The Government Accountability Office, a federal watchdog agency that provides investigative support to legislators, will look into the Federal Communications Commission and its chief Ajit Pai’s dubiously supported claims that a cyberattack took down the FCC’s public commenting system earlier this year.
In May, the FCC claimed that downtime on its Electronic Comment Filing System, a platform that allows the public to submit input on agency decisions such as Pai’s plan to gut net neutrality rules, was due to “deliberate attempts by external actors to bombard the FCC’s comment system with a high amount of traffic to our commercial cloud host.” But since the downtime on the system coincided with a high-profile call to arms from HBO comedian John Oliver and the FCC never actually released documentation supporting its version of events, suspicion ran rampant the FCC was merely trying to delegitimize opposition to Pai’s regulations-slashing agenda.
It wouldn’t be the first time the agency has been unable to provide evidence of an alleged attack. In 2014, the FCC insisted it was attacked by malicious parties against the conclusions of its own cybersecurity officials.
In August, Gizmodo reported that Senator Brian Schatz and Congressman Frank Pallone Jr. had submitted a request to the GAO asking it to investigate the FCC’s cybersecurity standards, its handling of the alleged DDoS attack and whether or not it is complying with best practices as determined by the Department of Homeland Security. Per Ars Technica, the process to start that investigation now appears to be under way, though it may not actually commence for several months.
“The work, since it was accepted, is now in the queue, but won’t get underway for several months when staff become available,” the GAO told Ars Technica. “Once it does start, then one of the first steps will be to determine the exact scope of what it will cover and the methodology we’ll use.”
The FCC eventually received a record-setting 21 million comments about Pai’s proposal to kill open internet rules, which would allow telecoms to discriminate on the kind of data their customers are allowed to access and at which speeds. However, while analysis of the comments underwritten by the broadband industry concluded the vast majority of the comments were form letters, it also noted Pai’s plans seemed unpopular with the general public.