FCC chairman reveals new details about cyberattack following John Oliver segment

FCC chairman reveals new details about cyberattack following John Oliver segment
© Greg Nash

Federal Communications Commission Chairman Ajit Pai unveiled new details Monday about a reported cyberattack that came after comedian John Oliver urged his viewers to flood the agency with pro-net neutrality comments.

In response to a series of questions about the incident from Sens. Ron WydenRonald (Ron) Lee WydenHillicon Valley — Presented by AT&T — New momentum for privacy legislation | YouTube purges spam videos | Apple plans B Austin campus | Iranian hackers targeted Treasury officials | FEC to let lawmakers use campaign funds for cyber FEC votes to allow lawmakers to use campaign funds for personal cybersecurity Senate votes to overturn IRS guidance limiting donor disclosure MORE (D-Ore.) and Brian Schatz (D-Hawaii), Pai said he was taking the issue seriously.

“I agree that this disruption to [the Electronic Comment Filing System] by outside parties was a very serious matter,” Pai wrote in a letter dated June 15, that was posted by a public interest group on Monday.

ADVERTISEMENT

“As a result, my office immediately directed our Chief Information Officer (CIO) to take appropriate measures to secure the integrity of ECFS and to keep us apprised of the situation. The Commission's CIO has informed me that the FCC's response to the events sufficiently addressed the disruption, and that ECFS is continuing to collect all filed comments.”

The ECFS slowed to a crawl after Oliver’s HBO show addressed the net neutrality proceeding in May, leading many to assume that the system was bogged down by an influx of public filings.

But the next day, FCC CIO David Bray said the disruption was caused by a malicious distributed denial of service (DDoS) attack, a move designed to take down a site by flooding it with fake traffic.

“I appreciate the FCC’s response,” Wyden said in a statement to The Hill. “I’m waiting to draw any final conclusions until the FBI weighs in. However, it is clear that FCC wasn’t ready for this attack. In the future, the agency should consider other ways to submit comments if its web portal fails again.”

In a series of responses to the senators’ question, Bray detailed the incident, saying the attack started at 11 p.m. on May 7, the same time that Oliver’s show, “Last Week Tonight,” started.

Bray said the site received about 160 requests per second, with much of the traffic appearing to originate from a cloud service as opposed to IP addresses normally associated with individual users.

He said the FBI declined to conduct an investigation into the incident.

“Following this attack, the FCC CIO directed the Chief lnformation Security Officer (CISO) to consult with the FBI,” the letter reads. “In speaking with the FBI, the conclusion was reached that, given the facts currently known, the attack did not appear to rise to the level of a major incident that would trigger further FBI involvement.”

Evan Greer, the campaign director for the pro-net neutrality group Fight for the Future, accused Pai of “blatantly trying to sweep this under the rug.”

“The agency must address these serious issues before moving forward, or it is making it clear that it has lost all legitimacy and is simply working on behalf of the very companies that it is supposed to be protecting consumers from,” Greer said in a statement.