Crying Wolf and Cyber Attacks
Posted by Aaron Massey on 15 Aug 2018.
Ajit Pai, Chairman of the FCC, recently claimed to have been given “inaccurate information” from a subordinate regarding the distributed denial of service attack he announced the FCC had suffered. He’s coming forward now with this information because the Office of the Inspector General is about to publish a report outlining that they found no evidence of an attack. All of this is tied to Pai’s push to change the FCC’s position on network neutrality:
The alleged attack came after John Oliver, the host of Last Week Tonight, urged his audience to leave comments in support of keeping net neutrality protections, which the FCC eventually rescinded late last year. Congress is attempting to overturn the agency’s decision using the Congressional Review Act (CRA).
Pai’s claim is either an honest mistake by an overworked government IT department or it is an extraordinarily serious problem that deserves far more than a simple report from the Office of the Inspector General. Somehow, we’re treating digital security issues as less important than physical security issue, when the opposite may actually be the better way to think about security. For all the hay republicans made about Hillary Clinton using a private email server while serving as Secretary of State,1 the underlying security concerns should actually be treated seriously.2 Imagine if an executive agency branch completely made up a physical assault on their headquarters as a reason for failing to comply with their legal obligations.3 That’s basically what the Pai and the FCC did. I’m not sure what the appropriate response should be, but there must be some form of accountability for false claims of this nature. I’m stunned and concerned that this hasn’t received more attention.