Oddly The Trump FCC Doesn't Much Want To Talk About Why It Made Up A DDOS Attack

from the radio-silent dept

Tue, Jun 12th 2018 6:38am — Karl Bode

We've discussed for a while how the FCC appears to have completely made up a DDOS attack in a bizarre effort to downplay the "John Oliver effect." You'll recall that both times the HBO Comedian did a bit on net neutrality (here's the first and the second), the resulting consumer outrage crashed the FCC website. And while the FCC tried to repeatedly conflate genuine consumer outrage with a malicious attack, they just as routinely failed to provide any hard evidence supporting their allegations, resulting in growing skepticism over whether the FCC was telling the truth.

Last week, e-mails obtained via FOIA request revealed that yes, FCC staffers routinely misled journalists in order to prop up this flimsy narrative, apparently in the belief they could conflate consumer outrage with criminal activity. The motive? It was likely for the same reason the FCC refused to do anything about the identity theft and bogus comments we witnessed during the repeal's open comment period: they wanted to try and downplay the massive, bipartisan public opposition to what the lion's share of Americans thought was an idiotic, corruption-fueled repeal of popular consumer protections.

Understandably with so much going on, the story floated semi-quietly under the cacophony of other national outrages. But the FCC's response to the story has proven to be somewhat comical all the same.

One of the FCC staffers accused of making false statements about the DDOS attack was recently departed FCC IT chief David Bray. Original reports stated that Bray and other staffers had been feeding this flimsy DDOS narrative to gullible reporters for years, then pointing to these inaccurate stories as "proof" the nonexistent attack occurred. Under fire in the wake of last week's report, Bray first doubled down on his claims, adding that the 2014 "attack" hadn't been publicized because former FCC boss Tom Wheeler covered it up. But Wheeler himself subsequently stated in a report late last week that this was unequivocally false:

"When I was in the greenroom waiting to come in here, I got an email from David Bray, who said 'I never said that you told us not to talk about this and to cover up,' which was the term that got used. Which of course is logical, because as the Gizmodo article that you referenced pointed out, A) FCC officials who were there at the time said it didn’t happen, [and] B) the independent IT contractors that were hired said it didn’t happen. So if it didn’t happen it’s hard to have a cover up for something that didn’t happen."

Since this story was first published, the Trump FCC (which you'll recall bragged it would be super transparent) has gone radio silent about the story. Multiple requests for comment from numerous news outlets have been ignored since the story broke:

"The FCC has gone dark on this issue. It is refusing to answer questions from reporters. It is even refusing to go on the record to say it stands by its own story about a malicious cyberattack causing its system to crash for a second time last year....(FCC media relations contact Brian Hart) did not respond to multiple follow ups. In fact, his office has not responded to related inquiries for the past eight days. And not just from Gizmodo; it did not respond to Newsweek nor Ars Technica either. When somehow reached by Nextgov, it declined to say anything at all.

It's understandable the FCC doesn't want to chat about why it's withholding data and repeatedly making false statements (pdf) to the press and public, especially given the GAO is currently investigating this whole kerfuffle. Between this and the identity theft and comment fraud during the net neutrality repeal's public comment period, one gets the aching suspicion there's a few additional layers to this story that have yet to be unearthed. Both issues may also make an appearance during legal efforts to get popular net neutrality rules restored.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: ajit pai, david bray, ddos, fcc, john oliver, lies

31 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

This comment has been flagged by the community. Click here to show it

Richard Bennett, 12 Jun 2018 @ 6:57am

Bode is a McBodeybodey face! Nyah!
[ link to this | view in chronology ]
- Anonymous Coward, 12 Jun 2018 @ 8:34am
  
  Re:
  Meme-fail
  [ link to this | view in chronology ]
  - Anonymous Coward, 12 Jun 2018 @ 8:59am
    
    Re: Re:
    Dick often does.
    [ link to this | view in chronology ]
Anonymous Coward, 12 Jun 2018 @ 7:00am

Im confused
The Obama administration supported net neutrality, so its bad right?
[ link to this | view in chronology ]
- Anonymous Coward, 12 Jun 2018 @ 11:43am
  
  Re: Im confused
  The Obama administration supported Trump's right to free speech too.
  [ link to this | view in chronology ]
  - Anonymous Coward, 13 Jun 2018 @ 4:42am
    
    Re: Re: Im confused
    Net neutrality == free speech?
    Well - yeah, sorta
    [ link to this | view in chronology ]
That Anonymous Coward (profile), 12 Jun 2018 @ 7:04am

Gee, one would think that an agency misleading the American public they are supposedly serving should result in something not nice happening to them.

They lied about a cyber attack.
They ignored their ballot box being stuffed.
They ignored citizens complaining they never submitted comments copy pasted in their name.
They lied about timelines & facts.
How can the public have any faith in an organization that clearly is beholden to the industry they were supposed to oversee?
[ link to this | view in chronology ]
- Iggy, 12 Jun 2018 @ 7:15am
  
  Re:
  As I pointed out earlier, for a normal person this would be called Fraud, Perjury, and Obstruction of Justice. Whether Ajit Pai will share the fate of other fraudsters like Martin Skrelli remains to be seen but he is a criminal nonetheless.
  [ link to this | view in chronology ]
  - Thad, 12 Jun 2018 @ 8:08am
    
    Re: Re:
    While I think it's clear that Pai lied, and dragged his feet on FOIA compliance to hide that lie, I'm not seeing how that meets the legal standard for fraud, perjury, or obstruction of justice. Do you have a legal argument for how, specifically, it meets those definitions?
    [ link to this | view in chronology ]
    - James Burkhardt (profile), 12 Jun 2018 @ 9:05am
      
      Re: Re: Re:
      Seconded.
      [ link to this | view in chronology ]
      - Anonymous Coward, 12 Jun 2018 @ 9:23am
        
        Time to bring in the Inspector General
        This is clearly government fraud at the very least, and there are guidelines and processes for dealing with it. Time to bring in the IG team to review the complaints. Doesn't take an act of Congress to initiate a complaint under Fraud, Waste, and Abuse rules.
        https://www.fcc.gov/inspector-general
        [ link to this | view in chronology ]
    - Anonymous Coward, 12 Jun 2018 @ 12:07pm
      
      Re: Re: Re:
      While it may not be fraud, perjury or obstruction of justice, "lying to the FBI" is technically a crime and one which is thrown at people fairly often when nothing else will stick.
      
      While I can't guarantee that the FCC made any official government report of the DDoS attack, there is some likelihood that they did, in which case said report would have been forwarded to the FBI as a criminal action against a government agency.
      
      That, then, would meet the legal standard for "lying to the FBI," and potentially for filing a false complaint.
      [ link to this | view in chronology ]
      - James Burkhardt (profile), 12 Jun 2018 @ 2:13pm
        
        Re: Re: Re: Re:
        Except, lying to the FBI is actually called obstruction of justice, and the lie would need to be during the course of an investigation, which is less likely to be true.
        [ link to this | view in chronology ]
- Anonymous Coward, 12 Jun 2018 @ 7:24am
  
  Re:
  
  How can the public have any faith in an organization that clearly is beholden to the industry they were supposed to oversee?
  
  It's funny how you think that Republicans want the public to have faith in any part of the government.
  [ link to this | view in chronology ]
  - That Anonymous Coward (profile), 13 Jun 2018 @ 4:20am
    
    Re: Re:
    They keep talking about how they want a free-market...
    now if we could teach them what the word actually means.
    [ link to this | view in chronology ]
Anonymous Coward, 12 Jun 2018 @ 7:13am

Oddly...
No. It would be odd if they *did*.
[ link to this | view in chronology ]
Anonymous Coward, 12 Jun 2018 @ 7:20am

If lying to a fed is a serious crime...
lying *by* one should be also.
[ link to this | view in chronology ]
Joel Coehoorn, 12 Jun 2018 @ 8:06am

Pointless
This is silly and pointless...

OF COURSE the incident was just the John Oliver effect.

But from the FCC's perspective, it's still a DDoS. It's just implemented differently, through social engineering rather than technical means. They can call it like this if they want.

The better approach would be to say, "Hey, this social-engineered DDoS is only possible mainly because of your own behavior. Why are you doing something that so easy to mock?"
[ link to this | view in chronology ]
- Thad, 12 Jun 2018 @ 8:12am
  
  Re: Pointless
  
  But from the FCC's perspective, it's still a DDoS. It's just implemented differently, through social engineering rather than technical means. They can call it like this if they want.
  
  Except they specifically said that it wasn't related to the Oliver segment.
  
  These were deliberate attempts by external actors to bombard the FCC’s comment system with a high amount of traffic to our commercial cloud host. These actors were not attempting to file comments themselves; rather they made it difficult for legitimate commenters to access and file with the FCC.
  
  [ link to this | view in chronology ]
  - Anonymous Coward, 12 Jun 2018 @ 8:50am
    
    Re: Re: Pointless
    Well, obviously all of these external Oliver-inspired actors that were bombarding the comment system were getting in the way of the FCC bots that were trying to post valid anti-NN criticism ;)
    [ link to this | view in chronology ]
ryuugami, 12 Jun 2018 @ 9:11am

(FCC media relations contact Brian Hart) did not respond to multiple follow ups. In fact, his office has not responded to related inquiries for the past eight days. And not just from Gizmodo; it did not respond to Newsweek nor Ars Technica either. When somehow reached by Nextgov, it declined to say anything at all.

That's pretty hilarious, for an entity named Federal Communications Commission.
[ link to this | view in chronology ]
Anonymous Coward, 12 Jun 2018 @ 9:19am

rename them to the FSB...
[ link to this | view in chronology ]
Another Anonymous Coward, 12 Jun 2018 @ 10:22am

First Rule of Holes
When you find yourself in a hole, quit digging.

Apparently the FCC does know that, at least.
[ link to this | view in chronology ]
- Anonymous Coward, 12 Jun 2018 @ 10:44am
  
  Re: First Rule of Holes
  Is the second rule also quit digging?
  [ link to this | view in chronology ]
  - Anonymous Coward, 13 Jun 2018 @ 2:37am
    
    Re: Re: First Rule of Holes
    Nah, its bring a ladder - they also appear to have forgotten that one.
    [ link to this | view in chronology ]
ECA (profile), 12 Jun 2018 @ 11:10am

Strange comment included..
Its a wonder that a DDOS attack can happen on a Gov. server, DESIGNED to handle an inrush of Email and comments..

What does the Gov. expect? Iv seen major sites DROP DEAD because of 1,000,000+ hits in a short period.
Wouldnt you think that BECAUSE they cant handle this amount of data in a short period, it Justifies the NEED for improved internet?? Esp to the GOV. SITES???
[ link to this | view in chronology ]
Ninja (profile), 12 Jun 2018 @ 12:05pm

They are too busy choking on their arguments of how wonderful they are and how repealing NN rules will make milk and honey flow out of your internet connections. Ahem.
[ link to this | view in chronology ]
Tim R (profile), 12 Jun 2018 @ 12:20pm

"The FCC has gone dark on this issue"

Take notes, FBI. This is how you properly use the phrase.
[ link to this | view in chronology ]
- Anonymous Coward, 12 Jun 2018 @ 1:03pm
  
  Re:
  Huh?
  
  I thought a "gone-dark" was a fictional creature that you can pull the ears off of.
  [ link to this | view in chronology ]
Bergman (profile), 12 Jun 2018 @ 2:25pm

A funny thought occurred to me...
If the DDoS attack that never was is a valid reason not to comply with existing laws, then a company could indefinitely dodge warrant or subpoena compliance by making the one channel they are able to respond through so low bandwidth that it crashes under a single response.
[ link to this | view in chronology ]
- OldGeezer (profile), 12 Jun 2018 @ 8:51pm
  
  Re: A funny thought occurred to me...
  Or they could claim they were bombarded by so many copy/pasted bots by the living & dead that people calling in response to Oliver's reporting couldn't get through.
  [ link to this | view in chronology ]