GAO to probe FCC cyberattack that struck amid net neutrality debate

GAO to probe FCC cyberattack that struck amid net neutrality debate
© The Hill screengrab

The government's top watchdog has agreed to investigate the reported cyberattack that targeted the Federal Communications Commission (FCC) earlier this year while the agency was preparing to roll back net neutrality regulations.

A spokesman for the Government Accountability Office (GAO) confirmed it has accepted a request from two Democratic lawmakers to probe the distributed denial of service (DDoS) attack that the FCC said disrupted its electronic comment filing system in May.


The spokesman said that the probe, which was first reported by Politico, is “now in the queue, but the work won’t get underway for several months.” The investigation will also examine the FCC’s broader cybersecurity efforts. 

Sen. Brian SchatzBrian Emanuel SchatzOvernight Defense: House passes defense bill that Trump threatened to veto | Esper voices concerns about officers wearing military garb Senate rejects broad restrictions on transfers of military-grade equipment to police Hillicon Valley: Russian hackers return to spotlight with vaccine research attack | Twitter says 130 accounts targeted in this week's cyberattack | Four fired, dozens suspended in CBP probe into racist, sexist Facebook groups MORE (D-Hawaii) and Rep. Frank Pallone Jr. (D-N.J.) wrote to the GAO in mid-August asking it to investigate the DDoS attack that the FCC blamed for slowing its comment filing system on May 8.

The agency’s comment filing system was brought down the day after comedian John Oliver slammed the FCC for trying to ease Obama-era net neutrality regulations during a segment on his HBO show. The incident generated speculation that the system had been overwhelmed with traffic because Oliver directed his viewers to file comments supporting the regulations. 

However, the FCC later said that the system had been targeted with a DDoS attack, which overwhelms a website with massive amounts of fake traffic. 

Democrats have clamored for more documentation on the alleged cyberattack.

In their Aug. 17 letter to the GAO, Schatz and Pallone appeared to cast doubt on the FCC’s claims about the incident. 

“While the FCC and the FBI have responded to Congressional inquiries into these DDoS attacks, they have not released any records or documentation that would allow for confirmation that an attack occurred, that it was effectively dealt with, and that the FCC has begun to institute measures to thwart future attacks and ensure the security of its systems,” the Democrats wrote. 

“As a result, questions remain about the attack itself and more generally about the state of cybersecurity at the FCC — questions that warrant an independent review,” they wrote.

The GAO did not specify a completion date for the investigation.