While blaming two domestic internet providers for a security lapse during the national census, International Business Machines Corp apologized to Australia on Tuesday for the debacle.
This debacle had come under strict criticism from several quarters and the Australian government had described the incident as a "malicious" cyber-attack that shut down a national census.
On August 9, due to what has been blamed on the website being flooded with more clicks than it could handle, four distributed denial of service (DDoS) attacks resulted in the five-yearly August 9 household survey by the Australian Bureau of Statistics (ABS) going offline that day. IBM was the lead contractor for the five-yearly household survey in the country.
The Australian government has sought repeatedly to impress voters with its cybersecurity credentials and the breach embarrassed the government and its efforts and claims or the same.
IBM Australia and New Zealand Managing Director Kerry Purcell said that he is negotiating a settlement with the Australian government for failing to fulfill the A$10 million ($7.6 million) contract. Purcell also said that he apologized "unreservedly" for the inconvenience caused by the goof up while answering queries at a Senate inquiry into the matter.
While declining to shed any light about who he suspected was behind the attack, Purcell also said IBM was helping a police investigation.
But he blamed Australian ISP Vocus Communications Ltd, a subcontractor of Nextgen Networks Pty Ltd, for failing to shut it down and he further went on say that attacks were launched through a router in Singapore.
"We had repeated assurances from the ISP that the appropriate protocol was in place," Purcell told the inquiry.
"The primary root cause was through a router that was outside Australia," he added.
The IBM preferred anti-DDoS measure, which it calls "Island Australia", involves "geoblocking" or getting the company's ISPs to shut down offshore traffic coming into the country, the company said in a written submission to the Senate inquiry.
IBM had declared a test of the strategy about "Island Australia" four days before the census a success and Nextgen was told it about "Island Australia" just six days before the census website went live in July, the subcontractor said this to the Senate inquiry in a written submission.
Nextgen noted that IBM rejected its offer of additional anti-DDoS detection measures and claimed that the subcontractor had followed IBM's instructions.
"Vocus was in fact requested to disable its DDoS protection product covering the e-Census IP space", Vocus said in a submission. Vocus Communications Ltd also claime din the submission that it had told Nextgen the week before the census was to begin that it "did not provide geoblocking" services.
However the Australian ISP company did not specify who gave that instruction.
(Source:www.reuters.com)
This debacle had come under strict criticism from several quarters and the Australian government had described the incident as a "malicious" cyber-attack that shut down a national census.
On August 9, due to what has been blamed on the website being flooded with more clicks than it could handle, four distributed denial of service (DDoS) attacks resulted in the five-yearly August 9 household survey by the Australian Bureau of Statistics (ABS) going offline that day. IBM was the lead contractor for the five-yearly household survey in the country.
The Australian government has sought repeatedly to impress voters with its cybersecurity credentials and the breach embarrassed the government and its efforts and claims or the same.
IBM Australia and New Zealand Managing Director Kerry Purcell said that he is negotiating a settlement with the Australian government for failing to fulfill the A$10 million ($7.6 million) contract. Purcell also said that he apologized "unreservedly" for the inconvenience caused by the goof up while answering queries at a Senate inquiry into the matter.
While declining to shed any light about who he suspected was behind the attack, Purcell also said IBM was helping a police investigation.
But he blamed Australian ISP Vocus Communications Ltd, a subcontractor of Nextgen Networks Pty Ltd, for failing to shut it down and he further went on say that attacks were launched through a router in Singapore.
"We had repeated assurances from the ISP that the appropriate protocol was in place," Purcell told the inquiry.
"The primary root cause was through a router that was outside Australia," he added.
The IBM preferred anti-DDoS measure, which it calls "Island Australia", involves "geoblocking" or getting the company's ISPs to shut down offshore traffic coming into the country, the company said in a written submission to the Senate inquiry.
IBM had declared a test of the strategy about "Island Australia" four days before the census a success and Nextgen was told it about "Island Australia" just six days before the census website went live in July, the subcontractor said this to the Senate inquiry in a written submission.
Nextgen noted that IBM rejected its offer of additional anti-DDoS detection measures and claimed that the subcontractor had followed IBM's instructions.
"Vocus was in fact requested to disable its DDoS protection product covering the e-Census IP space", Vocus said in a submission. Vocus Communications Ltd also claime din the submission that it had told Nextgen the week before the census was to begin that it "did not provide geoblocking" services.
However the Australian ISP company did not specify who gave that instruction.
(Source:www.reuters.com)
