Vulnerability of Telco Switching Equipment

call -151 writes: "Interesting New York times article about the Sept 11th attacks' effect on the Verizon switches in lower Manhattan. Turns out there was a problem in that much of the network switching was in one building and it has taken a while to restore service. Sounds like there is lots of pondering about the vulnerability of the network, even when it is distributed across many physical locations. Of course the attacks are making lots of people rethink their vulnerabilities, but the estimate is for five years' work before there could be redundant paths for the lines into their switches in the one building, with no plans to spend the money to do it. Maybe someone should send them a few hundred thousand 'self-install' kits like they do with their DSL service ..."

geographic density

[shibut]

the problem is when you have a small metro area that is very dense and a high concumer of telco services. Even if you had redundant services, it setill makes economic sense (from the service point of view) to locate both (say) switches in the same area therefore, it would only somewhat help with an attack such as this.

come see the flaws inherent in the system

[joenobody]

This makes perfect sense: the Internet did well because it relies on smart endpoints (computers) and unintelligent routes. The best routing, then, is equal speed routes from and to every endpoint and we see something approaching this with multiple routes connecting small groups of hosts.

The phone company relies on dumb endpoints (phones) and a smart system in the middle. The best (simple) routing solution would be every phone connected by a line to a central switching station. In an urban area, this is exactly what we see- one or two central switching stations or point of failure.

This really shouldn't be any surprise at all.

As a side note, this is also why growth and development has been much faster than on the phone- to change the phone system you have to change one place - but no one will let you, because you might break it for every other customer. On the Internet I can tinker with one or two machines and everyone else is unaffected.

Vulnerabilities Galore

[Zen+Mastuh]

Physical vulnerabilites (location, etc...) aren't the biggest worry.

Not too long ago, Wired ran an article about the apparent h4x0ring of phone lines in and around Las Vegas. It seems that a certain escort service (prostitution is legal there) would stop receiving phone calls, especially on busy nights. The employees would call their number from another line, but the phone wouldn't ring. When the authorities came to investigate, the phones miraculously started working again. So the mobsters are in it with the telco employees or the cops or the h4x0rz. Anybody with a copy of phrack or 2600 can probably hijack a switch. This has been known for years. Perhaps there is a large-scale secret phone net that dries up when the telcos or feds try to dial in?

Regardless, the telco infrastructure is hopelessly inadequate.

What distribution?

[rfc1394]

Turns out there was a problem in that much of the network switching was in one building [deleted] lots of pondering about the vulnerability of the network, even when it is distributed across many physical locations. [deleted] estimate is for five years' work before there could be redundant paths [deleted] with no plans to spend the money to do it.

Ever since the Hindsdale, Illinois fire in a telephone switch room, it has been or should be known that telephone companies routinely under-build and over-load equipment and only add it when they absolutely have to (or are possibly forced to by regulators once in a blue moon), and then complain that they need to raise rates to pay for it, as if they are supposed to be able to operate without equipment and that's not supposed to be part of the cost of service.

If this equipment is that important - and we know it is from the cost to replace it - why isn't it even worth the cost of one clerk at minimum wage around the clock to be able to check on things there? Someone once pointed out that Illinois Bell Telephone ended up spending millions because of the fire, hundreds of times more than it would have cost to have have had a single person present on each of 3 shifts, to provide a 24/7 presence in that building for the next 100 years.

Someone who claims that telephone service is distributed should look again; I've never found a telephone company that operated more than one central office for an area and in some cases trying to combine them in larger and ever larger buildings until the central office for an area might be 40 miles away, yet still continuing the previous rate structure - which may have been created 30, 40, or 50 years ago or more - so that a call to another phone connected to a different switch in the same building is a toll call because it's in a different rate center.

If all the mergers and acquisitions of telephone companies by each other was supposed to benefit the consumer, why is phone service more expensive than ever?

Paul Robinson < Postmaster@paul.washington.dc.us

Doesn't take much

[JediTrainer]

I don't suppose anyone else remembers the
infamous fire in a Bell Canada phone exchange in Toronto. This fire knocked out phones in much of the city for a couple of days as the crews scrambled to fix things. It was interesting trying to do business....

In my company's case, we still had working Internet via ISDN, so we were still able to go about our business. Some cell phones weren't working, however.

It's all over the place

[ONU+CS+Geek]

Part of my University-Sponsored Employment means I work for Communications Services--dealing with the phones, computers, and backbones as needed to keep them up. What I've come to find out is that most Administration don't want to plan for emergency situations.
We were looking at disaster planning. Since we use NEC Phone Switches, we were taking a look at what would be the first thing to go. Take a fire...you could get a switch in a semi trailer sent up overnight (or something like that), but your Main Distribution Frame (MDF) would be crud--you'd have to re-splice every cable pair that you have in order to restore service to everyone; depending on how bad the fire is, you'd have to resplice your RDF's as well
There are some things that we've thought of...like having a bit of redundancy in our wire plant, but the administration shoots us down every time we bring it up.
I guess what I'm getting at is that there isn't a whole lot of redundancy with SS7. Get into things like Voice Over IP, you'll have some flexability, but if your switch gets royally hosed, you're going to be down unless you've got an extra one sitting in another building with a backup MDF that is current.

It's inevitable

[jht]

As long as you have lots of wire going back to an endpoint, the endpoint is vulnerable. Most CATV systems have the same weakness, too. About the only thing that isn't as vulnerable to a single point of attack is the power grid at the plant level, and that's because of grid interconnection (there were some interesting power grid-related articles in IEEE Spectrum a few months back). But at the local level, a few substations feed large portions of a city - in my city of 40,000 or so a single squirrel took out a large portion of the town earlier this year. And we have our own generating station here, too.

In any tree-shaped network taking out the trunk takes down all the branches. Verizon is just doing what makes (in the pre-9/11 world) good economic sense in not having full redundancy, with multiple paths. What you might see someday in the not-too-distant future is a few areas (like Wall Street) get second switching stations further uptown, but really the best solution for a business that really never thought about the phone network is a dish pointed to a CLEC that isn't in the same CO as the primary circuits from the ILEC.

If Winstar had remained viable they might well be seeing a big demand spike hit about now as corporate DR people realize their potential weakness.

report from Verizon in downtown was: This isn't an

[Sonicboom]

My brother is a Verizon installation manager downtown, and he told me one thing that isn't being publicised about the WTC tragedy.

When the towers collapsed, hat large antenna that was ontop of one of the towers pierced the Verizon bldg. on 140 West St. and travelled through the wall, down through several floors, through the basement into the cable vault, which is 2 stories deep there. It proceeded to annihilate a few racks of cable in the vault before coming to a hault lodged into the floor of the cable vault. As a former Outside plant tech for verizon (lineman) who used to pull cables into vaults - I can vouch that this one event alone caused considerable ammounts of damage. Go look at http://newscenter.verizon.com/wtc/ to take a look at the damage done to the 140 West St. Central office.
There was over 30 feet of rubble covering the outside service holes to feed cables into the vault too... the switches were also pretty much destroyed from the debris, the antenna, and water damage from broken pipes and the sprinkler system. The vault flooded from broken pipes, sprinklers, and the water used by the NYFD.

With all things considered, Verizon got circuits rerouted and are restoring them in a rather timely fashion. There is redundancy in the WTC area via SONET rings and other things, which helped get limited service back up as quick as it did... but Slashdotters must realize that MILLIONS of circuits were annihilated during that attack, including CO's in the basements of the WTC too.

Those old telco buildings built during the Bell System years are tough!!! They're built strong!
They weren't made to have 110 stories dropped on them tho... no buildings are. A tragedy like this is hard to be prepared for... .