SoylentNews

IBM Throws ISP It Hired Under a Bus for Australia's #Censusfail

posted by janrinok on Saturday October 22 2016, @07:57AM   
from the blame-the-little-man dept.

Arthur T Knackerbracket has found the following story:

IBM has blamed a supplier for causing the failure of Australia's online census, which went offline on the very night millions of households were required to describe their disposition.

Big Blue's submission (PDF) to Australia's Standing Committees on Economics, which is conducting an Inquiry into the Preparation, Administration and Management of the 2016 Census by The Australian Bureau of Statistics puts the blame for the failure at the feet of a company called NextGen Networks.

IBM does so because it says it devised a distributed denial of service (DDoS) prevention plan called "Island Australia" that involved "blocking or diverting international traffic intended for the eCensus site before it reaches the site, while leaving the system free to continue to process domestic traffic."

"This method was chosen because the primary risk of DDoS attacks of sufficient size to disrupt site availability was considered to be from foreign sources."

IBM's submission says two carriers were chosen to bring traffic to the Census site, Telstra and NextGen. Both were informed about "Island Australia" and how to implement it. But come Census day, IBM says "a Singapore link operated by one of NextGen's upstream suppliers (Vocus Communications or Vocus) had not been closed off and this was the route through which the attack traffic had entered the NextGen link to the eCensus site."

Big Blue's document says Vocus 'fessed up to the error on Census night.

[...] In a delicious irony, NextGen's submission also notes its recent acquisition by none other than Vocus. Which will make life interesting at the first all-hands meeting once the acquisition closes.

The Inquiry will issue a report on November 24th. The Register's Australian outpost has laid in copious stocks of popcorn ahead of the report's release.

Previous reporting:
Australian Census: Hacked or Just Ill-Prepared?

---

Original Submission

• Re:Still IBMs fault. Re:Still IBMs fault. (Score: 2, Informative) by Anonymous Coward on Saturday October 22 2016, @10:23AM

  by Anonymous Coward on Saturday October 22 2016, @10:23AM (#417559)

  While I agree that it was IBM's fault and this excuse sounds pretty tenuous:

  • Aussie consumer ISPs shape like crazy, we're the great worldwide bastion of data limits. Every single ISP on that list enforces data limits via shaping. TPG, Dodo and Exetel had/have some unlimited plans - they're the budget ISPs.
  • That tiny list of ISPs you provided is so ancient and incomplete even for it's time, it's hilarious. It doesn't include iiNet (3rd largest ISP in AU for a decade). Unwired and iBurst were niche last-mile wireless providers, absorbed into other ISPs - iBurst was shut down in 2008 and Unwired in 2013 into Optus. The only ISPs on that list with any size: Bigpond (Telstra, the biggest), Optus (former #2), TPG (now owner of iiNet/Internode and many others, current #2). Vividwireless is another niche wireless provider for areas with shitty landlines. Considering the time frame that this was written, there were literally hundreds of ISPs of note, it's been the last 5 years where they've consolidated into a few big players - mostly TPG.
  • Vocus and NextGen are not consumer ISPs. Vocus provide business connectivity (IP or SDH transit, backhaul/intercap, SS7 voice, big DA fibre tails, datacentre space, etc). They've recently purchased AMCOM and been purchased by M2 Group, who own Dodo - this makes them #4 by size and possessing a reasonably sized consumer network. NextGen are a backhaul provider subsidiary of Leighton who own a few small pieces of other infrastructure and do offer some enterprise-grade infrastructure, but mostly sell at the wholesale level. They're famous for the most expensive backhaul costs in AU, even up against TW, and were built with public funds intended to decrease the cost of backhaul in remote areas.
  • Vocus and NextGen are the guys who own or build undersea cables, they don't sell Internet to you or me. Vocus has a DDoS protection product on their website, right next to their IP transit coverage details. I have about 1Gbit of Vocus IP transit as a backup to my primary transit providers.
  • IBM was asked several times by Vocus and/or NextGen if they wanted explicit DDoS protection (from previous stories heard) and IBM said no, they were just going to pull international transit if there was an attack.
  • Much of the attack either came from or was reflected through Australia via domestic transit. IBM's protection plan didn't work.

  Parent

  Starting Score:	0		points
  Moderation		+2
  Informative=2, Total=2
  Extra 'Informative' Modifier		0
  Total Score:		2

• Re:Still IBMs fault. (Score: 2) by RamiK on Saturday October 22 2016, @02:49PM

  by RamiK (1813) on Saturday October 22 2016, @02:49PM (#417583)

  First off, you're right that list isn't good. I wanted to paste the link to the response the ISPs made to a data request a few month ago (not sure if it was ACCC or ACMA or whatnot) but couldn't find it.

  Either-way, I WAS talking about first mile ISPs. I figured it's obvious enough considering international interconnect was what the article was talking about and even specified the those companies.

  That said, last I heard, they don't deploy layer 2+ switches unless specifically asked by customers* to avoid legal requirements and technical complications. That's to say, they don't go into the packets. They only rate limit.

  Though admittedly, I don't have any way to verify what they were saying... And I'm guessing it's plan dependent regardless.

  * And specifically just the business \ cloud customers and usually not the consumers ISPs. Vocus even has a special DDOS protection plan that is based on rate limits rather then packet analysis.

  --
  compiling...

  Parent