Census: How the Government says the website meltdown unfolded

Updated

Australia's census website was taken offline after four denial of service events, the minister in charge has said — but Michael McCormack stopped short of labelling the incidents "attacks".

This is how Mr McCormack explained the series of events to reporters in Canberra today.

Sorry, this video has expired Video: Minister says census online form outage was not an attack or hack (ABC News)

The first DoS

August 9, 2016

10.08am

The Australian Bureau of Statistics online monitoring systems detect a significant increase in traffic. This is sustained for a period of 11 minutes causing a system outage of approximately five minutes. Most users are able to resume their session and submit their forms.

Investigations begin

August 9, 2016

10:19am

The traffic subsides without action from the ABS or IBM and the system returns to normal. IBM is contracted to the ABS to provide the software platform enabling the online census form.

The traffic increase is suspected to be a denial of service and investigations are started by both ABS and IBM.

The second DoS

August 9, 2016

11:46am

Another increase in traffic is observed, consistent with a second denial of service.

International traffic blocked

August 9, 2016

11:50am

The ABS and IBM activate their denial of service mitigation response plan, which includes blocking all international traffic. This stops the latest event. A short system outage is experienced.

The ABS decided to block all international traffic until midnight.

Intelligence agency called in

August 9, 2016

11:55am

The incident is reported to the Government's Australian Signals Directorate to seek any advice on prevention of further incidents or any intelligence-related threat.

Fire walls kick in

August 9, 2016

4:58pm

Another modest increase in traffic is automatically defended by network fire walls. "Additional measures" are taken to prevent further attempts of this type.

Another DoS thwarted

August 9, 2016

6:15pm

A small scale denial of service is attempted on the ABS website and stopped by the standard denial of service protections.

Geo-block fails as demand spikes

August 9, 2016

7:30pm

The online census form monitoring systems detect a "significant" denial of service. At the same time, thousands of people log on to complete their census forms, leading to a large increase in traffic to the site.

The PM's special cyber security advisor Alastair MacGibbon explains what happened next:

"The reason why the fourth incident was significant was because there are two failures. The first was a geo-blocking service fell over, and that's one of the main defences used against denial of service. "Once we lost the capability of preventing the geo-location of data coming in, then the router failed. As a result of that there was information inside the system that the ABS and IBM took very cautiously so not knowing what that information was, made a decision to take it off line.

System shut down

August 9, 2016

7:45pm

The ABS decides to shut down the online form to protect the system.

Minister alerted

August 9, 2016

8:10pm

Census minister Michael McCormack's office is informed of the outage.

McCormack heads back to Parliament House

August 9, 2016

8:14pm

Mr McCormack's office calls him to let him know. He returns to Parliament House and calls ABS chief statistician David Kalisch to request a briefing. At 8:26pm Mr Kalisch calls Mr McCormack and gives him an initial briefing.

PM dialled in

August 9, 2016

8:32pm

Mr McCormack calls Prime Minister Malcolm Turnbull and Treasurer Scott Morrison.

Sorry, this video has expired Video: Cyber security expert says ABS could not have foreseen confluence of events (ABC News)

'Try again later'

August 9, 2016

8:50pm

The online form system is restored. Overload protocols are activated to prevent connections until the state of the systems and their integrity can be assessed.

The ABS posts a message on its website and on social media saying there is a system outage and advising people to try again later.

System kept offline

August 9, 2016

11:00pm

The ABS issues a public message to advise that the form will be out of action for the rest of the night.

The system is restored but is kept offline as a precaution while checks are carried out.

The ABS, IBM and the signals directorate are constantly in touch.

The completed census form data is backed up and transferred into the ABS secure data storage environment.

The Government says "no census data was compromised and no data was lost"

Site still offline

August 10, 2016

12:00pm

As of midday (AEST), the census website is still offline.

Sorry, this video has expired Video: Computer security expert explains what a denial of service attack is (ABC News)

Topics: government-and-politics, federal-government, australia

First posted