Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Government Security Privacy United States IT

FCC Says It Has No Documentation of Cyberattack That It Claims Happened (thehill.com) 54

An anonymous reader quotes a report from The Hill: The Federal Communications Commission (FCC) declined to reveal analysis proving that it was the victim of a cyberattack in May. The agency claimed at the time that its Electronic Comment Filing System (ECFS) did not actually crash because of a large amount of traffic on the site prompted by John Oliver telling viewers to file comments in favor of net neutrality on his HBO show, Last Week Tonight. Instead, the FCC said that the ECFS went down as a result of a DDoS attack. In its response to Gizmodo's FOIA request, the FCC said that the attack "did not result in written documentation." "Based on a review of the logs, we have already provided a detailed description of what happened. We stand by our career IT staff's analysis of the evidence in our possession," an FCC spokesperson said when asked for comment on the matter.
This discussion has been archived. No new comments can be posted.

FCC Says It Has No Documentation of Cyberattack That It Claims Happened

Comments Filter:
  • by Anonymous Coward
    I am just glad that they have stopped wasting our time and are willing to admit that they just do not care anymore.
  • by XXongo ( 3986865 ) on Thursday July 20, 2017 @04:28PM (#54848951) Homepage
    Not quite. From the article linked: "The agency says it does have data logs on the attack but can't release those for privacy reasons."

    So, it's not that it "has no documentation"-- it's that it can't (or won't) release documentation.

    Not the same thing.

    • The voter commission had no problem releasing personal details of people submitting comments against them, why does the FCC have a problem with it?
    • In both this story and the July 18th story on the FCC, [slashdot.org] the summaries have been misleadingly one-sided in that they have utterly failed to disclose the FCC's position that *Privacy Concerns* are a large part of why they have not fully responded to the FOIA requests.

    • Not quite. From the article linked:
      "The agency says it does have data logs on the attack but can't release those for privacy reasons."

      So, it's not that it "has no documentation"-- it's that it can't (or won't) release documentation.

      Not the same thing.

      It's about the size of the lie.

      Saying "it happened but we can't release any details". Is consistent with both a real DDOS and "well some IT staff thought it was a DDOS so we just kinda assumed they were right". Even if they're deliberately lying they haven't said enough to get in trouble.

      Now, to release a paper trail means you're either releasing doctored evidence or evidence that is clearly wrong. Either way it's a lot easier to hold someone accountable. That's why the media pushes for these kinds of docum

  • by burtosis ( 1124179 ) on Thursday July 20, 2017 @04:54PM (#54849121)
    Link to original text [reddit.com]

    We caught them red handed -- they claimed 'cyber attack' but we have the uptime reports. We have the connectivity reports (their CDN is Akamai - you can view real time attack data for their network -- if the FCC site was down, a big chunk of the web would have been too). It would have made big news in the IT/networking world if Akamai hiccup'd... since they were able to handle the world's largest DDoS last fall. That got noticed... by, erm, everyone. Network Operations Centers all over the world saw it. Did anyone see the FCC DDoS? crickets There's evidence that the bot is being run on an API -- in other words someone inside the FCC specifically gave access. They have to issue special keys (just like with Reddit!) -- and they're rate limited. They would know who's doing it instantly, because that API isn't available for just anyone: You have to ask for it -- click on the link, it'll show you the form; It asks for name and e-mail. Someone from the FCC said as much -- it was API accesses, not public-facing. If there was a connectivity issue it wasn't external, it was internal, preventable, and that's why they won't give out the server logs. Because they knew who was doing it, could have stopped it, didn't, and are letting it continue to happen as we speak. They know exactly which comments are being submitted by bots, and who owns them. Purely for my own amusement, I went looking for the Terms of Service for accessing the API. Click. Click. Aaaand here we are: "FCC computer systems employ software to monitor network traffic to identify unauthorized attempts..." :snip: "If such monitoring reveals evidence of possible abuse or criminal activity" :snip: cough Fraud cough "Unauthorized attempts to upload or change information on this server are strictly prohibited". Not going to do anything, FCC? Says what they did is "strictly prohibited"... soooooooo.... crickets The previous link provides evidence it's a grand total of... five. Five different copy pasta text; And all sourced from the same stolen identity databases. And the submission times are painfully obvious that it was automated: The number of submissions per second was nearly constant too, like clockwork. And submitted alphabetically. What's more... They prepared for this years ago. You can say, unironically, "Thanks Obama" for that one. They specifically upgraded the public comments after the last network neutrality comment crush. Rather a lot (footnote: ECFS is the comment system -- and it was specifically targeted for a revamp and big bump to system capacity). That capacity wasn't exceeded -- not by the general public anyway. The inflow rate of submissions from John Oliver's gofccyourself.com came in well under -- 150k versus 1.1 million? It's hard to imagine how they'd add all that extra capacity only to have it fall over dead under a fraction of the load. Someone was even nice enough to make a map of who's submitting the comments. Look at the first time this happened. Then look at that one. Notice anything? This time around, the map looks like a mirror of the population distribution of the entire country. By the numbers, the whole nation knows about Network Neutrality, across every demographic... equally. Including the deceased. Oh, they never filed a report with the Department of Homeland Security, which is what every government agency is supposed to do if they experience a cyber attack. Double bonus round, Here's the FCC's own page on cybersecurity preparedness and response. And what do they say? "The FCC, because of its relationship with the nation’s communications network service providers, is particularly well positioned to work with industry to secure the networks upon which the Internet depends." Sounds like someone who'd have a plan, you'd think.They claimed to the media something their own policies dictate what the response should be -- and they did

    • Thanks for that. I can't mod you up as I don't have mod points, but thanks. It's interesting times we live in, will be neat to see something come of this. I have my doubts, but I also have my hopes.
    • Definitely needs to be modded up.
  • by jmccue ( 834797 ) on Thursday July 20, 2017 @04:55PM (#54849129) Homepage

    So will there me a new definition of a DDOS ?

    Law --
    You cannot submit a comment to a Federal Agency when someone else is submitting a comment at the same time to any Federal Agency. Doing so violates the "Computer Fraud and Abuse Act" and the Patriot Act.

  • You mean somebody tripped over the power cord in the server room again?

  • Anyone who has followed the con artist knows his modus operandi is to say something outrageous then refuse to provide any evidence to support the lie. We're supposed to accept his word is the truth despite lack of evidence.

    That falsehood has now carried over to his disgraceful administration in the form of the FCC lying about being DDoS'd. Anyone with a minimal amount of technical knowledge can see through the lie, that the reason the web site went down was the rush of people trying to post their pro-net n

  • Have you seen pictures of this guy? He's the Indian BABABOOEY!

  • We stand by our career IT staff's analysis of the evidence in our possession

    This isn't a scenario where 'appeal to authority' is appropriate, try a verbal stratagem which dispels the appearance that you're being dishonest.

  • They know they're throwing everyone under the bus in order to give a huge payday to their masters at AT&T, Comcast, etc. They're just trying desperately to keep people from realizing that.

No spitting on the Bus! Thank you, The Mgt.

Working...