How the 2016 Census Crash Could Have Been Avoided
In perhaps one of the biggest web hosting fails in recent history, the Australian Bureau of Statistics attempted to digitalise its annual census survey. However, before an estimated 16 million Aussies could complete their online forms, the website crashed. The result? Plenty of perturbed citizens concerned for a) the privacy of sensitive information they had just given out and b) the fine they would supposedly cop for not completing the form on time.
What exactly happened?
While the ABS initially stated that four hacking attacks from foreign channels had forced the organisation to pull the site down, digital maps outlining live data visualisation of DDoS attacks across the globe failed to prove any cyber-attacks on Australia last night.
Essentially, the website crashed simply due to its incapacities to host the overwhelming wave of traffic it encountered. Despite the ABS having invested just short of $500,000 into load testing servers and informing the public that the site could handle 1 million form submissions every hour, it was unable to cater to the number of users it faced in the end.
It’s not the first time a surge in web traffic has had a major impact on the public
Unfortunately, instances like this are more common than you think. A few years ago, a major Australian online betting agency crashed during the Melbourne Spring Racing Carnival, leading to a sickening loss of money. The reason behind the crash was that the site did not properly assess its server abilities and when faced with too much traffic, simply failed to continue operating.
In a series of other slightly-smaller cases, certain online retailers have crashed during the Christmas period due to the flood of digital shoppers poring over their websites.
So, what measures can be taken to ensure your website is safe and secure?
Companies need to realise the impact of click frenzy and to not just prepare for it, but to over-cater for it. In the case of the ABS census fail, issues such as risk management and disaster recovery planning simply weren’t implemented to the extent they should have been. Sure, they website could handle an expected number of users, but once it exceeded that number it ultimately crashed, resulting in some pretty angry Aussies and a colossal PR disaster.
Frankly, there are a number of ways businesses can improve their cybersecurity and ensure they are choosing the best hosting provider for their needs – no matter how complex those needs may be. Ultimately, you need to cover all bases – in addition to load testing, which assesses the site’s capabilities of a typical workload during the busiest time of the day, other testing pillars need to be consulted:
Soak testing: carrying out the load test over a longer time frame to assess its durability
Stress testing: seeing how the system will perform in a worst-case scenario
Breakpoint testing: finding out just how far the system can go before crumbling under pressure and grinding to a halt.
Perhaps if the ABS had employed more performance tests on its site prior to the 9th of August, it could have avoided the calamity it unfortunately encountered and, instead, rolled out the new digital census with the success it predicted it would garner.