Virginia Democrat Seeks Information on Agency Tools for Device Cybersecurity

raised a net neutrality concern. Warner said his inquiry stems in part from Friday's distributed denial of service attacks against DynDNS. The DDoS attacks caused outages of Twitter and other major websites that use Dyn's services (see 1610210056), leading to calls for action from other lawmakers and IoT stakeholders (see 1610250021). Warner cited the Mirai command-and-control botnet, saying it targeted “highly insecure” connected devices in increasing numbers since the start of October. The U.S. Computer Emergency Readiness Team also warned that release of the Mirai botnet’s code increased the risk of copycats. Mirai’s efficacy largely depends “on the unacceptably low level of security inherent in a vast array of network devices,” Warner said in a letter to FCC Chairman Tom Wheeler. Warner questioned FCC net neutrality rules mandating that “ISPs cannot prohibit the attachment of ‘non-harmful devices’ to their networks.” Devices “with certain insecure attributes could be deemed harmful to the ‘network’ -- whether the ISP’s own network or the networks to which it is connected,” Warner said. “While remaining vigilant to ensure that such prohibitions do not serve as a pretext for anticompetitive or exclusionary behavior, I would encourage regulators to provide greater clarity to internet service providers in this area.” The FCC "received the letter and [is] reviewing it," a spokeswoman said.