FCC Makes Up Cyberattack

FCC

Why, you mean to tell us you lied? Shock!

Hey, it’s been, what, like half a month since I had to write about Ajit Pai’s FCC. I’m sure nothing untoward could have possibly happened in that time. An I’d be right, as it’s actually something they did last year coming back to bite the in the ass.

So, last year, the FCC claimed that there were DDoS attacks directed at them (their comment system specifically) around May 2017. Which, you might remember, was around the time they were trying to kill off net neutrality. And also when John Oliver told millions of watchers to fistfuck the FCC with complaints, and quite rightly so.

Well, according to the Office of the Inspector General, that crash wasn’t, in fact, a DDoS attack. Rather, they found that their shitty site design, in conjunction with that surge of traffic, caused it to crash.

Our investigation did not substantiate the allegations of multiple DDoS attacks alleged by
Bray. While we identified a small amount of anomalous activity and could not entirely rule out
the possibility of individual DoS attempts during the period from May 7 through May 9, 2017,
we do not believe this activity resulted in any measurable degradation of system availability
given the miniscule scale of the anomalous activity relative to the contemporaneous voluminous
viral traffic. In order to assess incoming traffic as a DDoS, we need to identify coordination and
intent. Coordination is a key requirement in a DDoS; coordination can occur via a single
command and control computer (in the case of a botnet) or preplanned actions from a grouponline.

Evidence of coordination in a DDoS may include identical requests, identical user-
agents, or large waves of simultaneous activity. We found no evidence of suchcoordination. During our discussion with FBI SA on May 15, 2017, we specifically asked
if the FBI was aware of any intelligence suggesting there was a coordinated attack, and we were
advised the FBI had no such intelligence. Intent is much more difficult to identify; for example,traffic from a single source that may appear to be attempting a DoS could simply be a search-
engine or web-crawler. Similarly, oddly formed web-requests could be the result of maliciousactors, or they could be the result of an amateur programmer learning how to submit well-formed
API requests. Regardless, we did not find any evidence of intent to conduct a DDoS.

So, let me put it this way: either the FCC is incompetent, or they’re lying. Either way, I’m going t keep making really entertaining pictures with that green screen Ajit did.

READ:  Trial Decides Apple Violated Qualcomm Patents
Sources: Gizmodo, PC Gamer

About Author

B. Simmons

Based out of Glendale California, Bryan is a GAMbIT's resident gaming contributor. Specializing in PC and portable gaming, you can find Bryan on his 3DS playing Monster Hunter or at one of the various conventions throughout the state.

Learn More →