As cybersecurity experts scrambled to restore service to sites brought down by the DDoS attack on Dyn’s hosting service Friday, America’s politicians continued dutifully pretending to understand how the “cyber” works. Representative Marsha Blackburn (R-Tennessee), a member of the Senate’s Communications and Technology Subcommittee, went on CNN to shed some light on the issue.
“Wolf, you don’t know who is behind this, you don’t know if it’s foreign or domestic. What I do know is over the years we have tried to pass data security legislation,” Blackburn told host Wolf Blitzer.
Okay, yes, sounds promising! But Blackburn kind of stumbles downhill from there.
“We also know that a few years ago we tried to do a bill called SOPA in the House, which required the ISPs some governance on these networks, and to block some of the bad actors,” she goes on to explain.
Except, there’s really no logical correlation between Friday’s DDoS attack and the kind of piracy that the Stop Online Piracy Act (SOPA) was introduced, in 2011, to combat. The law, which ultimately died in Congress in 2012, would have banned advertising networks and payment businesses from working with sites in violation of copyright law, and imposed a maximum penalty of five years in prison for violators. But opponents, which included Google and Wikipedia, said that the law would stymie freedom of speech and stall innovation on the web.
As Inverse explained on Friday, the distributed denial of service attack that brought down sites, like Twitter and Spotify for the East Coast and parts of Europe, is the result of a growing number of unsecured Internet of Things devices. Distributed denial of service attacks are becoming more common and harder to stop, but it has nothing to do with piracy. And increased regulation by ISP providers would do little to stop the attacks, given that successful attacks are impossible to distinguish from normal site traffic.
Hacktavist groups, like Anonymous, assaulted proponents of the SOPA bill with DDoS attacks, but that’s about the extent to which SOPA and DDoS are really related. Unlike what Blackburn suggests, SOPA would not have done anything to substantially improve cybersecurity — rather it probably would have just resulted in even more DDoS attacks.