When Census 2016 was allegedly hit by distributed denial of service (DDoS) attacks, the Government was hit with a problem of its own: how to explain it to an aggrieved public.
The initial blame for the problems – levelled by the Australian Bureau of Statistics – was a series of “attacks” on the Census site.
But by the next morning, with the Census site still down and amid increasing public concern, the Government wasn’t so sure these were “attacks”.
The Minister in charge of the Census, Michael McCormack, decided that the site hadn’t been attacked.
Confusion reigned at the press conference, as McCormack sought to explain why.
“By saying attacked, it looks as though and it seems as though and it is so that information was then gained,” he said.
“A denial of service is an attempt to block people from accessing a website. No census data was compromised and no data was lost.”
Cyber verbiage left a lasting impression on the Government, however, and – perhaps surprisingly - formed part of a keynote address by Prime Minister Malcolm Turnbull to the Australia-US Cyber Security Dialogue in Washington DC.
“Improvements to cyber incident response are on our minds in Australia, thanks to a denial of service incident on our national Census night,” Turnbull said.
“Although it was nationally significant, it was technically predictable and not a unique situation for business and governments.
“However, we struggled with the laden meaning of the word ‘attack’.
“‘Distributed denial of service attack’ is language that has begun to permeate the public consciousness. However, if a nation State says that it has come under attack, the meaning, and therefore the act itself, is weighted with terrific significance.”
Turnbull said he was concerned that cyber verbiage was not well understood outside of the IT security industry, and that existing terminology made it difficult “to communicate an accurate level of significance” of an incident.
“We need to know collectively that a denial of service is equivalent to having a bus parked in your driveway so you can’t get your car out, that hacked data means someone broke into the garage and took the car, and that the solutions to these two things are very different,” he said.
“Widely understood language in other fields has been hard fought for and won. If we hear of an air disaster involving a cabin fire or an engine fire on an aircraft, we understand the difference between, and different implications of, those two scenarios.
“The conversation about cyber incidents has not reached anything like that level of understanding.
“Those outside the cyber security world don’t readily understand the relative impact of different incidents, typical investigation timeframes, or likely response options — such as shutting down a site while investigating unusual traffic patterns.”
On that basis, Turnbull said, he called on the world’s academics “to turn their minds to the problem of cyber lexicon.”
“How do we communicate clearly with each other?” he said.
“How do we normalise cyber discussions so that they are held in the context of all threats, risks and opportunities?
“And the media too should be involved in that conversation and take care to understand what is being said by governments and businesses.”