David Bray

Statement by FCC CIO on Denial-of-Service Attack on FCC Comment System

Beginning on May 7 at midnight, our analysis reveals that the Federal Communications Commission was subject to multiple distributed denial-of-service attacks (DDos). These were deliberate attempts by external actors to bombard the FCC’s comment system with a high amount of traffic to our commercial cloud host. These actors were not attempting to file comments themselves; rather they made it difficult for legitimate commenters to access and file with the FCC.

While the comment system remained up and running the entire time, these DDoS events tied up the servers and prevented them from responding to people attempting to submit comments. We have worked with our commercial partners to address this situation and will continue to monitor developments going forward.

Modernizing the FCC Enterprise

According to the Government Accountability Office, Federal agencies are currently spending over 70% of their Information Technology budgets on maintaining legacy systems.

Government-wide, these maintenance costs amount to over $54 billion a year spent on existing legacy systems, and delays needed transitions to newer technologies. Moreover, this cost only captures those legacy processes automated by IT; several paper-based, manual processes exist and result in additional hidden, human-intensive costs that could benefit from modern IT automation.

In the spirit of openness, I’d like to share our seven tracks as we embark on our journey to modernize the FCC enterprise. These tracks and supporting goals represent our focused efforts to bring the FCC into the 21st century and ensure the Commission has some of best IT in government supporting its mission.

Like an iceberg where a majority of the ice is hidden underwater, modernizing manual, human-intensive processes at the FCC will reduce legacy “sunk costs” at the Commission. The result will be a more agile, responsive, IT-enabled FCC enterprise able to work faster and float “above water”. Our workforce will be more effective, efficient in their time and energy, and better able to deliver the highest quality public service to the US public and FCC partners.

  • Improve Secure Employee Telework & Mobility
  • Secure Internal & External Collaborations
  • Strengthen FCC’s IT Security Posture
  • Transform Access to FCC Enterprise Data
  • Modernize Legacy Systems & Tracking
  • Improve FCC.gov & Complaint Reform
  • Increase Transparency & System Usability

[Bray is the FCC’s Chief Information Officer]