Lawmakers Want The GAO To Investigate The FCC's Flimsy DDoS Claim

from the phantom-cyber-assault dept

Tue, Aug 22nd 2017 10:16am — Karl Bode

We've noted a few times that the FCC's claim it suffered a DDoS attack -- at the precise moment John Oliver was directing annoyed net neutrality supporters to the agency's website -- is more than a little shaky. After initially insisting that major "analysis" had led the agency to conclude it was attacked the same evening Oliver was informing viewers about the FCC's plan to gut popular net neutrality protections, press FOIA requests indicated that no such analysis occurred. Security analysts have stated there were none of the usual indicators surrounding a traditional DDoS attack, fueling skepticism of the FCC's claims.

When media outlets began pointing out that the FCC was acting really suspicious about this whole thing, the agency lambasted news outlets for being "completely irresponsible." And while the FCC has consistently tried to claim it has oodles of evidence proving the DDoS attack occurred, agency lawyers are telling journalists that have filed FOIA requests that no such evidence exists. Skepticism has only mounted after additional Gizmodo reports indicated that at least one FCC staffer appears to have a habit of manufacturing cyber attacks out of whole cloth.

Needless to say, the FCC's odd behavior, combined with its decision to turn a blind eye to comment system fraud during the net neutrality proceeding, have raised a few eyebrows among lawmakers. Senator Ron Wyden recently argued that "it would be hard for a government agency to do more to give off the impression that it was engaged in a cover up." Similarly, Senator Brian Schatz and Rep. Frank Pallone fired off a letter last week to the GAO, urging it to investigate the FCC's handling of cyber attacks and its ability to protect the agency website:

"While the FCC and the FBI have responded to Congressional inquiries into these DDoS attacks, they have not released any records or documentation that would allow for conﬁrmation that an attack occurred, that it was effectively dealt with, and that the FCC has begun to institute measures to thwart future attacks and ensure the security of its systems. As a result, questions remain about the attack itself and more generally about the state of cybersecurity at the FCC—questions that warrant an independent review."

The duo also were quick to highlight how the FCC is similarly refusing to adequately police comment fraud during its net neutrality proceeding:

“The FCC’s lack of action in preventing or mitigating this issue is also cause for concern. In fact, taken together, these situations raise serious questions about how the public makes its thoughts known to the FCC and how the FCC develops the record it uses to justify decisions reached by the agency."

The journalist theory du-jour remains that the FCC idiotically made up a DDOS attack to downplay the massive opposition to the agency's plan to gut net neutrality (we aren't doing something in violent opposition to the public interest, we were just unfairly attacked!)

Similarly, it's believed Trump's FCC is refusing to police comment fraud so it can try and claim that the more than 20 million public comments filed with the agency (the majority in support of net neutrality) are compromised and therefore shouldn't be taken seriously. And whether the GAO launches an investigation or not, expect the FCC's behavior here to be front and center when it's inevitably sued for ignoring the public interest and voting to kill popular net neutrality protections later this year.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: ddos, fcc, net neutrality

13 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Anonymous Coward, 22 Aug 2017 @ 10:24am

It'd sure be nice to think they shot themselves in the foot in a telling manner here.
On the other hand, somehow I can't believe something as small as just lying is going to get anyone in trouble.
[ link to this | view in chronology ]
- Anonymous Coward, 22 Aug 2017 @ 12:13pm
  
  Re:
  Actually this can be a lot more narly than just lying. If such a complain goes through, it would be difficult for FCC to defend whatever they give the politicians in this case, before the air is cleared and the case has been investigated.
  
  Unless they have some incredibly good spin on their appearantly contradictory statements, the case will end in civil lawsuits too. If the civil lawsuits can get reasonably close to a conclusion, these politicians will be able to stall it untill the results of those cases have been incorporated in the FCC NN-recommandations...
  
  Worst case scenario for NN-supporters is a significant stall of the NN-removal. Best case, there are several extra hooks that will crusify the FCC trustworthiness and thus any trust in the material congress wants before they repeal and replace NN. If NN-opposers try to rush it... They will look irredeemably bought and make themself basically unelectable.
  
  Lying is small potatoes. This one has enough hooks to get the ball rolling. How far it can get is a gamble, but it has enough controversy already to become a headache for anyone with a dream of reelection that relies on FCC.
  [ link to this | view in chronology ]
  - Bergman (profile), 22 Aug 2017 @ 9:32pm
    
    Re: Re:
    Lying to the general public is one thing, but lying to Congress can result in prison time. I'm hoping that the habitual liars at the FCC will continue their habit without thinking of the consequences.
    [ link to this | view in chronology ]
    - Anonymous Coward, 23 Aug 2017 @ 3:59pm
      
      Re: Re: Re:
      Lying to congress has been ignored in the past and sir Pai can relax with the current majority in congress supporting his general political stance. It would have to be a very obvious and specific lie before congress acts on it.
      [ link to this | view in chronology ]
stderric (profile), 22 Aug 2017 @ 12:03pm

somehow I can't believe something as small as just lying is going to get anyone in trouble.

Being this mind-numbingly bad at it might. Pai & Friends aren't exactly doing things with even the minimum competence their future corporate bosses expect from their underlings.
[ link to this | view in chronology ]
- Anonymous Coward, 23 Aug 2017 @ 1:22am
  
  Re:
  Oh I don't know, they would fit right in the Comcast Customer service department.
  [ link to this | view in chronology ]
  - Anonymous Coward, 24 Aug 2017 @ 10:56am
    
    Re: Re:
    Awesome, what do you think the FCC actually is?
    
    Wheeler had to go because he was no longer a good little Comcast Customer service agent. That was why congressional hearings were held about his consumer protecting work. He was chosen for the position based on his previous history, but he changed teams from corporation to customer.
    [ link to this | view in chronology ]
Annonymouse, 22 Aug 2017 @ 12:12pm

Instead of charges or sueing the agency why not bring everything to bear on the instigators themselves?
If the buck stops there then by god the buckets of barn sweepings belong there as well.
[ link to this | view in chronology ]
Anonymous Coward, 22 Aug 2017 @ 1:03pm

wont happen! Pai has bigger names on his side than those trying to do this!
[ link to this | view in chronology ]
- Anonymous Coward, 22 Aug 2017 @ 6:26pm
  
  Re:
  lol.
  [ link to this | view in chronology ]
Anonymous Coward, 22 Aug 2017 @ 2:11pm

Didn't anyone ever teach you to define your acronyms and abbreviations the first time you use them? At no point do you ever explain wtf "The GAO" is. I'm just left to assume that they're going to sick Madam Gao on them.
http://marvelcinematicuniverse.wikia.com/wiki/Madame_Gao
[ link to this | view in chronology ]
- Wenike, 22 Aug 2017 @ 2:17pm
  
  Re:
  Took me a bit while reading through it, but then I remembered about the Government Accountability Office https://en.wikipedia.org/wiki/Government_Accountability_Office
  [ link to this | view in chronology ]
- That One Guy (profile), 22 Aug 2017 @ 3:47pm
  
  Re:
  As insane as that would be a simple search of wikipedia would have netter you this, with the tl;dr version being something along the lines of 'The agency tasked with auditing the actions/programs proposed and/or put in place by other parts of the government'.
  [ link to this | view in chronology ]