At the moment the unloved MyGov platform began failing on Monday morning, executives from the Digital Transformation Agency were conducting an industry briefing as part of a tender process that is seeking a strategic partner to design and build a more flexible and secure replacement.
With red faces all round yesterday, from Minister Stuart Robert who was claiming the overloaded system had been hacked, to Centrelink, Services Australia and the DTA, the revamp of the creaking systems behind the nation’s social net and its troubled MyGov front end can’t come fast enough.
On Monday morning, as thousands of newly unemployed Australians attempted to sign into the MyGov platform in order to register for benefits, the site slowed to a crawl or failed entirely and was inaccessible for most of the morning.
While Services Australia Minister Stuart Robert was telling reporters in the early afternoon that the platform had been the target of a DDoS denial of service cyber-attack, by Question Time he was telling the Parliament that MyGov had collapsed under the weight of a surge of users.
The collapse is an embarrassment for a government that five years ago set out to make public services faster, simpler and clearer – and cheaper for taxpayers – through the establishment of a Digital Transformation Office (now Agency).
Mr Robert told the Parliament that at 9.40am on Monday the MyGov platform attracted 95,000 concurrent users.
“That triggered the DDoS alarms – denial of service attack alarms – going off and slowed the system. The system had been designed for 55,000 concurrent users, so it was overloaded by hitting 95,000,” Mr Robert said.
Last week, he said the system was managing 6,500 users and that Services Australia was now “looking at how we expand the 55,000 concurrent users to a stronger basis.”
The DTA on Friday released further documentation related to the tender process opened earlier in March that seeks a strategic partner “to help us deliver a platform to coordinate access to government information and services.”
The MyGov Update would build on a $1 million working prototype that had already been developed by Deloitte working with the DTA. The government is seeking a systems integrator with hosting and software partnerships.
The DTA and Services Australia briefing to industry outlined the new functionality that was expected to be built into the platform – including improved notifications, a slick new interface and the limited personalisation capabilities.
It is expected the system would more closely resemble a a social network interface and ultimately provide access as the front-end to a broader range of government services.
The DTA said “we expect the solution to demonstrate high levels of availability, security and support for privacy and consent controls.”
In the meantime, the embarrassing MyGov fail on Monday created moments of friction on a parliamentary sitting day that was largely cooperative by the standards of recent years as the government and opposition joined to pass economic stimulus packages as response to the coronavirus crisis.
Shadow assistant minister for cybersecurity Tim Watts was on Twitter labelling Stuart Robert’s original DDoS advice as “pathetic”.
“This is the most pathetic excuse imaginable for the failure of the Morrison government to plan for an entirely foreseeable surge in user demand,” Labor MP Tim Watts tweeted.
“Crying DDoS in this situation will rightly be laughed at by everyone with the most basic technical competence.”
Opposition leader Anthony Albanese called the failure “an incompetence attack” rather than a cyberattack and said this was also a consequence of a government “that’s been determined to privatise and contract out assets.”
“The truth is that the big four accounting firms have got a lot of Government taxpayers’ money over recent years and at the same time basic government functions have been stripped from their workforce. And Centrelink clearly needs more people,” Mr Albanese said.