Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

FCC Says Website Downtime Caused by DDoS Attacks

The U.S. Federal Communications Commission (FCC) said its website was disrupted by distributed denial-of-service (DDoS) attacks on Sunday night, not due to a large number of attempts to submit comments on net neutrality.

The U.S. Federal Communications Commission (FCC) said its website was disrupted by distributed denial-of-service (DDoS) attacks on Sunday night, not due to a large number of attempts to submit comments on net neutrality.

“Last Week Tonight” host John Oliver revisited the subject of net neutrality on Sunday, urging people to leave comments on the FCC’s website. Oliver has criticized FCC Chairman Ajit Pai over the proposal to roll back net neutrality rules, and he even set up a domain, gofccyourself.com, which redirects users to a page on the FCC website where they can submit comments on the proposal. The FCC’s site became inaccessible shortly after.

The TV host made similar comments back in June 2014, when the FCC’s website crashed due to the large number of users that attempted to vent their frustration. While many believe the latest incident was also caused by too much traffic on the server hosting the site, the FCC has blamed the downtime on DDoS attacks.

“Beginning on Sunday night at midnight, our analysis reveals that the FCC was subject to multiple distributed denial-of-service attacks (DDos). These were deliberate attempts by external actors to bombard the FCC’s comment system with a high amount of traffic to our commercial cloud host,” the FCC stated.

“These actors were not attempting to file comments themselves; rather they made it difficult for legitimate commenters to access and file with the FCC. While the comment system remained up and running the entire time, these DDoS events tied up the servers and prevented them from responding to people attempting to submit comments.” it added.

Some people are still skeptical and believe the FCC may have mistaken the large volume of traffic for a DDoS attack. Other theories are that someone launched a DDoS attack on the FCC just for fun, or that entities opposing net neutrality rules launched the attacks to prevent consumers from complaining.

Digital rights group “Fight for the Future” believes the FCC is either intentionally misleading or someone did actually launch DDoS attacks to block comments from net neutrality supporters. The organization believes both scenarios are concerning and it has called on the FCC to release its logs to independent security analysts or the media, and guarantee that all comments will be counted.

“The public deserves to know [what happened], and the FCC has a responsibility to maintain a functioning website and ensure that every member of the public who wants to submit a comment about net neutrality has the ability to do so. Anything less is a subversion of our democracy,” Fight for the Future said in a blog post.

Related: Could Killing of FCC Privacy Rules Lead to End of Net Neutrality?

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Management & Strategy

Microsoft making a multiyear, multibillion dollar investment in the artificial intelligence startup OpenAI, maker of ChatGPT and other tools.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Funding/M&A

Twenty-one cybersecurity-related M&A deals were announced in December 2022.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...