FCC Bot Attack Provides a Security Wake-Up Call for Enterprises
Bot-generated attacks on all kinds of websites aren’t anything new, but a recent bot campaign targeting the U.S. Federal Communications Commission (FCC) has generated a lot of controversy.
As reported by CIO, the bot attack posted more than 128,000 comments on the FCC’s website, all endorsing the federal agency’s plan to end net neutrality rules established during the Obama administration. A large percentage of these comments, all posted between May 8 and May 10, used the same boilerplate text, which reads:
“The unprecedented regulatory power the Obama Administration imposed on the internet is smothering innovation, damaging the American economy and obstructing job creation. I urge the Federal Communications Commission to end the bureaucratic regulatory overreach of the internet known as Title II and restore the bipartisan light-touch regulatory consensus that enabled the internet to flourish for more than 20 years. The plan currently under consideration at the FCC to repeal Obama’s Title II power grab is a positive step forward and will help to promote a truly free and open internet for everyone.”
ZDNet contacted several of the alleged posters, all of whom confirmed they had not left any messages on the FCC’s site. The tech publication suspects the bot acquired names and addresses either from public voter registration records or via an older data breach.
Contentious FCC Debate
Net neutrality is a political hot topic that will take time to resolve. Under the Obama administration in October 2016, the FCC issued new rules restricting internet service providers (ISPs) from sharing users’ personal data without their consent. Recently, however, Congress passed legislation to end the new privacy regulations and give ISPs more options to monetize customers’ app usage, browser history and mobile location data.
For governments and businesses alike, the bot-generated attack provides a cautionary tale revealing how security intrusions remain a persistent thorn in the side of organizations large and small — even those with aggressive security solutions already in place.
According to a recent Cisco security report, nearly three out of four security professionals believe their tools are effective against known threats. On the flip side, nearly half (44 percent) of security alerts are never investigated, Cisco found, and 54 percent of legitimate alerts go unresolved.
The reason? Organizations often rely on too many security vendors but fail to integrate multiple tools into an effective strategy, the report states.
Newer security tools, such as threat detection software from tech startup Metapacket, are more adept at determining whether network traffic is coming from a human essential to detecting bot-driven attacks. Because malware strives to act as much like a human as possible, it cannot completely mimic human behavior, according to Metapacket founder Nir Krakowski.
A bot, for instance, can store a page of content in little time, according to DataDome. A unique IP address visiting a large number of pages very quickly is a strong indication of fraudulent activity.
A potent defense against bots has become even more crucial in the emerging Internet of Things (IoT) era, where billions of connected devices are sharing mission-critical data on a daily basis. Organizations will need an effective security strategy to keep IoT-generated information accurate, auditable and accessible.