FCC’s DDoS Claims Will Be Investigated By Government
Above Photo: Getty Images | Bill Hinton
Google is blocking our site. Please use the social media sharing buttons (upper left) to share this on your social media and help us break through.
GAO will investigate after Democrats asked for evidence that attacks happened.
The US Government Accountability Office (GAO) will investigate DDoS attacks that allegedly targeted the Federal Communications Commission’s system for accepting public comments on FCC Chairman Ajit Pai’s plan to roll back net neutrality rules.
Senator Brian Schatz (D-Hawaii) and Rep. Frank Pallone (D-N.J.) requested the investigation in August, and the GAO recently confirmed that it accepted the Schatz/Pallone request.
Among other things, Schatz and Pallone are looking for evidence that the attacks actually happened. The FCC has not “released any records or documentation that would allow for conﬁrmation that an attack occurred,” they said in their letter to the GAO.
Skepticism about DDoS and outage
The FCC’s public comment website suffered an outage on May 8, just as the commission was receiving an influx of pro-net neutrality comments spurred by comedian John Oliver’s HBO segment on the topic.
The FCC attributed the downtime solely to “multiple” DDoS attacks and said the attacks were “deliberate attempts by external actors to bombard the FCC’s comment system with a high amount of traffic to our commercial cloud host.”
However, the FCC has repeatedly thwarted efforts to obtain more details on the attacks and the commission’s response to them. Net neutrality activist group Fight for the Future released a petition asking if the FCC “invent[ed] a fake DDoS attack to cover up the fact that they lost comments from net neutrality supporters.”
Schatz and Pallone asked the GAO to find out what evidence the FCC used to determine that a cyberattack took place and what documentation the FCC developed during its investigation.
The Democratic lawmakers also want the GAO to examine whether the FCC is prepared to prevent future attacks. The GAO decision to investigate was reported by Politico last week.
When contacted by Ars, a GAO spokesperson did not say exactly what topics the investigation will cover. The investigation also won’t start for another few months, so the answer probably won’t come until after the FCC makes a final decision on rescinding net neutrality rules.
“The work, since it was accepted, is now in the queue, but won’t get underway for several months when staff become available,” the GAO told Ars. “Once it does start, then one of the first steps will be to determine the exact scope of what it will cover and the methodology we’ll use.” There is “no timeline” for completing the investigation “until those things are determined.”
Despite the brief outage, the FCC ultimately collected more than 22 million comments on its plan to overturn the 2015 decision that stepped up regulation of broadband providers and imposed net neutrality rules. Most comments were generated by form letter campaigns or were spam, but one analysis found that 98.5 percent of unique comments support the existing net neutrality rules.