Critical, or national, information infrastructure protection, referred to as either CIIP or NIIP, has been highlighted as a critical factor in overall national security by the United States, the United Kingdom, India and the European Community. As nations move inexorably towards so-called 'digital economies', critical infrastructure depends on information systems to process, transfer, store and exchange information through the Internet. Electronic attacks such as denial of service attacks on critical information infrastructures challenge the law and raise concerns. A myriad of issues potentially plague the protection of critical information infrastructures owing to the lack of legal regulation aimed at ensuring the protection of critical information infrastructures. This paper will highlight the legal concerns that relate to the denial of service attacks on critical information infrastructures and provide an introductory overview of the law as it relates to CIIP in Australia.