FOREIGN hackers have been blamed for last night’s Census crash — causing a lot of concern among Australians. So why did they launch the attack and is your private data at risk?
The Australian Bureau of Statistics claims it took the precaution of closing down the system to ensure the integrity of the data, after the website was attacked.
It said the online Census form was subject yesterday to four distributed denial of service (DDoS) attacks of varying nature and severity.
WHAT IS A DDOS ATTACK?
A DDoS attack aims to make a network resource or computer system unavailable by flooding it with more requests for information that it can handle.
When you visit a particular website from your browser, you send a request to that site’s computer server to view the page.
As websites can only process a certain number of requests at once, attackers can overload the server and cause it to crash, which prevents legitimate users from accessing the site.
DDoS attacks use hundreds of thousands of systems distributed across the internet, but the machines that initiate the assault generally do not act on their own accord.
Instead, they are part of a “zombie army” or “botnet” — a group of internet-connected devices, infected with malware to give hackers remote access to the computer without the knowledge of the rightful owner.
WHY WOULD HACKERS LAUNCH A DDOS ATTACK?
While it might sound like some sort of new and sophisticated method, DDoS attacks have been around for a long time and are becoming increasingly common.
According to the latest State of the internet report from Akamai, there was a 125.36 per cent increase in DDoS attacks from the first quarter of 2016, when compared to the same quarter the year earlier.
DDoS attacks are launched for a variety of reasons:
• Hacktivism — Hacketivists use DDoS attacks to express displeasure against targets, ranging from governments to private companies
• Extortion— Cyber criminals have been known to follow a DDoS attack with a ransom note, demanding money in exchange for stopping the attacks
• Business competition — It might not be the most kosher of business practices, but DDoS attacks can be used by people to make the website of their competition to crash
• Script kiddies — These type of DDoS attacks are performed by cyber vandals using premade scripts and tools disrupt internet users — usually online gamers.
WHAT HACKERS WOULD ACHIEVE FROM THE CENSUS DDOS?
Cyber security experts have stated that it is too early to accurately determine the source of the DDoS attacks, but they can speculate as to why someone would want to attack the site.
Deputy Director of the Deakin University Centre for Cyber Security Research Matthew Warren said the attacker would have been aware the Census site would have been vulnerable to a DDoS attack because of the high traffic network load it expected.
“The Census online system has become a high profile target. The reason for this was the public comments about privacy and security concerns, and the fact that the census itself is an event held every few years,” he told news.com.au.
“I expect the system would have been DDOS attacked from an overseas source to show that Australia’s government systems are vulnerable and also to make the government embarrassed.
“It shows that Australia cannot protect a high profile national online system.”
Intel Security Solutions Architect Andy Hurren held similar sentiments.
“There are a lot of reasons for this attack, but it is unlikely money or data would have been motivation in this instance,” he told news.com.au.
“It could have come from overseas hackers who don’t like our country or it could have come from someone inside Australia as an act of civil disobedience fuelled by a desire to take down a system they disagree with.
“Alternatively, it could someone with an ego trying to show how great they are because they were able to take down a public site. It would all be about building a reputation.”
IS MY DATA SAFE?
As mentioned earlier, DDoS attacks attempt to make a network resource or computer system unavailable by flooding it with more requests for information that it can handle.
This means the attack itself does not go after data, although it can be used as a smokescreen to draw attention away from other nefarious activities the attacker might be doing, such as siphoning data from the victim’s network.
In October last year, a DDoS attack on telecom firm TalkTalk was used to camouflage hackers as they stole the data of 4 million of its customers.
WHERE TO FROM HERE?
Mr Hurren said there are a number of reasons the Census website might have crashed, but because the ABS are openly claiming it was the result of a DDoS attack, this is likely the case.
“The ABS certainly has more information than we do and would also know there will be investigations into whether it crashed as the result of malicious intent or if the severs were just purely overloaded,” he said.
The cyber security expert said conversations were already taking place with the Australian Signals Directorate and all of the other parties involved to find out where the hack originated.
“It can be simple to determine where the hack came from depending on the method used, although the ability for a skilled hacker to perform these attacks anonymously can make the finger pointing harder.”
In a statement released this morning, Acting Australian Information Commissioner Timothy Pilgrim said he was commencing an investigation of the ABS under theAustralian Privacy Act 1988.
“My first priority is to ensure that no personal information has been compromised as a result of these attacks,” he wrote.
“ABS have confirmed that a decision was taken last night to shut down the website in order to protect personal data.”
WHAT ARE EXAMPLES OF DDOS ATTACKS?
Hacktivist group Anonymous are synonymous with DDoS attacks, having used the method on multiple occasions.
In 2008, Anonymous used a DDoS attack to take the Church of Scientology’s official website offline for a number of days.
This was followed by attacks against the sites of PayPal, Visa, and MasterCard launched by Anonymous in 2011.
The attack was the result of the payment service providers refusing to process financial donations intended for WikiLeaks.
Some DDoS attacks are launched for political purposes, with attacks on Estonian government and media websites in 2007 being the most infamous example.
The attacks were attributed to Russian nationalists angry about a Soviet war monument in Tallinn being relocated from the centre of the city to a military cemetery.
DDoS attacks have also been attributed for attacks on some of America’s largest banks, including JPMorgan Chase & Co. and Wells Fargo & Co.