Back in May 2017 when net neutrality was front and center in the news, the comment system on the FCC’s website went down. At the time it was reported to be a coordinated attack by hackers. But a recently released report by the agency’s Office of the Inspector General has concluded the “attack” was not by hackers at all. The comment system went down because it was overwhelmed by concerned internet citizens who were leaving legitimate comments.
It all started when John Oliver ran a segment on his show, Last Week Tonight, on the topic of net neutrality. The Trump administration has rolled back Internet regulations, effectively eliminating net neutrality. John Oliver’s segment went viral and the FCC’s website was flooded over a period of 2 days. The report describes “voluminous viral traffic” and poor site design as the factors that resulted in the system’s crash.
Here’s the relevant part of the report:
The May 7-8, 2017 degradation of the FCC’s ECFS was not, as reported to the public and to Congress, the result of a DDoS attack. At best, the published reports were the result of a rush to judgment and the failure to conduct analyses needed to identify the true cause of the disruption to system availability. Rather than engaging in a concerted effort to understand better the systematic reasons for the incident, certain managers and staff at the Commission mischaracterized the event to the Office of the Chairman as resulting from a criminal act, rather than apparent shortcomings in the system.
You can find the full report here.
After the FCC’s website went down they initially reported they were hacked. However, internal email conversations along with website traffic log analysis indicate that the FCC quickly knew this characterization was incorrect. More simply, they lied.
In the chaos of the moment surrounding the system failure, it is understandable that the FCC incorrectly stated they were hacked. However, it has taken more than 15 months for the truth to be made public. Furthermore, the FCC has not yet issued a statement on this matter. The FCC has not admitted they were wrong. The FCC has not admitted they lied. The report details how their own internal analysis of their website traffic logs clearly correlate with John Oliver’s segment on Last Week Tonight. Social media tweets and videos about the segment directly resulted in a flood of legitimate traffic that ended up bringing down the FCC’s system.
The traffic spikes are singular and not sustained. When a website is under a DDoS attack (distributed denial of service), traffic is sustained over a long period of time and spikes are uncommon.
Website traffic logs from the time of the event.
The report also indicates that the FCC knew John Oliver was going to run a segment on net neutrality beforehand. Yet no one at the agency thought to do anything about it. David Bray, the Chief Information Officer of the FCC at the time, while the system was down said he did not think John Oliver’s show was the reason for the system failure. He put the blame on several known hacking organizations:
We’re 99.9% confident this was external folks deliberately trying to tie-up the server to prevent others from commenting and/or create a spectacle.
Jon Oliver invited the “trolls” – to include 4Chan (which is a group affiliated with Anonymous and the hacking community).
His video triggered the trolls. Normal folks cannot manually file a comment in less than a millisecond over and over and over again, so this was definitely high traffic targeting ECFS to make it appear unresponsive to others.
Jon Oliver invited the “trolls” – to include 4Chan (which is a group affiliated with Anonymous and the hacking community).
His video triggered the trolls. Normal folks cannot manually file a comment in less than a millisecond over and over and over again, so this was definitely high traffic targeting ECFS to make it appear unresponsive to others.
The OIG report states that none of the comments made by Bray at the time were accurate.
From the FCC’s OIG, email excerpts from the time of the event.
What is clear now is that there were so many people concerned about the impending reversal of net neutrality that they flocked to the FCC’s website to voice their concern. The FCC’s system was unable to handle the huge amount of traffic that was generated over this issue and it went down. The FCC incorrectly blamed hackers, when in fact it was legitimate traffic. The FCC’s system was unable to handle it and it crashed.