Early in the Covid-19 pandemic, the myGov website was overwhelmed by a demand surge from citizens seeking to rapidly access digital services. In 2016, the online Census (eCensus) suffered a series of relatively small distributed
denial-of-service (DDoS) attacks. While they didn’t overwhelm the platform, the attacks ultimately resulted in the eCensus being taken offline.

What do these two examples have in common, and what lessons should we learn to ensure more robust digital government services?

To answer those questions, this paper will examine five points:

• The nature of the DDoS attacks
• The CIA (confidentiality, integrity and availability) triad model for digital security
• How to predict demand
• How to respond to unpredictable demand
• The structure of reliable data systems