Aussie website attack incorrectly attributed to Singapore-based router: CSA

The Cyber Security Agency (CSA) of Singapore expressed surprise that tech giant IBM has pointed to online traffic in Singapore as the cause of a website collapse in Australia, saying it was “strange that IBM Australia reached such a conclusion” because it was not notified about the issue.

The agency was responding to news yesterday that IBM, the lead contractor for the Australian Bureau of Statistics (ABS) website, apologised at a senate inquiry in Australia over the site’s 40-hour shutdown on Aug 9 this year, reportedly due to a distributed denial-of-service (DDoS) attack. A DDoS attack disables websites by flooding them with Internet requests, overwhelming the servers temporarily.

IBM Australia and New Zealand managing director Kerry Purcell told Reuters that the attacks were launched through a router in Singapore.

In a press statement yesterday, CSA said: “We are surprised at media reports on IBM Australia’s assertions that the majority of international traffic which caused the crash of the (ABS) census website originated from Singapore.

“For matters of such nature, it is usual practice for national Computer Emergency Readiness Teams (Certs) to make inquiries and seek assistance from one another. In this instance, our SingCert was not informed of any such attack by Cert Australia. We were also not approached at any point. As such, it is strange that IBM Australia reached such a conclusion.”

CSA added that it has contacted Cert Australia and was told that there was some internal ABS infrastructure hosted in Singapore. “There may have been possible misunderstanding in the news reporting of this issue, which incorrectly attributed the DDoS attack source to Singapore. We are ready to assist the Australian authorities where required,” the agency said.