Slashdot Mirror
A Cyber-Attack On an American City
Bruce Perens writes "Just after midnight on Thursday, April 9, unidentified attackers climbed down four manholes in the Northern California city of Morgan Hill and cut eight fiber cables in what appears to have been an organized attack on the electronic infrastructure of an American city. Its implications, though startling, have gone almost un-reported.
So I decided to change that."
Bruce, the cable cuts were in San Jose and San Carlos. The cable between San Jose and Morgan Hill was cut, but the cut location was in the city of San Jose.
(otherwise, agree with what you said, hopefully wider audience for this will help...)
"Any links or info for someone looking at picking it up?"
http://www.arrl.org/
http://www.hello-radio.org/
"This post is an artistic work of fiction and falsehood. Only a fool would take anything posted here as fact."
http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2009/04/11/MNJB170JM7.DTL
This was discussed extensively on the NANOG (North American Network Operators Group) email list.
It appears that the outage affected multiple carriers including ATT and Alternet.
Hosting and Domain name coupons
The entire Santa Cruz County area was cut off from all telecommunications outside of Point to Point wireless and Satellite. (Comcast customers aside.) Sprint, AT&T, Verizon, long distance for POTS was all down. TFN's were not able to be dialed by any customers. 911, 611, 411 were not functioning. 'Point-to-point' T1's that were aggregated over DS3's in Hayward, were not functioning for area users. Many of the "redundant" network connections for companies in the Monterey Bay area were completely down. Both legs of their "best practice" 2 provider networks were crippled.
Other than a couple islands of connectivity (namely the Shell Gas station at 41st and Capitola Rd in Capitola, my mother In Law's house, and my Uncle's business) who were lucky enough to only have Satellite service available to them, or were on Comcast, the packets stopped flowing.
Ironically Comcast services inside the Santa Cruz county were still working. Users of Comcast voice wouldn't have noticed (except for the fact that everyone they called went straight to voicemail.)
However, inter CO calling was working (you could
call anyone in the Watsonville-Santa Cruz area if they had a POTS line from a POTS line. Still, corporate communications for nearly everyone in the area (Ag. Brokers, Packers, Pickers, Shippers, Bottlers, etc.) Was down. Commerce came to a halt.
People couldn't get gas at gas stations around the area unless they had cash. Area banks wouldn't let people inside the bank unless you were making a deposit. People couldn't be players in the game of commerce without little pieces of paper. And so once again, cash was king.
More cars sat on the side of the road that day then normal between santa cruz and watsonville. Which begs the question how does the regular joe call for help if the call boxes can't talk to a phone switch?
I guess this kinda puts a damper on all the cloud computing hype of late...
When I first saw the way that one worked, I shook my head, and said "You're joking, right?"..
Alas, the answer was no. And the reason that it had been designed as a centralised system (well, ok, there's a 'failover' data centre or two) is (according to the designers) that you'll never lose the main and the redundant connections at the same time.
I seriously hope that they're paying attention to this at the moment. The severing of very few, carefully chosen fibres could quite simply deny a lot of UK hospitals access to their medical records. And if all come on board, then you could deny nearly all hospitals access to the medical records.
This, as can be imagined, would be rather a bad thing...
Its implications, though startling, have gone almost un-reported. So I decided to change that.
DUUUUUUPE
http://tech.slashdot.org/article.pl?sid=09/04/09/2044205
Reducing single points of failure is what is needed
The cost of doing this is enormous, which is why it will never happen 100%. The scale of this outage is no where near what we had in the Chicago area when the Oak Brook central office caught on fire http://catless.ncl.ac.uk/Risks/6.82.html#subj2, and that was 20 years ago. I don't think any one system is any more fault tolerant now than it was 20 years ago, but there are now multiple providers which can mitigate it significantly as long as they don't all route through the same cables as was the case here to a large degree.
In the end any telecom system is vulnerable in localized areas... the trick is to make sure it cannot all be disabled (although software has managed to do so to great effect in the past http://www.soft.com/AppNotes/attcrash.html
...
The way I said it was right. DARPA had Army and other DoD sponsorship. I said the scientists involved designed it to be militarily redundant. The fact is that the military didn't use it that way.
Unfortunately, the main reference on the hospital is the ham coordinator, as quoted on ARRL's site:
The hospital isn't talking about the technical failure.
Bruce Perens.
I am the Network Administrator for an ISP (AS4307) in San Martin, CA (between Morgan Hill and Gilroy) that was directly affected by the cuts.
We are multi-homed by two providers. BOTH providers fiber ran through those SONET rings that were cut. We were COMPLETELY isolated (internet, POTS AND cell) from 2:15am to 10:42pm. Luckily, 90% of our customers are in the Morgan Hill/Gilroy/San Martin/San Jose area, so they were fully aware of what happened.
As a side note, the cuts were actually in San Jose. I live 3 blocks from where the cuts occured (Monterey Hwy and Cottle Rd. for those interested). And it did not just affect Morgan Hill. Some parts of South San Jose were affected, along with Morgan Hill, San Martin, Gilroy, Watsonville, Santa Cruz, and parts of Hollister.
What was interesting was when service was restored, customers who lived out of the area who had not heard of the happenings here, called and told us they thought one of two things:
A) We went out of business
B) Natural disaster (Earthquake was #1 on the list, considering where we are located)
We lost no customers over this fiasco, and are now looking at getting a provider that feeds from completely separate fiber (i.e. from the SOUTH)
Robert Glover
Director of I.S.
South Valley Internet (AS4307)
Using tax money to pay for stuff doesn't make it cheaper - it just hides the cost. If anything, the guy laying fiber for the government will probably make more money than the guy laying fiber commercially.
Using tax money to provide goods and services does two things: it hides the true cost by shifting the burden of payment onto other people and it eliminates choice. Those are both bad, but for different reasons.
The first is bad because you're deciding how to spend other people's money, and they don't have any choice in the matter. Even the tiniest gain in performance is worth almost any cost if you're not the one paying for it.
Besides that, eliminating what little choice there is in broadband connectivity would be bad because the government would undoubtedly contract the work out to an existing telco.
Maybe not