Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences
  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

This article is more than 1 year old

IBM Australia again blames ISPs for #censusfail, is also 'unreservedly' sorry

Big Blue in compensation talks with Australian government

IBM has tried to explain why trivially-small denial-of-service attacks took out the systems it provided for Australia's Census, causing a 40-hour outage.

An Australian Senate Committee is investigating the collapse of the $AU10 million IBM-provided Census systems and networks in the face of attacks ranging from 210 Mbps to 3 Gbps (the attack directed at Brian Krebs, by comparison, was on the upside of 600 Gbps – 200 times the biggest attack to hit the Australian Census).

IBM apologised “unreservedly” for the outage, while at the same time again reaching for a bus under which to throw suppliers providers Nextgen Networks and Vocus (Nextgen's owner).

Its contention is that the geoblocking strategy (dubbed “Island Australia”) it pitched to the cash-strapped Australian Bureau of Statistics (rather than a more costly DDoS filtering system) would have worked if the network providers hadn't let traffic through (particularly on a link to Singapore). Previous submissions by Vocus and Nextgen to the committee have denied responsibility.

In the fourth DdoS of Census night, just 563 Mbps of traffic on the Singapore route was enough to take out the systems. IBM says that's because after previous attacks were fought off, attackers switched tactics to traffic designed to exhaust router resources.

The Senate Committee also heard that the geoblocking strategy was signed off by the Australian Bureau of Statistics, but not by the spookhaüs and security advisory agency the Australian Signals Directorate.

After the 40-hours hiatus in the Census, the system was brought back online, and IBM executive Michael Shallcross said that at that time the “risk landscape” had changed, so new DDoS protection strategies (based on traffic filtering instead of geoblocking) were put in place by Nextgen Networks and Telstra.

Even though its strategy wasn't successful, IBM Australia managing director Kerry Purcell still maintained that the original design was “an effective DDoS attack prevention mechanism”.

Purcell said no IBM Australia staff have been dismissed as a result of the outage.

Last week, Chief Statistician said the outage made a AU$30 million hole in the Australian Bureau of Statistics' budget expectations. IBM is now in “talks” about how much of the extra cost it will be willing to cover. ®

Similar topics

Similar topics

Similar topics

TIP US OFF

Send us news


Other stories you might like