FCC: John Oliver Didn’t Bring Down Our Site, Attackers Did

Just as the comedian sent a flood of people to support net neutrality, attackers brought commenting site down

May 08, 2017 at 4:55 PM ET

It’s not just because so many people love John Oliver and net neutrality: The Federal Communications Commission’s website crashed Sunday night because it was attacked, the agency says.

Late Sunday evening, Last Week Tonight host John Oliver encouraged his viewers to leave a comment with the FCC about net neutrality. It was an echo of a similar segment he did in 2014, when then-FCC Chair Tom Wheeler was considering enshrining net neutrality, which is the concept that all internet data should be treated equally, and internet providers should be prohibited from dividing access into “fast lanes” and “slow lanes.”

This time, Oliver pushed fans on Sunday to oppose current FCC Chair Ajit Pai, who has announced he plans to undo the previous rules.

In 2014, Oliver’s plea went viral, and ended up crashing the FCC’s archaic online commenting system. So after the site became unusable after Sunday’s segment, fans assumed that was the case again.

But that wasn’t the case this time, the FCC said. In a press statement, Chief Information Officer David Bray, who rarely issues statements, said it was a deliberate attack to overwhelm the FCC with traffic, knocking it offline, which would prevent people from making comments.

“Beginning on Sunday night at midnight, our analysis reveals that the FCC was subject to multiple distributed denial-of-service attacks (DDoS),” Bray said.

“These were deliberate attempts by external actors to bombard the FCC’s comment system with a high amount of traffic to our commercial cloud host. These actors were not attempting to file comments themselves; rather they made it difficult for legitimate commenters to access and file with the FCC.”

Such attacks are among the least sophisticated in a hacker’s toolbox, though if a DDoS is big enough, or if the network it’s targeting is ill-equipped enough, it can effectively shut a site down for a time.

DDoS attacks are almost impossible to attribute, so it’s unlikely the perpetrator will be identified. The FCC’s commenting system is fully functional again, and though the commenting process is still ongoing, it only has 140,000 comments as of press time — a far cry from the more than four million it received in 2014.