Yesterday, the FCC published an admission that it had lied about a supposed hack-attack that it blamed for the collapse of its public comments portal that led to the agency eventually shutting down public comment and announcing that it would give equal weight to obviously forged anti-Net Neutrality comments and the pro-Neutrality comments it received.
The admission was prompted by the looming publication of an report from the FCC's Office of the Inspector General that was going to reveal that the FCC had invented the hack attack from whole cloth, ignoring plentiful evidence that they'd been overwhelmed by a genuine grassroots tsunami of support for Net Neutrality.
In yesterday's FCC communications Trump-appointed FCC Chair Ajit Pai blamed the whole thing on a former subordinate, the ex FCC CIO David Bray, pointing out that Bray had been hired by the Obama administration and not-so-subtly blaming the whole thing on Obama.
Now, the Inspector General's report is out, and it not only refutes the claim that there was a hack attack — it also refutes Pai's story about who was to blame for the agency's lies to the public and to Congress.
The OIG report shows that Pai knew from the start that the story of a hack-attack was unsupported by evidence and disputed by experts — we knew that too, because those experts were speaking publicly at the time, but it's great to see it in official black-and-white.
It also shows that Pai was informed in advance that John Oliver was about to put out a very public, high-profile call for comments, and that Pai did not inform his IT staff to expect this surge, virtually guaranteeing that the website would crash.
That's pretty good evidence that Pai lied twice: first when he claimed that there was a hack-attack, and then when he claimed that he had been deceived into thinking there was a hack-attack.
In other words, he lied, and then he lied about lying.
Asked how the FCC respond to the event, the contractor said: "The FCC did not respond to the event internally in a manner consistent with the severity of the event as stated in the press release."
FCC Management was aware The Last Week Tonight with John Oliver program was considering an episode on the Net Neutrality proceeding but did not share that information with the CIO or IT group.
The OIG report also describes an interview with two FBI employees, one a special agent and another working with the FBI cyber task force in Washington. Both appear to implicate the FCC in providing false information to members of Congress, specifically when describing what the FBI agents and FCC officials discussed following the incident.
In a letter to Senators Ron Wyden and Brian Schatz (signed by Pai and containing numerous responses to questions authored by Bray), the FCC said that the FBI had "agreed this was not a 'significant cyber incident' consistent with the definition contained in Presidential Policy Directive-41," which codifies how federal agencies respond to cyber events. FCC mentioned PPD-41 to lawmakers as a way to explain why Homeland Security wasn't contacted, as required, in the wake of a cyberattack.
Investigation into alleged multiple distributed denial-of-service attacks involving the FCC'S Electronic Filing System [FCC Office of the Inspector General]
Here's the Internal Report Proving the FCC Made Up a Cyberattack [Dell Cameron/Gizmodo]
(Image: Gage Skidmore, CC-BY-SA)