Dem asks FCC to review internet security rules after massive cyberattack

Sen. Mark Warner (D-Va.) is seeking answers from the Federal Communications Commission on last Friday’s cyberattack on the U.S. that took down a number of major websites.

In a letter Tuesday, Warner asked the agency to clarify its rules regarding so-called Internet of Things devices and the measures internet service providers and the FCC could take to mitigate future attacks.

{mosads}Warner is concerned about the safety of a growing number of devices such as cameras, household appliances and entertainment and media products that connect to the internet.

He questioned if the FCC’s definition of “non-harmful” devices was tough enough to cover the new host of internet-connected products he fears could have security issues.

“Under the Federal Communications Commission’s (FCC’s) Open Internet rules, ISPs cannot prohibit the attachment of “non-harmful devices” to their networks,” Warner wrote.

“It seems entirely reasonable to conclude under the present circumstances, however, that devices with certain insecure attributes could be deemed harmful to the ‘network’ – whether the ISP’s own network or the networks to which it is connected.”

Tougher standards on what is deemed a “non-harmful device,” under Warner’s interpretation, could see many devices barred from connecting to the internet without meeting security standards.

Warner sent similar letters to the Federal Trade Commission and the Department of Homeland Security’s National Cybersecurity & Communications Integration Center.

The major attack last week against domain name server (DNS) providers Dyn, Amazon Web Services and others was the result of a distributed denial of service (DDoS) attack. DDoS attacks occur when an entity floods a specific machine or network with more bandwidth than it can handle, bringing the system to its knees.

Experts believe that the DDoS attack utilized poor security in internet-of-things devices. Hackers used such devices to flood Dyn and other DNS providers, temporarily cutting off or slowing access to major websites like Twitter, Spotify and The New York Times.

A number of lawmakers have called for the government to take steps to prevent similar attacks in the future.

“These attacks are part of a recent trend in the growing number of DDoS attacks and are simply unacceptable,” Rep. Jerry McNerney (D-Calif.) said Saturday.

“It is urgent for Congress to examine this issue along with ways to improve our cyber security so that we are able to better protect against malicious parties, including hostile state actors, from interfering with our networks.”