Broadband

by Karl Bode


Filed Under:
ajit pai, david bray, ddos, fcc, gao, net neutrality



GAO Will Investigate The FCC's Dubious DDoS Attack Claims

from the somethin'-fishy-goin'-on dept

You might recall that when HBO comedian John Oliver originally tackled net neutrality on his show in 2014, the FCC website crashed under the load of concerned consumers eager to support the creation of net neutrality rules. When Oliver revisited the topic last May to discuss FCC boss Ajit Pai's myopic plan to kill those same rules, the FCC website crashed under the load a second time. That's not particularly surprising; the FCC's website has long been seen as an outdated relic from the wayback times of Netscape hit counters and awful MIDI music.

But then something weird happened. In the midst of all the media attention Oliver was receiving for his segment, the FCC issued a statement (pdf) by former FCC Chief Information Officer David Bray, claiming that comprehensive FCC "analysis" indicated that it was a malicious DDoS attack, not angry net neutrality supporters, that brought the agency's website to its knees:

"Beginning on Sunday night at midnight, our analysis reveals that the FCC was subject to multiple distributed denial-of-service attacks (DDos). These were deliberate attempts by external actors to bombard the FCC’s comment system with a high amount of traffic to our commercial cloud host. These actors were not attempting to file comments themselves; rather they made it difficult for legitimate commenters to access and file with the FCC."

But security researchers who studied that claim found none of the usual indicators that would normally precede such an attack. And subsequent news outlet FOIA requests wound up showing that not only does there appear to have never been any such attack, there was no "analysis" conducted or documented. When media outlets began noticing that something fishy was going on, the FCC issued a punchy statement accusing the media of being "completely irresponsible," while claiming it had plenty of data proving its attack claims (its FOIA responses to journalists state the complete opposite) -- it just didn't want to show its hand.

Most FCC watchers think there's two options here. One, the FCC was incompetent and misread John Oliver viewers as a DDoS attack, then tried to cover up said incompetence. Or the FCC knew it wasn't a DDoS attack, but constructed the narrative to try and downplay media coverage of the plan's unpopularity, then tried to cover that up. The former is certainly in character, but the latter would go hand in hand with the agency's apathy toward whoever has been spamming the FCC's website with fraudulent "support" for what is fairly uniformly seen as shitty policy and a mindless hand out to big telecom.

Heeding calls for something vaguely resembling an answer, the General Accounting Office (GAO) has agreed to launch an investigation into what actually happened at the FCC:

"A spokesman for the Government Accountability Office (GAO) confirmed it has accepted a request from two Democratic lawmakers to probe the distributed denial of service (DDoS) attack that the FCC said disrupted its electronic comment filing system in May. The spokesman said that the probe, which was first reported by Politico, is “now in the queue, but the work won’t get underway for several months."

While this story will likely get buried by more pressing news, this inquiry could be notably important in regards to the FCC's attempts to scuttle net neutrality. If the GAO inquiry finds that the FCC was inept or engaged in a cover up, that could raise all manner of procedural questions over whether the FCC was serving the public interest and following established agency protocol. Combined with the agency's obvious apathy to the fact that some group is engaged in fraud to generate bogus support for killing net neutrality, whatever the GAO finds could provide some very interesting fodder for the lawsuits to come.


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    That Anonymous Coward (profile), 17 Oct 2017 @ 6:23am

    "but the work won’t get underway for several months"

    And by that time the media cycle will be onto the next stupidity thing.

    It's common sense to know that something is fishy about the FCC tall tale, yet until its dis-proven it will be used as needed to support various claims.

    Is it really bullshit if we don't discover the proof until the cowchip has fully dried out?

    Maybe we should just move to Mos Eisley, at least their travel brochure admits they are all liars and cheats.

    reply to this | link to this | view in chronology ]

    • identicon
      kallethen, 17 Oct 2017 @ 7:35am

      Re:

      And by that time the media cycle will be onto the next stupidity thing.

      Way too late. We've been on the next stupidity thing after the last stupidity thing after the prior stupidity thing after FCC stupidity thing.

      Maybe even further.

      reply to this | link to this | view in chronology ]

    • icon
      R.H. (profile), 18 Oct 2017 @ 9:12am

      Re:

      Don't be too worried about the timing. Due to the nature of FCC rule changes, this change may end up "going live" around the same time as the GAO investigation is tying up. That will keep them both in the same news cycle. If the truth about the system came out now, months before the rules were finalized, the public might forget about it before the final push to keep the FCC from doing something stupid.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 17 Oct 2017 @ 6:25am

    there's a hell of a lot more about the present FCC that needs investigating, particularly the total absence of consideration by Pai for the very people, the general public, that he and his opoes are supposed to be protecting!!

    reply to this | link to this | view in chronology ]

  • icon
    Bt Garner (profile), 17 Oct 2017 @ 6:59am

    From the FCC's point of view, is there really any difference between a bunch of people who disagree with them, making their options known; and a DDoS attack?

    reply to this | link to this | view in chronology ]

    • icon
      That One Guy (profile), 17 Oct 2017 @ 7:21am

      Re:

      One of them is a bunch of unwanted traffic comprised of nothing but gibberish that they couldn't care less about beyond it affecting the ability for their site to function.

      The other is a DDoS attack.

      reply to this | link to this | view in chronology ]

  • icon
    Berenerd (profile), 17 Oct 2017 @ 7:15am

    The GAO will find that the FCC doesn't have servers and that the non servers were in Kushner's linen closet.

    reply to this | link to this | view in chronology ]

  • identicon
    Baron von Robber, 17 Oct 2017 @ 7:25am

    GAO will find the FCC was an alt-attack by an alt-DDOS that affected their alt-computers.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 17 Oct 2017 @ 7:33am

    It's been the Government Accountability Office since 2004. Just a heads up.

    reply to this | link to this | view in chronology ]

  • icon
    Vidiot (profile), 17 Oct 2017 @ 7:51am

    GAO... wonderful! They'll find real, hard evidence of what actually took place.

    Too bad we've abandoned that old-timey "evidence based" notion. We can still check Twitter, though, to find out what REALLY happened.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 17 Oct 2017 @ 9:27am

    "Beginning on Sunday night at midnight, Presumably correct.

    our analysis reveals that the FCC was subject to multiple distributed denial-of-service attacks (DDos). Probably wrong if only for 'multiple'.

    These were deliberate attempts by external actors to bombard the FCC’s comment system with a high amount of traffic to our commercial cloud host. Dead on.

    These actors were not attempting to file comments themselves; Correct.

    rather they made it difficult for legitimate commenters to access and file with the FCC." This is flat-out wrong, considering (iirc) John Oliver's show was directing people to it with every intention of filing legitimate comments- but perhaps it's correct if you realize that the legitimate comments they're complaining were made difficult to file were the ones in support of slashing NN.

    So really, everything they said is perfectly correct!

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 17 Oct 2017 @ 10:55am

    The dog ate the evidence.

    Honest!

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 18 Oct 2017 @ 8:49am

    The Slashdot effect

    The GAO will find it was the Slashdot effect which will lead to the FCC wanting to shut down Slashdot.

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Insider Shop - Show Your Support!

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.