Five Democratic senators are seeking an FBI investigation into possible cyberattacks on the Federal Communication Commission’s online comment system. The FCC’s Electronic Comment Filing System crashed in the early hours of May 8 in what the agency called “deliberate attempts by external actors to bombard” the commission and render its systems unusable by legitimate commenters. Sens. Brian Schatz (D-Hawaii), Al Franken (D-Minn.), Patrick Leahy (D-Vt.), Ed Markey (D-Mass.) and Ron Wyden (D-Ore.) want acting FBI director Andrew McCabe to make an investigation of that May disruption a priority, and also called for an investigation into the source of the attack. The senators’ letter emphasized that they were especially troubled by the disruption of the process of public commentary given that public participation is crucial to the integrity of the FCC’s regulatory process. The request comes as FCC Chairman Ajit Pai is moving to roll back Obama-era net neutrality regulations over the objections of Democrats in Congress and internet freedom activists. “Any cyberattack on a federal network is very serious,” the senators wrote. “This particular attack may have denied the American people the opportunity to contribute to what is supposed to be a fair and transparent process, which in turn may call into question the integrity of the FCC’s rulemaking proceedings.” The senators seek a reply by June 23. It’s possible, however, that what the FCC is reporting as a DDoS attack was in fact a traffic spike spurred by TV comedian John Oliver, who urged viewers to register their opposition to the net neutrality rollback in an May 7 broadcast. The partisan fight over FCC actions on net neutrality has cast a political shadow over the attack, the follow-up and any future investigation. Three of the letter’s five signatories (Schatz, Markey, Franken) also signed a May 17 open letter lambasting the FCC’s possible net neutrality rollback. Wyden and Schatz also sought clarification from Pai about the ability of the agency to protect against DDoS attacks in a separate May 9 letter. The two sought details on the user capacity of the FCC’s website and requested a reply by June 8. Meanwhile, the FCC is accepting comments on its net neutrality proceeding through Aug. 16. Source: https://fcw.com/articles/2017/05/31/fcc-ddos-senators-berliner.aspx
View article:
Lawmakers seek answers on alleged FCC DDoS attack
Information security company Verisign just published its Distributed Denial of Trends Report for Q1 2017. This report talks about changes in the frequency, size, and type of DDoS attack that the company has observed over the first few months of this year. The main takeaway is this: The number of DDoS attacks has plunged by 23 percent compared to the previous quarter. That’s good! However, the average peak attack size has increased by almost 26 percent, making them vastly more potent at taking down websites and critical online infrastructure. That’s bad. The report also notes that attacks are sophisticated in nature, and use several different attack types to take down a website. While 43 percent use just one attack vector, 25 percent use two, and six percent use five. This, obviously, makes it much more difficult to mitigate against. Verisign’s report also talks about the largest DDoS attack observed by the company in Q1. This was a multi-vector attack that peaked at 120 Gbps, and with a throughput of 90 Mpps. Per the report: This attack sent a flood of traffic to the targeted network in excess of 60 Gbps for more than 15 hours. The attackers were very persistent in their attempts to disrupt the victim’s network by sending attack traffic on a daily basis for over two weeks. The attack consisted primarily of TCP SYN and TCP RST floods of varying packet sizes and employed one of the signatures associated with the Mirai IoT botnet. The event also included UDP floods and IP fragments which increased the volume of the attack. So, in short. The attackers were using several different attack types, and they were able to sustain the attack over a long period of time. This shows the attacker has resources, either to create or rent a botnet of that size, and to sustain an attack over two weeks. The fact that DDoS attacks have increased in potency is hardly a surprise. They’ve been getting bigger and bigger, as bad actors figure out they can easily rope insecure Internet of Things (IoT) devices into their botnets. The Mirai botnet, for example, which took down Dyn last year, and with it much of the Internet, consisted of hundreds of thousands of insecure IoT products. The main thing you can gleam from the Verisign report is that DDoS attacks are increasingly professional, for lack of a better word. It’s not 2005 anymore. We’ve moved past the halcyon days of teenagers taking down sites with copies of LOIC they’d downloaded off Rapidshare. Now, it’s more potent. More commoditized. And the people operating them aren’t doing it for shits and giggles. Source: https://thenextweb.com/insider/2017/05/24/report-ddos-attacks-are-less-common-but-theyre-bigger/#.tnw_RJHfi1AZ