FCC Says It Has No Documentation of Cyberattack That It Claims Happened (thehill.com)

← Back to Stories (view on slashdot.org)

FCC Says It Has No Documentation of Cyberattack That It Claims Happened (thehill.com)

Posted by BeauHD on Thursday July 20, 2017 @09:20AM from the nothing-to-see-here dept.

An anonymous reader quotes a report from The Hill: The Federal Communications Commission (FCC) declined to reveal analysis proving that it was the victim of a cyberattack in May. The agency claimed at the time that its Electronic Comment Filing System (ECFS) did not actually crash because of a large amount of traffic on the site prompted by John Oliver telling viewers to file comments in favor of net neutrality on his HBO show, Last Week Tonight. Instead, the FCC said that the ECFS went down as a result of a DDoS attack. In its response to Gizmodo's FOIA request, the FCC said that the attack "did not result in written documentation." "Based on a review of the logs, we have already provided a detailed description of what happened. We stand by our career IT staff's analysis of the evidence in our possession," an FCC spokesperson said when asked for comment on the matter.

26 of 54 comments (clear)

Min score:

Reason:

Sort:

They do not even care anymore by Anonymous Coward · 2017-07-20 09:28 · Score: 2, Insightful

I am just glad that they have stopped wasting our time and are willing to admit that they just do not care anymore.
Misleading headline by XXongo · 2017-07-20 09:28 · Score: 5, Insightful

Not quite. From the article linked: "The agency says it does have data logs on the attack but can't release those for privacy reasons."
So, it's not that it "has no documentation"-- it's that it can't (or won't) release documentation.
Not the same thing.
1. Re:Misleading headline by MasseKid · 2017-07-20 09:44 · Score: 1
  
  The voter commission had no problem releasing personal details of people submitting comments against them, why does the FCC have a problem with it?
2. Re:Misleading headline by bobbied · 2017-07-20 10:20 · Score: 1
  
  Then.. Wouldn't the "report" of the "IT staff report" which was apparently verbal not in itself constitute documentation?....
  Oh the irony...
  
  --
  "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
3. Re:Misleading headline by quantaman · 2017-07-20 12:05 · Score: 1
  
  Not quite. From the article linked:
  "The agency says it does have data logs on the attack but can't release those for privacy reasons."
  So, it's not that it "has no documentation"-- it's that it can't (or won't) release documentation.
  Not the same thing.
  It's about the size of the lie.
  Saying "it happened but we can't release any details". Is consistent with both a real DDOS and "well some IT staff thought it was a DDOS so we just kinda assumed they were right". Even if they're deliberately lying they haven't said enough to get in trouble.
  Now, to release a paper trail means you're either releasing doctored evidence or evidence that is clearly wrong. Either way it's a lot easier to hold someone accountable. That's why the media pushes for these kinds of documents, because it holds officials accountable in a way that public statements can't.
  Now, the attorney in question has been there since 2011, so she's not a Trump appointee and is probably legit... But Trump's appointees have had a few months to start asserting their authority. I'm not saying you shouldn't have been sceptical of official statements from Government organizations previously, but whatever scepticism you did have you should increase about 10-fold.
  There is a final twist to this, if you're talking about evidence of a DDOS there is a legit concern about how easily you can anonymize it, even if you do strip out IPs some enterprising admin might recognize some timestamps from their own logs.
  
  --
  I stole this Sig
Re:Wait for it... by Desler · 2017-07-20 09:29 · Score: 5, Insightful

Or just point out that Ajit Pai was clearly lying about the DDoS.
Re:Wait for it... by JaneTheIgnorantSlut · 2017-07-20 09:34 · Score: 1

Blame Obama!
Cross post from Reddit front page by burtosis · 2017-07-20 09:54 · Score: 5, Interesting

Link to original text

We caught them red handed -- they claimed 'cyber attack' but we have the uptime reports. We have the connectivity reports (their CDN is Akamai - you can view real time attack data for their network -- if the FCC site was down, a big chunk of the web would have been too). It would have made big news in the IT/networking world if Akamai hiccup'd... since they were able to handle the world's largest DDoS last fall. That got noticed... by, erm, everyone. Network Operations Centers all over the world saw it. Did anyone see the FCC DDoS? crickets There's evidence that the bot is being run on an API -- in other words someone inside the FCC specifically gave access. They have to issue special keys (just like with Reddit!) -- and they're rate limited. They would know who's doing it instantly, because that API isn't available for just anyone: You have to ask for it -- click on the link, it'll show you the form; It asks for name and e-mail. Someone from the FCC said as much -- it was API accesses, not public-facing. If there was a connectivity issue it wasn't external, it was internal, preventable, and that's why they won't give out the server logs. Because they knew who was doing it, could have stopped it, didn't, and are letting it continue to happen as we speak. They know exactly which comments are being submitted by bots, and who owns them. Purely for my own amusement, I went looking for the Terms of Service for accessing the API. Click. Click. Aaaand here we are: "FCC computer systems employ software to monitor network traffic to identify unauthorized attempts..." :snip: "If such monitoring reveals evidence of possible abuse or criminal activity" :snip: cough Fraud cough "Unauthorized attempts to upload or change information on this server are strictly prohibited". Not going to do anything, FCC? Says what they did is "strictly prohibited"... soooooooo.... crickets The previous link provides evidence it's a grand total of... five. Five different copy pasta text; And all sourced from the same stolen identity databases. And the submission times are painfully obvious that it was automated: The number of submissions per second was nearly constant too, like clockwork. And submitted alphabetically. What's more... They prepared for this years ago. You can say, unironically, "Thanks Obama" for that one. They specifically upgraded the public comments after the last network neutrality comment crush. Rather a lot (footnote: ECFS is the comment system -- and it was specifically targeted for a revamp and big bump to system capacity). That capacity wasn't exceeded -- not by the general public anyway. The inflow rate of submissions from John Oliver's gofccyourself.com came in well under -- 150k versus 1.1 million? It's hard to imagine how they'd add all that extra capacity only to have it fall over dead under a fraction of the load. Someone was even nice enough to make a map of who's submitting the comments. Look at the first time this happened. Then look at that one. Notice anything? This time around, the map looks like a mirror of the population distribution of the entire country. By the numbers, the whole nation knows about Network Neutrality, across every demographic... equally. Including the deceased. Oh, they never filed a report with the Department of Homeland Security, which is what every government agency is supposed to do if they experience a cyber attack. Double bonus round, Here's the FCC's own page on cybersecurity preparedness and response. And what do they say? "The FCC, because of its relationship with the nation’s communications network service providers, is particularly well positioned to work with industry to secure the networks upon which the Internet depends." Sounds like someone who'd have a plan, you'd think.They claimed to the media something their own policies dictate what the response should be -- and they did
1. Re:Cross post from Reddit front page by Scarred+Intellect · 2017-07-20 10:42 · Score: 1
  
  Thanks for that. I can't mod you up as I don't have mod points, but thanks. It's interesting times we live in, will be neat to see something come of this. I have my doubts, but I also have my hopes.
2. Re:Cross post from Reddit front page by aod7br7932 · 2017-07-20 11:24 · Score: 1
  
  Definitely needs to be modded up.
so, new law ? by jmccue · 2017-07-20 09:55 · Score: 4, Funny

So will there me a new definition of a DDOS ?
Law --
You cannot submit a comment to a Federal Agency when someone else is submitting a comment at the same time to any Federal Agency. Doing so violates the "Computer Fraud and Abuse Act" and the Patriot Act.
Re:Wait for it... by sound+vision · 2017-07-20 09:56 · Score: 1

There's plenty of actual Russian operations for you to deny, why are you wasting your time here?
Re:Wait for it... by whoever57 · 2017-07-20 09:59 · Score: 1

Blame Obama!
I believe the correct term is:
Thanks Obama!

--
The real "Libtards" are the Libertarians!
Misleading Lack of Privacy Concerns by SeattleLawGuy · 2017-07-20 10:00 · Score: 1

In both this story and the July 18th story on the FCC, the summaries have been misleadingly one-sided in that they have utterly failed to disclose the FCC's position that *Privacy Concerns* are a large part of why they have not fully responded to the FOIA requests.

--
Real lawyers write in C++
Re:Wait for it... by bogaboga · 2017-07-20 10:15 · Score: 1

He may well be a moron, but also right
Apparently, the US of A doesn't like the prescription it metes onto others, right?
Re:Clueless by bobbied · 2017-07-20 10:47 · Score: 2

How does Slashdot feel about the Federal Communications Commission being technologically inept?
They are run by a group of political appointees who may or may not (mostly not) have relevant technical experience. Who's surprised that they don't know what they are doing? Or that they are beholden to their political interests over what actually makes technical sense? I'm not.
I saw this clearly when they took up the BPL (Broad Band over Power Lines) issue, where they where going to shove internet data over the power lines on wide bandwidth RF carriers and the FCC commissioners ignored the fact that this would pretty much interfere with pretty much every licensed radio service using any frequency starting at DC up though light. Who thought THAT was a good idea? You guessed it, the FCC... Or when they entertained Light Squared's proposal to pretty much make every GPS user buy new hardware, just so they could obtain otherwise unusable spectrum space for their high speed data service....
Yea, for the most part, the FCC is a bunch of political hacks who are put into place to satisfy the big corporate donors supporting political campaigns and not for their technical skills or understanding..

--
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
Denial Of Service Attack eh? by bobbied · 2017-07-20 10:49 · Score: 1

You mean somebody tripped over the power cord in the server room again?

--
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
1. Re:Denial Of Service Attack eh? by Narcocide · 2017-07-20 12:39 · Score: 1
  
  "tripped"
This is surprising? by quonset · 2017-07-20 10:53 · Score: 1

Anyone who has followed the con artist knows his modus operandi is to say something outrageous then refuse to provide any evidence to support the lie. We're supposed to accept his word is the truth despite lack of evidence.
That falsehood has now carried over to his disgraceful administration in the form of the FCC lying about being DDoS'd. Anyone with a minimal amount of technical knowledge can see through the lie, that the reason the web site went down was the rush of people trying to post their pro-net neutrality views which will, of course, be promptly ignored in favor of big businesses such as AT&, Comcast, Verizon, et al.
After all, who cares what the people think? It's only what the swamp dwelling lobbyists think. The non-answer of the FCC, that they don't have any records to provide, says it all.
Re:Wait for it... by fustakrakich · 2017-07-20 13:29 · Score: 3, Insightful

How will that help? Pointing out lies no longer has the desired effect. They keep lying, and they keep their jobs, and the voters don't care.

--
“He’s not deformed, he’s just drunk!”
Offtopic shitpost by JThundley · 2017-07-20 14:47 · Score: 1

Have you seen pictures of this guy? He's the Indian BABABOOEY!
Re:Wait for it... by Anonymous Coward · 2017-07-20 15:23 · Score: 1

16 investigations into Benghazi, now that's hysteria! Stay BTFO!
Re:Wait for it... by rtb61 · 2017-07-20 21:42 · Score: 1

Why lie. Quick we are getting to many contacts that support net neutrality, what do we do. Er, Er, Er, shut down the computers with a false flag DDoS make sure no traceable evidence, destroy all documentation. See no lie, just an omission, oh and a deletion.

--
Chaos - everything, everywhere, everywhen
Uhh by easyTree · 2017-07-21 05:06 · Score: 1

We stand by our career IT staff's analysis of the evidence in our possession
This isn't a scenario where 'appeal to authority' is appropriate, try a verbal stratagem which dispels the appearance that you're being dishonest.

--
Requiem for the American Dream
That's because they're lying by JohnFen · 2017-07-21 11:54 · Score: 1

They know they're throwing everyone under the bus in order to give a huge payday to their masters at AT&T, Comcast, etc. They're just trying desperately to keep people from realizing that.
Re:Clueless by Zontar+The+Mindless · 2017-07-21 21:04 · Score: 1

In short, The FCC Is Full Of Shit.

--
Il n'y a pas de Planet B.