FCC has no documentation of DDoS attack that hit net neutrality comments

Enlarge / John Oliver takes on FCC Chairman Ajit Pai in net neutrality segment. (credit: HBO Last Week Tonight)

The US Federal Communications Commission says it has no written analysis of DDoS attacks that hit the commission's net neutrality comment system in May.

In its response to a Freedom of Information Act (FoIA) request filed by Gizmodo, the FCC said its analysis of DDoS attacks "stemmed from real time observation and feedback by Commission IT staff and did not result in written documentation." Gizmodo had asked for a copy of any records related to the FCC analysis that concluded DDoS attacks had taken place. Because there was no "written documentation," the FCC provided no documents in response to this portion of the Gizmodo FoIA request.

The FCC also declined to release 209 pages of records, citing several exemptions to the FoIA law. For example, publication of documents related to "staffing decisions made by Commission supervisors, draft talking points, staff summaries of congressional letters, and policy suggestions from staff" could "harm the Commission’s deliberative processes," the FCC said. "Release of this information would chill deliberations within the Commission and impede the candid exchange of ideas."

Read 13 remaining paragraphs | Comments

Examining the FCC claim that DDoS attacks hit net neutrality comment system

Enlarge (credit: Getty Images | Valery Brozhinsky)

On May 8, when the Federal Communications Commission website failed and many people were prevented from submitting comments about net neutrality, the cause seemed obvious. Comedian John Oliver had just aired a segment blasting FCC Chairman Ajit Pai's plan to gut net neutrality rules, and it appeared that the site just couldn't handle the sudden influx of comments.

But when the FCC released a statement explaining the website's downtime, the commission didn't mention the Oliver show or people submitting comments opposing Pai's plan. Instead, the FCC attributed the downtime solely to "multiple distributed denial-of-service attacks (DDoS)." These were "deliberate attempts by external actors to bombard the FCC's comment system with a high amount of traffic to our commercial cloud host," performed by "actors" who "were not attempting to file comments themselves; rather, they made it difficult for legitimate commenters to access and file with the FCC."

The FCC has faced skepticism from net neutrality activists who doubt the website was hit with multiple DDoS attacks at the same time that many new commenters were trying to protest the plan to eliminate the current net neutrality rules. Besides the large influx of legitimate comments, what appeared to be spam bots flooded the FCC with identical comments attributed to people whose names were drawn from data breaches, which is another possible cause of downtime. There are now more than 2.5 million comments on Pai's plan. The FCC is taking comments until August 16, and will make a final decision sometime after that.

Read 36 remaining paragraphs | Comments

117 attacks (and counting)—Black Lives Matter’s fight to stay online

Enlarge (credit: Sean Rayford/Getty Images / Aurich)

“Through our e-mails and our social media accounts we get death threats all the time,” said Janisha Gabriel. “For anyone who’s involved in this type of work, you know that you take certain risks.”

These aren’t the words of a politician or a prison guard but of a Web designer. Gabriel owns Haki Creatives, a design firm that specialises in building websites for social activist groups like Black Lives Matter (BLM)–and for that work strangers want to kill her.

When these people aren’t hurling threats at the site’s designer, they’re hurling attacks at the BLM site itself–on 117 separate occasions in the past six months, to be precise. They’re renting servers and wielding botnets, putting attack calls out on social media, and trialling different attack methods to see what sticks. In fact, it’s not even clear whether ‘they’ are the people publicly claiming to perform the attacks.

Read 40 remaining paragraphs | Comments

There’s a new DDoS army, and it could soon rival record-setting Mirai

Enlarge (credit: ellenm1)

For almost three months, Internet-of-things botnets built by software called Mirai have been a driving force behind a new breed of attacks so powerful they threaten the Internet as we know it. Now, a new botnet is emerging that could soon magnify or even rival that threat.

The as-yet unnamed botnet was first detected on November 23, the day before the US Thanksgiving holiday. For exactly 8.5 hours, it delivered a non-stop stream of junk traffic to undisclosed targets, according to this post published Friday by content delivery network CloudFlare. Every day for the next six days at roughly the same time, the same network pumped out an almost identical barrage, which is aimed at a small number of targets mostly on the US West Coast. More recently, the attacks have run for 24 hours at a time.

While the new distributed denial-of-service attacks aren't as powerful as some of the record-setting ones that Mirai participated in, they remain plenty big, especially for an upstart botnet. Peak volumes have reached 400 gigabits per second and 200 million packets per second. The attacks zero in on level 3 and level 4 of a target's network layer and are aimed at exhausting transmission control protocol resources.

Read 2 remaining paragraphs | Comments