Ajay Unni, Founder and CEO, StickmanCyber, shares some of the potential dangers of a digital census describing, how the information can be lucrative to hostile actors.
The report was also carried in other major publications like:
Read the full article below as featured in The Daily Telegraph.
AUSTRALIA’S upcoming Census will be a major target for cyber attacks this year, security experts have warned, after a surge in hacking attempts against Australian institutions and greater criminal and espionage activity worldwide.
And the man who investigated the failure of the last online Census says any attacks on the event will undoubtedly be more sophisticated this year, even though the Australian Bureau of Statistics should be more prepared for them.
Questions remain for many experts about whether the national survey will be able to meet online demand and withstand intrusions after the ABS website crashed on Census night in 2016 and remained down for 48 hours following modest attacks against the platform.
He said the potential for attacks this year was much greater.
“The threat environment is much worse than it was five years ago, no doubt,” Mr MacGibbon said.
“We’ve got emboldened threat actors, there are nation states and criminals are more active than they were.”
The Census, due to take place on August 10, will also come just weeks after Australia and many of its allies named China as the nation state behind critical cyber attacks using the Microsoft Exchange mail server earlier this year.
And it will come in a year in which cyber attacks soared by 341 per cent, according to Nexusguard, which said the spike was fuelled by more people spending time online during lockdowns.
UNSW Canberra Institute for Cyber Security enterprise director Nigel Phair said 2021 was a particularly challenging time to launch a national online platform and the ABS would need to be significantly more prepared for intrusions.
“It will be a target and it will be a target for all sorts of reasons,” he said.
“In addition to nation states like China, even your garden variety hacker would love to have a go at this to get on the forums. It will be scrutinised on both sides.”
StickmanCyber chief executive Ajay Unni said information gathered by the Census about Australians could be attractive to a hostile nation.
“If this data gets in the hands of other countries, it’s quite valuable from a standpoint of intelligence about the demographics of Australia,” he said. “This information would be widely useful and that is concerning.”
Mr. Unni said changes the ABS made to its providers and security this year were encouraging but warned that “there are always risks”.
The ABS will use Amazon Web Services cloud to host this year’s Census after it awarded the $35.1 million contract to PwC Australia.
The agency tested its platform with 100,000 households in October last year and will encourage Australians to fill out the survey over several weeks starting on July 28 to diffuse demand.
An ABS spokeswoman said it would also run a round-the-clock “Security Operations Centre to monitor Census systems with real-time information and alerts on potential security issues” throughout the period.
Mr MacGibbon said while the 2016 Census outage was damaging, it also “forced the hand of people involved in IT security and resilience” within government to improve their approach.
He said he hoped Australians would recognise the benefits that came from holding a national survey and remain “civic-minded enough” not to attack it for notoriety.
“There’s no such thing as a perfectly secure project,” he said. “Could there be an event that harms the Census? Absolutely. I desperately hope it doesn’t happen. They’ve taken steps to ensure it doesn’t happen.”