PricingBlogAbout Us

IT Management Issues Report: Analysis of ABS Census Website Failure

Verified

Added on  2020/05/28

|8
|1554
|42
Report
AI Summary
This report critically examines the IT management failures associated with the ABS Census website, which was designed by IBM for the Australian Bureau of Statistics (ABS). The website's primary function was to collect data from Australian citizens, but it was brought down by a Distributed Denial of Service (DDoS) attack due to security flaws and poor management decisions. The report identifies key flaws such as the lack of geo-blocking, inadequate DDoS testing, absence of a backup system, and the selection of a single vendor without a competitive bidding process. It then offers several recommendations to rectify these issues, including implementing a pre-qualification questionnaire process, blocking foreign IP addresses, employing traffic rerouting, and conducting comprehensive testing procedures. The report concludes that these improvements are essential for preventing future website failures and ensuring the security and reliability of online data collection efforts.
Document Page
Running head: IT MANAGEMENT ISSUES
IT Management Issues
Name of the Student
Name of the University
Author Note
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
1IT MANAGEMENT ISSUES
Executive Summary
DDoS attack is one of the key methods to bring down a website. The purpose of this report is to
study such an attack on the Census website created by IBM for ABS. The website was designed
to collect data on Australian citizens. However, there were security flaws that were not addressed
during the creation of the website. This report would criticize the decisions that did not cover
these flaws. The report will then conclude with some recommendations that can be used to
rectify the situation and improve the circumstances.
Document Page
2IT MANAGEMENT ISSUES
Table of Contents
Introduction......................................................................................................................................3
Discussion........................................................................................................................................3
Conclusion.......................................................................................................................................5
Recommendations............................................................................................................................5
Reference List..................................................................................................................................7

This is a preview!

Do you want full access?

icon

Trusted by 1+ million students worldwide

Document Page
3IT MANAGEMENT ISSUES
Introduction
The Distributed Denial of Service (DDoS) attacks on Australian Bureau of Statistics
(ABS) was a success due to several poor management decisions. Four such decisions have been
highlighted from the case study of the attack. The purpose of this report is to identify the reasons
behind the success of the attack. The report elaborates on those reasons while suggesting some
recommendations. The recommendation section consists of suggestions would help to improve
the performance of ABS and new opportunities for business that might be created by using those
suggestions.
Discussion
IBM created a Census website for ABS. It was created to be an online survey website for
collecting personal information from the people of Australia. The website failed due to a general
DDoS attack on it. A detailed study of the attack on the Census website showed that IBM did not
take enough measures to prevent any website downtime. In an interview to 3AW radio, Prime
Minister Malcolm Turnbull said that IBM did not meet the terms of contract. IBM was
responsible to create a website and then ensure that the website was immune to all forms of
cyber-attacks. However, the server was overloaded with huge rate of Internet traffic flow that
stopped its services.
Several management decisions by IBM were flawed and that led to the downfall of the
website.
The website was developed for collecting data from the people of Australia. However,
IBM did not implement a blocking mechanism that would block all network traffic that
originated from outside of Australia, from the web server (Young, 2014). Thus, people
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
4IT MANAGEMENT ISSUES
from all over the world could connect to the website that was meant for Australians only.
The server was overloaded as it received a huge amount of view requests from a lot
people in a short amount of time. The management body should have thought about
restricting access to the website. Any non-Australian should not access to a website that
is meant for Australians only. The web server should receive authentic survey data from
Australians. Any one accessing the website from outside of Australia would only provide
junk data trying to ridicule.
IBM had possibly conducted various load testing on the servers. Load testing determines
the total amount of traffic that the server can withstand without breaking down. DDoS
testing on the other hand is a completely different matter. In this test, the servers are
pinged with high rates of traffic flow. Any web server needs to be tested
comprehensively on whether it can withstand a DDoS attack or not (Naik, 2015). There
are times when a server might even face an unintentional DDoS attack by users who are
continuously requesting data from the servers. The management thus needed to
understand the importance of various penetration testing on the web servers. There are
other types of testing too like SQL injection testing and XSS testing that are important to
conduct before making the server live.
A mechanism that can automatically restart the router in the case of a failure is necessary
for any web server. The servers might face downtime; in that case, restarting the router
might be a faster option to restore services. Manual restart is tough and thus automatic
restart of routers is more favourable. Having a synced backup is also a necessary before
making a web server live. The Census website did not have a backup synced to the live
server. As a result, after the DDoS attack, all the collected data was lost and the website
Document Page
5IT MANAGEMENT ISSUES
went down permanently (Wang et al., 2015). Such mechanisms are pre requisite for any
website to handle any server downtime. IBM should have implemented at least these
mechanisms to a web server that is going to store data about Australian citizen.
IBM was directly appointed as the vendor for the website creation and implementation.
The management process should have instead made this a closed tender bidding process.
Selecting only one vendor destroys the competition, as IBM now does not have to
improve the terms of its services to get the contract. A closed tender bidding process is
thus beneficial for the client (Sillanpää, Shahzad & Sillanpää, 2014). The vendors would
then propose better and better services at lower costs. The management could have
invited more vendors to the process. Other vendors in the market who are equally capable
like IBM might be willing to provide the necessary services at a cheaper price.
Conclusion
Thus, it can be concluded that the management decisions were the primary reasons for
the failure of the eCensus website project of the ABS. The services, which needed to be
implemented, were quite common and any live website for smooth operations needs the services
discussed in the report.
Recommendations
There are a few recommendations that can be implemented in this scenario:
A Pre-qualification questionnaires process is important to be executed for the selection
of a detailed vendor list (De Silva & Hubbard, 2016). This list then can then be used for
a closed bidding process. This process would create an open competition between the
participating vendors to give the best quality services at the lowest price possible. More

This is a preview!

Do you want full access?

icon

Trusted by 1+ million students worldwide

Document Page
6IT MANAGEMENT ISSUES
vendors participating in the process would also mean more business leads would be
generated.
A blocking mechanism can be implemented that would only allow website access to the
people of Australia (Hill, 2016). This can be implemented by creating a system that will
identify the origin of the IP addresses. Thus, it will block any incoming traffic from a
foreign IP address.
The chances of DDoS attacks are reduced by implementing a traffic rerouting
mechanism that would redirect excess traffic to a different URL and thus minimizing the
load the web server (Desai et al., 2016). Minimizing the rate of traffic is the only way to
prevent such attacks on the web server.
The testing procedures needs to exhaustive so that thee web site is invulnerable to almost
all sorts of penetration attacks (Bhingarkar & Shah, 2017). This website would be
hosting surveys that would collect personal data. There might be hackers trying to steal
the data. Thus, the database needs to be protected from attacks as well.
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
7IT MANAGEMENT ISSUES
Reference List
Bhingarkar, S., & Shah, D. (2017, January). A survey: Cloud hosted website protection using
soft computing techniques. In Cloud Computing, Data Science & Engineering-Confluence, 2017
7th International Conference on (pp. 325-330). IEEE.
De Silva, D. G., & Hubbard, T. P. (2016). Evaluating Bidder Pre-Qualification Requirements for
Procurement Contracts.
Desai, M., Patel, S., Somaiya, P., & Vishwanathan, V. (2016). Prevention of Distributed Denial
of Service Attack using Web Referrals: A Review.
Hill, C. J. (2016). Geo-location, Access Control and Inter-domain Policy in Named Data
Networking.
Naik, M. (2015). Early Detection and Prevention of DDOS attack on VANET (Doctoral
dissertation).
Sillanpää, I., Shahzad, K., & Sillanpää, E. (2014). Supplier development and buyer-supplier
relationship strategies–a literature review. International Journal of Procurement Management,
8(1-2), 227-250.
Wang, B., Zheng, Y., Lou, W., & Hou, Y. T. (2015). DDoS attack protection in the era of cloud
computing and software-defined networking. Computer Networks, 81, 308-319.
Young, B. J. (2014). A Comparative Study of the Legal Frameworks and Protection of Digital
Content in the United Arab Emirates and Australia in Relation to the Practice of Blocking Digital
Content on the Basis of Location (Geo-Blocking) and its Associated Circumvention
Technologies. International Journal of Journalism & Mass Communication, 2014.
chevron_up_icon
1 out of 8
circle_padding
hide_on_mobile
zoom_out_icon
logo.png

Your All-in-One AI-Powered Toolkit for Academic Success.

  +13062052269
info@desklib.com

Available 24*7 on WhatsApp / Email

[object Object]
Unlock your academic potential

Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.