FCC Claims DDOS Attack On Comment Section Brought Down Site

After several efforts to stop the gutting of network neutrality were initiated, the FCC website crashed. Today, the FCC is saying that it was hit by a DDOS attack.

The FCC (Federal Communications Commission) indicated that they intend on scrapping Title II, a law that protects network neutrality last month. American’s responded by going to the FCC’s website in droves to complain that this is the wrong move. The response was so overwhelming, the FCC’s website crashed and later experienced intermittent outages.

What ultimately triggered many American’s to go to the FCC was late night talk show host John Oliver setting up a website to help make it quick and easy for American’s to express opposition to the FCCs move to gut network neutrality. Because the FCC website went down shortly after the campaign was launched, most were attributing the campaign to the websites downtime. After all, the timeline of events does make sense.

Apparently, this narrative of events is not sitting well with the FCC. So, the commission issued a press release with a different narrative. The FCC claims that, coincidentally, right after Oliver launched the campaign, the website was the subject of a DDOS attack. The malicious DDOS attack in question just so happens to specifically target the comments section of the website. As a result, the website went down, preventing American’s from voicing their opinion on matters. For those, who think this is a pretty far-fetched commentary of the FCC comments, you can read the press release yourself here (PDF). The full statement is as follows:

WASHINGTON, May 8, 2017 – Federal Communications Commission Chief Information Officer Dr. David Bray issued the following statement today regarding the cause of delays experienced by consumers recently trying to file comments on the FCC’s Electronic Comment Filing System (ECFS):

“Beginning on Sunday night at midnight, our analysis reveals that the FCC was subject to multiple distributed denial-of-service attacks (DDos). These were deliberate attempts by external actors to bombard the FCC’s comment system with a high amount of traffic to our commercial cloud host. These actors were not attempting to file comments themselves; rather they made it difficult for legitimate commenters to access and file with the FCC. While the comment system remained up and running the entire time, these DDoS events tied up the servers and prevented them from responding to people attempting to submit comments. We have worked with our commercial partners to address this situation and will continue to monitor developments going forward.”

The explanation was greeted with skepticism by some. Gizmodo writer Libby Watson notes about a more diplomatic response with the following:

As Recode reporter Tony Romm pointed out, this statement raises a lot more questions than it answers. What is the “analysis” that apparently proves the crash came from a coordinated attack, and not from Oliver’s segment? How did those performing that “analysis figure this out? For outside observers, it’s tough to say exactly what’s going on: A DDoS and a crash due to an innocent increase in traffic would both likely look fairly similar for the user. What differentiates a website crashing due to genuine traffic from a DDoS attack is that DDoS typically involves a hacker commanding a “botnet”—an army of malware infected devices—to flood a website with traffic, clogging it with requests until it becomes inaccessible to the public.

But given the dearth of details in the FCC’s statement, it’s pretty much impossible for anyone not privy to the “analysis” to tell what actually happened. Moreover, according to tweets sent at the time, the site went down almost immediately after Oliver’s show ended

Either way, it’s odd and unfortunate timing, both for the FCC and for people who were trying to file comments. If the DDoS attack really did occur, it’s easy to see this as the FCC attempting to distract from getting epically owned by so many pro-net neutrality commenters. And if it didn’t, the FCC would be telling a pretty big fib about why people couldn’t access the site.

The comments were less than diplomatic. “How much planning goes into a DDoS attack?” Asks ThisismyBurner, “Its an entire network of bots so how feasible is it that someone saw the show, said fuck it and unleashed an attack?”

Commentators on Fark were more than happy to ridicule the statement.

“So the next time I get a ticket from customer who didn’t properly scale their system and do load testing,” writes Diogenes, “I’m going to tell them it was a DDOS attack and close the ticket.”

kregh99 remarks, “The FCC is in denial about serving the American people.”

mongbiohazard comments: “Lying to save face, huh? Pretty typical for the type of oligarchic, authoritarian government the GOP wants.”

It would appear that not a lot of people are willing to believe the statement at face value.

Drew Wilson on Twitter: @icecube85 and Google+.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: