FCC Lied To Congress About Alleged DDoS Attack
The Inspector General’s Office claims the Federal Communications Commission lied to Congress several times in a letter that addressed questions about an alleged DDoS attack, which turned out to have never occurred, according to an Ars Technica report.
The US attorney has declined to prosecute anyone in the FCC despite the lies to Congress.
In May 2017, Sens. Ron Wyden (D-Ore.) and Brian Schatz (D-Hawaii) sent a letter to the FCC with questions about an alleged DDoS attack that occurred on May 7 and 8 in 2017 after the agency was bombarded with public comments opposing FCC Chairman Ajit Pai’s plan to eliminate net neutrality rules. The spike in comments occurred after comedian John Oliver asked Last Week Tonight‘s viewers to oppose Pai’s net neutrality repeal.
In its response to the letter, the FCC’s former CIO David Bray made several false and misleading statements, including that the FCC system outage on May 7 and 8, 2017 was caused by a DDoS attack.
“Our analysis reveals that the FCC was subject to multiple distributed denial-of-service attacks (DDoS). These were deliberate attempts by external actors to bombard the FCC’s comment system with a high amount of traffic to our commercial cloud host,” Bray wrote.
Investigators discovered that the DDoS never attacks occurred. Instead the FCC’s IT team was unprepared for the heavy traffic caused by Oliver’s comments.
In response to the IG’s report, Wyden issued a statement condemning Pai and the FCC for creating a “bogus story” while repealing net neutrality rules.
“This report shows that the American people were deceived by the FCC and Chairman Pai as they went about doing the bidding of Big Cable. It appears that maintaining a bogus story about a cyber attack was convenient cover to ignore the voices of millions of people who were fighting to protect a free and open Internet.,” Wyden said.
“Americans face higher prices for streaming services and other content as a result of Chairman Pai’s repeal of net neutrality protections, and it’s going to sting even worse knowing they were lied to about it by their government. The fact that Chairman Pai and the FCC came clean only after their story was debunked by the inspector general is disappointing, but it’s sadly unsurprising in this administration,” Wyden said.
The IG’s investigation first tried to determine was behind the alleged attacks, but “shifted into an investigation of false statements made by Bray, Tony Summerlin, and [FCC Chief Information Security Officer] Leo Wong in responses to congressional inquiries,” according to the IG report.
The investigation found six false statements to Congress, including that a DDoS attack caused by malicious bots had occurred.