Citing a story in Gizmodo, House Energy & Commerce Committee ranking member Frank Pallone (D-N.J.) said Tuesday (June 5) he was disturbed by what appeared to be a concerted effort by the FCC to mislead the public about cyberattack claims--in May 2017 and back in 2014--related to the network neutrality comment docket.
"Last summer, I directed Government Accountability Office investigators to get to the bottom of this alleged cyberattack and the FCC’s unusual response," said Pallone. "In light of today’s news, I call on chairman [Ajit] Pai to ensure the FCC fully cooperates with GAO’s investigation so the American people can finally get a full accounting as to what happened in advance of the agency stripping away critical net neutrality protections.”
The FCC had suggested that the docket suffered a distributed denial of service attack (DDoS) to explain problems with processing the volume of comments it received on the proposal to roll back net neutrality rules. Officials also told reporters that something similar happened in 2014.
But Gizmodo reported that, according to internal emails, FCC officials disagreed over whether there had been such an attack, while the FCC was pushing a DDoS narrative but without backing that up with evidence of an actual attack.
Gizmodo said that, according to emails it had obtained, former FCC CIO David Bray had pushed a "fallacious" account of a 2014 problem with the net neutrality docket to suggest the FCC had long been the target of DDoS attacks, saying that back in 2014, then FCC chairman Tom Wheeler had not wanted to admit the attack publicly for fear of copycats.
Gizmodo said Bray had pushed that DDoS narrative internally.
In a report last November on the filings in the Restoring Internet Freedom docket, Pew Research said it had analyzed all 21.7 million-plus comments filed by the comment period deadline of Aug. 30 and found that "many submissions seemed to include false or misleading personal information."
Pew said that only 6% represented "unique" comments, while 94% were multiples, in some cases hundreds of thousands of times, with thousands submitted at the exact same time. Pew labeled that "clear evidence of organized campaigns to flood the comments with repeated messages."
FCC spokesman Brian Hart had no comment on the Gizmodo story. But in a blog post on medium.com, Bray, who said he had just come upon the story and had not been not contacted for it--Gizmodo signaled he had been--suggested that it was a case of looking at the same thing two different ways.
"Whether the correct phrase is denial of service or bot swarm or something hammering the Application Programming Interface (API) of the commenting system -- the fact is something odd was happening in May 2017," wrote Bray.
He blogged that his goal was to make sure actual people got to comment and that his concern was over "automated requests attempting to overwhelm the system relative to the more normal patterns of human use of the comment system."
The Government Accountability Office is investigating the FCC DDoS attack assertion.
Bray says that whether that was "a non-traditional denial of service or an RSS flood that prevented system resources from others seems to be semantics?"