IBM to compensate Australian Government for cyber-attack on census

Written by on October 25, 2016 in News with 0 Comments
REUTERS/Lucy Nicholson - RTX2E4AL

REUTERS/Lucy Nicholson – RTX2E4AL

SYDNEY (Reuters) – International Business Machines (IBM) Corp said on Tuesday it plans to compensate the Australian government for a “malicious” cyber-attack that shut down a national census, but blamed two domestic internet providers for the security lapse.

IBM was the lead contractor for the five-yearly Aug. 9 household survey by the Australian Bureau of Statistics (ABS) which went offline that day after four distributed denial of service (DDoS) attacks, caused by the website being flooded with clicks.

The breach embarrassed a government which has sought to impress voters with its cybersecurity credentials and plans to trial online elections. The census is already controversial because of privacy concerns.

“I am confident we’ll be able to achieve some kind of outcome in the very near future,” IBM Australia and New Zealand managing director Kerry Purcell told a Senate inquiry into the matter, without discussing terms of the negotiations.

He added that the company was helping a police investigation but declined to say who he suspected was behind the attack.

He said that the attacks were launched through a router in Singapore and blamed Australian ISP Vocus Communications Ltd, a subcontractor of Nextgen Networks Pty Ltd, for failing to shut it down.

“We had repeated assurances from the ISP that the appropriate protocol was in place,” Purcell said.

In a written submission to the inquiry, IBM said its preferred anti-DDoS measure, which it calls “Island Australia”, involves “geoblocking”, or getting the company’s ISPs to shut down offshore traffic coming into the country.

In a written submission to the inquiry, Nextgen said IBM told it about “Island Australia” six days before the census website went live in July, and that IBM declared a test of the strategy four days before the census a success.

It said Nextgen followed IBM’s instructions, but noted that IBM rejected Nextgen’s offer of additional anti-DDoS detection measures.

Vocus said in a submission that it told Nextgen the week before the census that it “did not provide geoblocking” and that “Vocus was in fact requested to disable its DDoS protection product covering the e-Census IP space”.

It did not specify who gave that instruction.

ABS chief statistician David Kalisch said he was confident IBM could deliver on its A$10 million ($7.63 million) contract based on “the comments and exhortations that IBM had made to the ABS about the importance of this work” beforehand.

($1 = A$1.3)

(Reporting by Byron Kaye; Editing by Nick Macfie)

Tags: ,

Reuters

About the Author

About the Author: Thomson Reuters is the world's largest international multimedia news agency, providing investing news, world news, business news, technology news, headline news, small business news, news alerts, personal finance, stock market, and mutual funds information available on Reuters.com, video, mobile, and interactive television platforms. .

Subscribe

If you enjoyed this article, subscribe now to receive more just like it.

Subscribe via RSS Feed

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Top
%d bloggers like this: