Cyber Incident Victim: Federal Communications Commission

On May 7, 2017, beginning at midnight, the Federal Communications Commission (FCC) experienced sustained disruptions to its Electronic Comment Filing System (ECFS), a platform enabling public submissions on regulatory matters. FCC Chief Information Officer Dr. David Bray attributed the outages to multiple distributed denial-of-service (DDoS) attacks targeting the system’s commercial cloud infrastructure. These attacks involved external actors bombarding the FCC’s servers with high volumes of traffic, deliberately overwhelming capacity. The assault did not involve attempts to submit fraudulent comments but instead aimed to obstruct legitimate users from accessing or filing comments through the ECFS. Despite the disruption, the system remained technically operational throughout the incident, though server resources were exhausted, preventing responsive interactions with genuine users. The FCC’s initial analysis confirmed the malicious traffic patterns as coordinated DDoS events rather than organic surges in public engagement.

The incident coincided with heightened public attention on net neutrality rulemaking following a televised segment by comedian John Oliver urging viewers to submit comments to the FCC, though the agency explicitly denied any connection between the broadcast and the disruptions. Operational impacts included extended delays and accessibility barriers for individuals attempting to participate in the regulatory comment process during the attack window. In response, the FCC collaborated with its commercial cloud hosting providers to analyze traffic patterns, mitigate the attacks, and restore normal system functionality. No data breaches or unauthorized access to filed comments were reported. The FCC characterized the events as deliberate attempts to undermine public participation but did not disclose technical specifics of the attacks, attribution details, or the total duration of service degradation beyond the initial Sunday-night onset.