Early in the COVID-19 pandemic, the Australian myGov website was overwhelmed by a demand surge from citizens seeking to rapidly access digital services. In 2016, the online Census (eCensus) suffered a series of relatively small distributed denial-of-service (DDoS) attacks. While they didn’t overwhelm the platform, the attacks ultimately resulted in the eCensus being taken offline.
What do these two examples have in common, and what lessons should we learn to ensure more robust digital government services? To answer these questions, this paper examines five points:
- The nature of the DDoS attacks
- The CIA (confidentiality, integrity and availability) triad model for digital security
- How to predict demand
- How to respond to unpredictable demand
- The structure of reliable data systems