FCC claims overnight DDoS attacks



Written by

The Federal Communications Commission claims it was the victim of several distributed denial of service attacks causing delays for users of its Electronic Comment Filing System.

At about midnight Sunday night, the FCC experienced “deliberate attempts by external actors to bombard the FCC’s comment system with a high amount of traffic to our commercial cloud host,” according to a statement Monday afternoon from CIO David Bray.

The alleged DDoS attack took place after HBO’s “Last Week Tonight” host and comedian John Oliver once again took on net neutrality in a segment Sunday night, urging viewers to visit the FCC’s website and use the ECFS to share their displeasure with a newly proposed rollback of net neutrality rules.

In 2014 when the FCC was considering a similar restructuring of net neutrality rules, Oliver first advocated for open internet on his show, and consequently, a flood of viewers crashed the commission’s website.

Bray claims in this latest case, it wasn’t legitimate commenters who tied up the cloud host, but bad actors who “made it difficult for legitimate commenters to access and file with the FCC.” Though the comment system wasn’t taken offline, the CIO said, “these DDoS events tied up the servers and prevented them from responding to people attempting to submit comments.”

Bray did not mention the HBO show in his statement.

At least one organization isn’t buying the FCC’s claims. Fight for the Future, a group that stands strongly against the possible FCC net neutrality rollbacks, worries that the FCC is either being “misleading” or there was really a DDoS attack coinciding Oliver’s show, preventing “people from commenting in support of keeping the Title II net neutrality rules that millions of people fought for in 2015,” Campaign Director Evan Greer said in a statement.

Greer called on the FCC to release its logs from Sunday night and Monday morning “to an independent security analyst or major news outlet to verify exactly what happened last night. The public deserves to know, and the FCC has a responsibility to maintain a functioning website and ensure that every member of the public who wants to submit a comment about net neutrality has the ability to do so.”

In the aftermath 2014 “distraction,” as Bray described it, the FCC underwent a major IT overhaul, eliminating hundreds of unnecessary legacy systems and modernizing systems for 21st century workloads. More than 4 million comments were filed related to that notice of proposed rulemaking, which Bray said at the time accounted for about 40 to 45 percent of the total amount of comments ECFS had seen in its then 18-year history.

The FCC declined to comment further.

-In this Story-

David Bray, DDoS, FCC, Last Week Tonight