Ajit Pai Throws His Employees Under The Bus After Investigation Proves FCC Made Up DDOS Attack
from the ill-communication dept
You might recall that when HBO comedian John Oliver originally tackled net neutrality on his show in 2014, the FCC website crashed under the load of concerned consumers eager to support the creation of net neutrality rules. When Oliver revisited the topic last May to discuss FCC boss Ajit Pai’s myopic plan to kill those same rules, the FCC website crashed under the load a second time. That’s not a particular shock; given the massive public opposition to the repeal, and an FCC website that’s never been accused of being cutting edge.
But things then got a bit weird. After the second attack last year, since-departed FCC Chief Information Officer David Bray issued a statement (pdf) claiming that FCC analysis showed the FCC had been the target of a DDOS attack by “external actors”:
“Beginning on Sunday night at midnight, our analysis reveals that the FCC was subject to multiple distributed denial-of-service attacks (DDos). These were deliberate attempts by external actors to bombard the FCC?s comment system with a high amount of traffic to our commercial cloud host. These actors were not attempting to file comments themselves; rather they made it difficult for legitimate commenters to access and file with the FCC.”
But the FCC’s claims were seen as suspect by numerous security experts, who say the crash showed none of the usual telltale signs of an actual DDOS. Journalists then discovered the “analysis” the FCC supposedly conducted never actually took place. When media outlets began reporting that the FCC actually had zero evidence to support the DDOS claim, the FCC issued a punchy statement to multiple outlets accusing Gizmodo reporter Dell Cameron (who broke the story) of being “completely irresponsible”:
“The FCC has never stated that it lacks any documentation of this DDoS attack itself. And news reports claiming that the Commission has said this are without any basis and completely irresponsible. In fact, we have voluminous documentation of this attack in the form of logs collected by our commercial cloud partners.”
No evidence was ever provided to journalists or lawmakers that pressured the agency for hard data proving the claims. Because, we now know, no such evidence ever actually existed because no DDOS attack actually took place.
Eventually, e-mails obtained via FOIA request made it clear that the FCC CIO either made up the DDOS attack or misinterpreted legitimate Oliver viewer traffic as a malicious act. But those e-mails also made clear that Pai’s FCC then pushed the DDOS attack narrative to numerous tech reporters, apparently in a bid to try and downplay the public’s massive opposition to Pai’s controversial policies. This act was only compounded by the FCC’s refusal to seriously address the identity theft and fraud that polluted the repeal’s comment period, the only real time consumers had a chance to have their voices heard.
Fast forward to this week. After a lengthy investigation into the whole idiotic affair, the FCC’s Inspector General has released a report (pdf) again making it very clear that the FCC not only made up the DDOS attack, but repeatedly misled Congress when asked about it. The report notes how the FCC under Pai’s watch “misrepresented facts and provided misleading responses to Congressional inquiries related to this incident,” and that investigators were unable “to identify any evidence that FCC staff or contractors analyzed server logs or conducted any substantive analysis.”
The FCC IG report notes that some of these false claims several FCC staffers made to Congress were passed on to the DOJ for an additional investigation, but the DOJ has thus far declined to follow through. The fact the press was also routinely misled (as discovered in FOIA-obtained e-mails) and fed false statements doesn’t appear to have warranted much concern in the report.
Hoping to get out ahead of the pretty damning investigation, Ajit Pai issued a statement before the report was released throwing everybody but himself under the bus for the DDOS attack that wasn’t:
“I am deeply disappointed that the FCC?s former Chief Information Officer (CIO), who was hired by the prior Administration and is no longer with the Commission, provided inaccurate information about this incident to me, my office, Congress, and the American people. This is completely unacceptable. I?m also disappointed that some working under the former CIO apparently either disagreed with the information that he was presenting or had questions about it, yet didn?t feel comfortable communicating their concerns to me or my office.
If you’re a kid just making your way into this brave, weird, world, blaming all of your employees is not what actual leadership looks like. You’ll also be shocked to learn that Pai, who harbors post-FCC political ambitions, isn’t being particularly truthful.
For one, Bray was hired under Wheeler but still served as Pai’s CIO for a notable chunk of his early tenure, making his claims Pai’s responsibility. Two, former FCC boss Tom Wheeler acknowledged recently he didn’t believe the DDOS claim, yet Pai not only did — but had PR staff double down on the claims. Pai also just floats over the fact that his office not only misled Congress, but repeatedly sold the DDOS claim to reporters as part of a bizarre bid to downplay public opposition. In reality, it now seems obvious Pai’s FCC just didn’t like the narrative of “millions of people are angry at the FCC for bad policy” that was bouncing around the media thanks to John Oliver, and thought doubling down on bullshit was an ingenious PR countermeasure.
In a statement of her own, Pai’s fellow Commissioner Jessica Rosenworcel got more to the point:
“The Inspector General Report tells us what we knew all along: the FCC?s claim that it was the victim of a DDoS attack during the net neutrality proceeding is bogus. What happened instead is obvious?millions of Americans overwhelmed our online system because they wanted to tell us how important internet openness is to them and how distressed they were to see the FCC roll back their rights. It?s unfortunate that this agency?s energy and resources needed to be spent debunking this implausible claim.”
And in a statement to Gizmodo Senator Ron Wyden was blunter still:
“This report shows that the American people were deceived by the FCC and Chairman Pai as they went about doing the bidding of Big Cable. It appears that maintaining a bogus story about a cyberattack was convenient cover to ignore the voices of millions of people who were fighting to protect a free and open internet. Americans face higher prices for streaming services and other content as a result of Chairman Pai?s repeal of net neutrality protections, and it?s going to sting even worse knowing they were lied to about it by their government. The fact that Chairman Pai and the FCC came clean only after their story was debunked by the inspector general is disappointing, but it?s sadly unsurprising in this administration.”
We’ll see if anything even vaguely resembling accountability stems from the FCC’s repeated efforts to mislead the press and public on this subject. And you can be sure this and the fake comments scandal will be popping up in the looming court fight over net neutrality. If nothing else, Pai’s providing everybody with a stellar example of what ethical leadership doesn’t look like, in case you needed yet another demonstration in 2018.