House Dems lay into FCC chair over false cyberattack claims

Ajit Pai is taking heat after reports that the FCC falsely said a cyberattack knocked a public comments page offline during the net neutrality debate.

Marguerite Reardon Former senior reporter
Marguerite Reardon started as a CNET News reporter in 2004, covering cellphone services, broadband, citywide Wi-Fi, the Net neutrality debate and the consolidation of the phone companies.
Marguerite Reardon
4 min read
FCC Chairman Ajit Pai

FCC Chairman Ajit Pai is expected to testify this week during a Senate Commerce hearing, where he's likely to be grilled by Democrats over the agency's false claims of a cyberattack.

Win McNamee/Getty Images

Democrats on Capitol Hill are demanding answers from Federal Communications Commission Chairman Ajit Pai after it was revealed his agency falsely claimed it had been the victim of a cyberattack last year.

Last week, the FCC's Office of Inspector General concluded the agency wasn't the victim of a distributed denial of service, or DDoS, attack in May of 2017. Such attacks knock web pages offline by swamping them with data requests. The agency's chief information officer, David Bray, had said a May attack made the agency's online comment system inaccessible for several hours at the height of the debate over whether popular net neutrality rules should be repealed.

Though several security experts had immediately questioned the FCC's explanation for the outage, the agency had largely stood by the cyberattack claim and staff had refused to comment further on the incident. Then last week, ahead of the report's release, Pai finally broke his silence on the issue and blamed Bray, who's no longer with the agency, for the false claim.

Now several congressional Democrats want answers from Pai about what he knew of the supposed attack and when. A group of House Democrats, including Rep. Frank Pallone Jr. of New Jersey, the top Democrat on the House Commerce Committee, led the group in sending a letter and a list of questions to the chairman on Tuesday.

"Given the significant media, public and congressional attention this alleged cyberattack received for over a year, it is hard to believe that the release of the IG's report was the first time that you and your staff realized that no cyberattack occurred," the letter reads.

"Such ignorance would signify a dereliction of your duty as the head of the FCC, particularly due to the severity of the allegations and the blatant lack of evidence," it continues. "Therefore, we want to know when you and your staff first learned that the information the commission shared about the alleged cyberattack was false."

Democratic lawmakers Mike Doyle of Pennsylvania, Jerry McNerney of California and Debbie Dingell of Michigan also signed the letter. 

A spokesman for the FCC declined to comment on the lawmakers' letter.

Pai is also likely to face questions about the incident from Senate Democrats on Thursday during a Senate oversight committee hearing.

The backstory

On May 7, 2017, the FCC's comment system crashed after comedian John Oliver, host of HBO's Last Week Tonight, urged his audience to flood the agency with comments supporting net neutrality. Initially, FCC officials claimed the site went down due to a series of DDoS attacks. But net neutrality supporters accused the agency of making up the attack and knowingly misleading journalists to distract them from the flood of pro net neutrality support.

Last week, the FCC's Office of Inspector General said there'd been "no analysis supporting the conclusion" that there was a DDoS attack. And in fact, the inspector general found out pretty quickly during the investigation that there was little basis for the assertion.

Yet at the time, the FCC aggressively defended the claim when challenged by consumer groups and reporters, who said the alleged attack had no tell-tale signs of a DDoS incident.

Pai has squarely put the blame on Bray. In a statement Aug. 6, Pai lambasted the former CIO, who also served in the same position at the agency under President Barack Obama.

"I am deeply disappointed that the FCC's former chief information officer, who was hired by the prior administration and is no longer with the commission, provided inaccurate information about this incident to me, my office, Congress, and the American people," Pai wrote in the statement. "This report debunks the conspiracy theory that my office or I had any knowledge that the information provided by the former CIO was inaccurate and was allowing that inaccurate information to be disseminated for political purposes."

Bray said last week that the Office of the Inspector General hadn't contacted him and that no one reached out to ask what he observed or concluded during the incident.

House Democrats, who sent the letter to Pai, say he knew the statements he made to them about the attack weren't accurate. And even if he didn't know that at the time, he likely knew before last week when the report was released, and yet he didn't inform them or the public. 

"To the extent that you were aware of the misrepresentations prior to the release of the report and failed to correct them, such actions constitute a wanton disregard for Congress and the American public," the House Democrats wrote on Tuesday.

Pai said in his statement that he hadn't commented on the matter during the inspector general's investigation so as not to jeopardize that office's work. 

Fight for the Future, a grassroots group that supports net neutrality, was one of the organizations that first sounded the alarm and helped debunk the FCC's original claims of a cyberattack. The group called Chairman Pai an "embarrassment."

"We knew he was lying about his reasons for killing net neutrality," Evan Greer, Deputy Director of Fight for the Future, said in a statement. "But now we know his agency also lied to Congress, journalists and the public about something as serious as a cyberattack."

Pai and his fellow FCC commissioners will appear before the Senate Commerce Committee on Thursday at 7 a.m. PT/10 a.m. ET. CNET will cover the hearing, so stay tuned for updates.

Security: Stay up-to-date on the latest in breaches, hacks, fixes and all those cybersecurity issues that keep you up at night.

Blockchain Decoded: CNET looks at the tech powering bitcoin -- and soon, too, a myriad services that will change your life.