Monday, 23 March 2020
Questions without Notice
I thank the Leader of the Opposition for his question. The advice to me this morning was that myGov attracted 95,000 concurrent users at 9.40 am. That triggered the DDoS alarms—denial of service attack alarms—going off and slowed the system. The system had been designed for 55,000 concurrent users, so it was overloaded by hitting 95,000. Fifty-five thousand is the maximum number. It was doing 6,500 users last week. We are currently looking at how we expand the 55,000 concurrent users to a stronger basis.
I also asked the department to investigate the DDoS alarm triggering, and the advice to me is as follows: 'Our systems have had multiple and sustained denial of service attacks over the past few weeks. The network alert status is now at high. This, combined with all of the data'—the 95,000 users—'gave rise to a very strained performance because of the high number of usage, and that caused the outage. The DDoS alarms show no evidence of a specific attack today.' The advice here doesn't mean there is no need for heightened cybersecurity. We do need to remind all of our clients that, unfortunately, nefarious actors will use the current situation to their advantage, and we have seen the ACSC put out advisory notices about things today.