FCC admits net neutrality DDoS attack was work of fiction

FCC chairman Ajit Pai pins error on former CIO providing "inaccurate information"

The US Federal Communications Commission has admitted that the alleged hack which blocked pro-net neutrality comments never happened, sparking outrage amongst activists.

FCC Chairman Ajit Pai released a statement yesterday confirming that the outage that prevented many people from leaving comments on the FCC's net neutrality proposal last May was not caused by "external" actors as previously suggested, but instead by inadequate IT systems, implying that it was overwhelmed by the sheer volume of commenters.

The statement follows the conclusion of an investigation by the FCC's Inspector General into the agency's claims that it fell victim to a DDoS attack. Pai has primarily blamed ex-CIO David Bray for spreading the DDoS story, as well as implying that the technical failings were the result of mismanagement by the Obama-era FCC leadership.

"I am deeply disappointed that the FCC's former Chief Information Officer (CIO), who was hired by the prior Administration and is no longer with the Commission, provided inaccurate information about this incident to me, my office, Congress, and the American people," Pai said in a statement.

Advertisement
Advertisement - Article continues below

"It has become clear that in addition to a flawed comment system, we inherited from the prior Administration a culture in which many members of the Commission's career IT staff were hesitant to express disagreement with the Commission's former CIO in front of FCC management."

He also stated that the organisation's Electronic Comment Filing System (ECFS) was deeply in need of updating, and the FCC has pledged to improve it with the help of a congressional grant.

Many campaigners, however, are now calling for Congress to reinstate the net neutrality rules rolled back by the FCC, with Fight for the Future's deputy director Evan Greer arguing that the FCC's actions have rendered the pretext for the repeal "illegitimate".

"Under Ajit Pai's leadership, the FCC sabotaged its own public comment process," she said in a statement. "From ignoring millions of fraudulent comments using stolen names and addresses to outright lies about DDoS attacks that never happened, the agency recklessly abdicated its responsibility to maintain a functional way for the public to be heard."

"Pai attempts to blame his staff, but this happened on his watch, and he repeatedly obstructed attempts by lawmakers and the press to get answers. The repeal of net neutrality was not only unpopular, it was illegitimate. Congress must act now to pass the CRA resolution to reverse this decision and restore basic protections for Internet freedom."

The outage that the FCC initially blamed on a DDoS attack occurred last year, while the regulator was still in the process of gathering feedback and comments on whether or not to keep net neutrality rules in place. Powerful telco lobbies were in favour of repealing the rules, but polls showed that most ordinary people supported them, and the FCC's request for comment represented one of the only opportunities for them to make their opinions heard.

This was fuelled particularly by comedian John Oliver, after a segment on net neutrality from his HBO show Last Week Tonight went viral. The segment included simple instructions on how to leave a comment in support of net neutrality, and the FCC was promptly flooded with over 1.6 million responses. Shortly afterwards, the ECFS experienced a major outage, leaving people unable to post any further comments.

Although it's impossible to say for certain that the influx of feedback was a direct result of Oliver's segment, it's highly likely - particularly as the same thing happened in 2014. In a separate episode three years earlier, Oliver also issued a similar plea to users asking them to get in touch with the FCC to support net neutrality rules, after which the regulator received another deluge of comments.

The FCC's comments system went down in this instance too but, at the time, the watchdog (then led by Democrat Tom Wheeler) blamed the outage on the unexpected spike in traffic, coupled with old and ailing software.

While logic (and Pai's statement) would suggest that the same thing happened last year, the FCC instead insisted that the recent outage was the result of a DDoS attack. FCC officials also told reporters that the 2014 outage was also caused by a DDoS and that Wheeler was covering it up, according to a Gizmodo report

Advertisement
Advertisement - Article continues below

Multiple sources have disputed these accounts, citing the FCC's refusal to produce any evidence in support of its claims. In fact, the Government Accountability Office is still in the midst of an independent investigation into the FCC's claims. This investigation is separate from the Inspector General's report, which has not yet been made public.

"The Inspector General Report tells us what we knew all along," said Jessica Rosenworcel, a Democrat member of the FCC and staunch defender of net neutrality; "The FCC's claim that it was the victim of a DDoS attack during the net neutrality proceeding is bogus."

Image: Shutterstock

Featured Resources

The essential guide to cloud-based backup and disaster recovery

Support business continuity by building a holistic emergency plan

Download now

Trends in modern data protection

A comprehensive view of the data protection landscape

Download now

How do vulnerabilities get into software?

90% of security incidents result from exploits against defects in software

Download now

Delivering the future of work - now

The CIO’s guide to building the unified digital workspace for today’s hybrid and multi-cloud strategies.

Download now
Advertisement

Recommended

Visit/strategy/28115/the-pros-and-cons-of-net-neutrality
Business strategy

The pros and cons of net neutrality

4 Nov 2019

Most Popular

Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/cloud/amazon-web-services-aws/354223/what-to-expect-from-aws-reinvent-2019
Amazon Web Services (AWS)

What to expect from AWS Re:Invent 2019

29 Nov 2019
Visit/hardware/354232/raspberry-pi-4-owners-complain-of-broken-wi-fi-when-using-hdmi
Hardware

Raspberry Pi 4 owners complain of broken Wi-Fi when using HDMI

29 Nov 2019
Visit/mobile/google-android/354189/samsung-galaxy-a90-5g-review-simply-the-best-value-5g-phone
Google Android

Samsung Galaxy A90 5G review: Simply the best value 5G phone

22 Nov 2019