Gizmodo: FCC Says It Has No DDoS Analysis

Website/blog Gizmodo says the FCC has conceded in response to a FOIA request that it does not have analysis to support the assertion that it suffered from a DDoS attack at about the time HBO comedian John Oliver had prompted a flood of pro-Title II comments to the FCC docket.

FCC spokesman Brian Hart took issue with the characterization.

While FCC chief information officer David Bray had said on May 8 "our analysis reveals that the FCC was subject to multiple distributed denial-of-service (DDoS) attacks" on the Sunday night of Oliver's show—when he called on his followers to flood the docket—Gizmodo said the FCC had told it that it has no records of an analysis being performed and any observations of the cyberattack "did not result in written documentation."

That notwithstanding, the FCC did provide Congress with what appeared to be a page and a half of analysis of the attacks in aMay 9letter to Senate Democrats who had asked about it.

Here is an excerpt from the letter:

"From our analysis of the logs, we believe these automated bot programs appeared to be cloud-based and not associated with IP addresses usually linked to individual human filers. We found that the bots initiated API requests with the system and then via their high-speed, resource-intensive requests, effectively blocked or denied additional web traffic—human or otherwise—to the comment filing system. Since both humans and bots were attempting to access the same system and because bots could make more intensive resource requests much faster than humans, the 'bot surge' triggered the comment filing system to queue and ultimately decline new connections. The result was that new human users were blocked from visiting the comment filing system." 

The FCC is standing by the analysis Hart says it has and never said it didn't.

“Media reports claiming that the FCC lacks written documentation of its analysis of the May 7-8 non-traditional DDoS attack that took place against our electronic comment filing system are categorically false," said Hart, director of the office of media relations. "In its FOIA request, Gizmodo requested records related to the FCC analysis cited in Dr. David Bray’s May 8 public statement about this attack.  Given that the Commission’s IT professionals were in the midst of addressing the attack on May 8, that analysis was not reduced to writing.  However, subsequent analysis, once the incident had concluded, was put in writing.  Indeed, analysis was made public in response to a request from Capitol Hill.   

“Moreover, the FCC has never stated that it lacks any documentation of this DDoS attack itself.  And news reports claiming that the Commission has said this are without any basis and completely irresponsible.  In fact, we have voluminous documentation of this attack in the form of logs collected by our commercial cloud partners.”   

Related: Dems: FCC DDoS Attack Raises Cybersecurity Questions

"At this point even supporters of Ajit Pai’s plan to gut online free speech protections have to be wondering: what is the FCC hiding," said Evan Greer of Fight for the Future, one of the most passionate defenders of Title II. "The public deserves to know whether former Verizon lawyer Ajit Pai is protecting the person or organization behind these alleged DDoS attacks and the flood of fake comments using stolen identities that have tainted the FCC’s docket."

John Eggerton

Contributing editor John Eggerton has been an editor and/or writer on media regulation, legislation and policy for over four decades, including covering the FCC, FTC, Congress, the major media trade associations, and the federal courts. In addition to Multichannel News and Broadcasting + Cable, his work has appeared in Radio World, TV Technology, TV Fax, This Week in Consumer Electronics, Variety and the Encyclopedia Britannica.