using private networks and virtual techniques,' he said.

...Earlier on Friday Senior Minister Christopher Pyne appeared to confirm the disruption of the census came from within Australia."

WHAT I THINK HAPPENED!

I've thought more about the Census Denial-of-Service (DoS) of 9 Aug 2016. 

DoS doesn't have to be intentional. It can happen merely because too many people, through their PCs, try to access a site all at once.

If the equivalent of short-term Random Access Memory (RAM) is so configured for a "Mainframe" that is not programed to accept so many users all at once, then the Mainframe "Denies" to "Serve" any of the users. It is perceived to "crash".

Users in locations all over Australia automatically go through US-based servers (eg. at *) to access sites back in Australia. That is why people at internet security agencies in Canberra would have perceived a spike in traffic (around 7.30pm #) from the US to the Census site in Australia.

# A particular problem I saw on the night was that after the 7pm TV news reminded poeple to fill out their internet Census a high simultaneous number of Aussies tried. 

When tried to access the Census site, I saw that the Census site was not simply Crashing at my first attempt (first 10 seconds or so) which would have "cleared the deck" for 100,000s lucky users. Instead the site was allowing 10 to 20 automatic "redials" every 10 seconds or so. 

If there was millions of Aussies trying around 7.30pm then that would therefore register as up to X? x 1,000,000s x 20 near simultaneous attempts - which would Crash almost any poorly planned Mainframe RAM. 

* many US servers eg. Google and Microsoft, are at Mountain View, Sunnyvale, Californihttp://en.wikipedia.org/wiki/Mountain_View,_California#Top_employers serve internet users from all over the world 

So the ABS Census Mainframe couldn't handle what was perceived to be, maybe, 5,000,000 x 20 = One Hundred Million near simultaneous users at 7.30pm on 9 Aug 2016.

Shows how a Technical Problem becomes a Political Problem for Australia's Prime Minister Turnbull, already governing on a knife-edge.
  
I’ve been writing on SigInt and Cyber-warfare matters since 2007. See my 2007 article: "The fifth battle domain - cyberspace" at http://www.newsweekly.com.au/article.php?id=2999  

Pete

2 comments:

Ztev Konrad said...

The census in Australia is every 5 years not 10 as mentioned
www.abs.gov.au/census is the link but dont bother as it is unreachable -still.

Pete said...

Hi Ztev

The census is now reachable (correcting your mention) www.abs.gov.au/census :)

Cheers

Pete