The security of the U.S. communications network, I

Published 15 April 2009

A few vandals, equipped with pliers, last Thursday cut fiber-optics cables in the San Francisco Bay area, paralyzing wireless, Internet, phone, and emergency communication for more than twelve hours; what does this tell us about the vulnerability to disruption of the U.S. communication network?

We reported yesterday that AT&T had increased to $250,000 the reward it was offering tipsters who offered information leading to the arrest of the vandals who last Thursday cut the company’s fiber-optic cables in three San Francisco Bay area counties (see 14 April 2009 HS Daily Wire). The fact that a simple snip of a few fiber-optic communications cables could leave thousands of people in Silicon Valley and throughout parts of the San Francisco Bay Area without phone, Internet, or wireless service for more than twelve hours raises questions about the security of U.S. critical infrastructure.

CNet News’s Marguerite Reardon writes that the San Jose Police Department is investigating the incidents, which took place in two different locations in San Jose and San Carlos and classified as acts of vandalism. If amateur vandals with a pair of pliers could paralyze vital communication link in a large are where major technology companies are headquartered, how difficult would it be for more sophisticated terrorists to take down the U.S. communications network? Should more be done to protect the fiber optic cables that ring our communities and crisscross the country carrying all of our communications?

A couple of well-placed attacks could do a lot of damage to the communications network,” said Sam Greenholtz, co-founder and principal of Telecom Pragmatics, a consulting and research firm specializing in the telecommunications market. “And it’s not really that hard to figure out where the fiber optic cables are laid and to get access to them.”

AT&T is offering a $250,000 reward to anyone who can provide information that leads to the arrest and conviction of the vandals. AT&T also said that following the terrorist attacks of 9/11, its networks were declared National Critical Infrastructures, which means that anyone who tampers with, destroys, or disrupts the company’s network or its components is in violation of both federal and state laws.

Reardon writes that what with the recent news about how the U.S. power grid has been compromised by hacker — who left “sleeper” applications behinds to be remotely activated at a later date (see 8 April 2009 HS Daily Wire) — many are left to wonder how vulnerable the communications network really is. She talked to a few experts about how telecommunications networks are built and how they operate, and she writes that she concluded that while it is somewhat easy to figure out where fiber is laid and to gain access to the fiber infrastructure in the ground, it is much harder actually to cause major damage unless you know what you’re doing.

Reardon explains that in the AT&T fiber cut case, it was fairly easy for the perpetrator to access the fiber-optic cables that were eventually cut. Sgt. Lopez said that it appeared that whoever cut the fibers simply lifted the manhole cover, went down the ladder, and cut two cables.

Knowing exactly which manhole cover to open and which cables to cut that would cause widespread damage to the network is another story, however. Greenholtz, who was a former manager in the Planning and Engineering Group at Verizon where he worked for nearly twenty-eight years, said that causing a network outage of this magnitude was likely orchestrated by someone who not only knew which manholes provided access to AT&T fibers, but also knew which places on the network were most vulnerable and could cause the most damage. “The manhole covers are not locked,” he said. “Anybody can open them and go down there. But most of these networks have redundancy and diversity built-in to the architecture, so if you cut a cable, it reroutes itself and recovers.” Greenholtz explained that someone with knowledge of the network would know the most vulnerable points in the network and could pinpoint those areas.

AT&T declined to discuss specifics of the company’s network architecture, but experts say that the Baby Bell phone companies, such AT&T’s predecessor SBC Communications, typically built their regional fiber networks in rings. The rings themselves would help provide protection against an outage, because if a line were cut, the traffic could just reverse itself in less than fifty milliseconds and go the other direction around the ring.

The phone companies also typically ran redundant lines that are spaced some distance apart from each other, so that if one line is cut, there is also a separate fiber carrying the traffic. To ensure that the redundant line can handle excess traffic in an emergency, most phone companies run these systems at 50 percent capacity.

Tomorrow: a more secure network architecture