FBI Files: Suspected Breitbart Cyberattack May Just Have Been an Advertising Malfunction

“After further investigation, [redacted] determined a large portion of that traffic was due to a malfunctioning ad network,” documents state

Last Updated: September 7, 2017 @ 2:26 PM

Just-released FBI documents reveal that the agency investigated what appeared to be a massive cyberattack on Steve Bannon’s Breitbart news site in January 2016 — but found that much of the internet traffic believed to be part of an attack was actually caused by a malfunctioning ad network.

The unclassified documents do not provide a full picture of the investigation or its outcome, because they are heavily redacted, with names and details removed. But the documents that were released Thursday suggest the attack may not have been as severe as it seemed — and may not even have been an attack.

One document states that on Jan. 19, 2016, the FBI received word that the conservative news operation had been under a Distributed Denial of Service attack — or DDoS attack — for two days. In such an attack, a hacker floods a site with unwanted traffic that prevents the site from functioning properly.

By May, it appeared that there may have been another explanation for the site’s problems: “[Name redacted] provided a list of approximately [redacted] IP addresses he believed to be part of an ongoing DDoS attack against the Breitbart News Network,” said an unclassified FBI communication dated May 9, 2016. “After further investigation, [redacted] determined a large portion of that traffic was due to a malfunctioning ad network.”

An ad network is a company that links advertisers with web sites that host ads. Because the services are often automated, sites sometimes find themselves cluttered with ads they don’t want.

Breitbart

LawNewz reports that the FBI has more than 1,400 pages of documents related to Breitbart — but only 23 pages were made available Thursday. News of the cyberattack investigation was contained within them.

Breitbart did not immediately respond to a request for comment.

The FBI’s Breitbart documents detail how the FBI tried to determine if the perpetrator of the suspected DDoS attack was a “known actor” — someone with a prior history of such attacks. In one Jan. 19 email, someone in the Los Angeles FBI office was asked if the “source addresses” of the attack could serve as a “fingerprint” to identify the perpetrators. The names of the sender and receiver of that email were redacted.

The incident came months before Bannon joined President Trump’s presidential campaign. He became executive chair of Breitbart News LLC in March 2012 after the death of founder Andrew Breitbart, and became the head of Trump’s presidential campaign in August. He served as Trump’s chief adviser in the White House, but left that post last month, and returned to Breitbart.

In December, another conservative site, The Drudge Report, also suffered a DDoS attack. Founder Matt Drudge said at the time that he suspected government involvement.