Slashdot Mirror


A Cyber-Attack On an American City

Bruce Perens writes "Just after midnight on Thursday, April 9, unidentified attackers climbed down four manholes in the Northern California city of Morgan Hill and cut eight fiber cables in what appears to have been an organized attack on the electronic infrastructure of an American city. Its implications, though startling, have gone almost un-reported. So I decided to change that."

9 of 461 comments (clear)

  1. Re:Terrorists? Probably not. by PapayaSF · · Score: 5, Interesting

    sabotage being linked to unions is not exactly unheard of

    Indeed, that's very possible: the contract between the Communication Workers of America and AT&T expired on April 11th.

    --
    Q: What does the "B." in Benoit B. Mandelbrot stand for? A: Benoit B. Mandelbrot
  2. Eye Opener by FractalParadox · · Score: 5, Interesting

    Hopefully this catches enough attention to get people to evaluate their area's utilities similar to the blackout across parts of the US and Canada back in 2003. http://en.wikipedia.org/wiki/2003_North_America_blackout

  3. this is interesting by Satanboy · · Score: 4, Interesting

    We had a similar cyber attack here in columbus, ohio. A disgruntled employee (it is thought) shot the fiber backbone for Time Warner with a .22. I don't believe they ever caught the guy who did this. This one action disrupted the internet for hundreds of companies and thousands of users. It took around 3 days to get the internet back up for everyone.

    This was just one fiber cable, imagine if someone had purposely cut lines downtown?

    The stuff is very centralized and not well protected.

    There needs to be better protection against these sorts of actions, and there needs to be a backup plan in place in case something like this does happen.

  4. Re:Redundancy, ARCO OIL & GAS by JavaManJim · · Score: 4, Interesting

    Thirty years ago Arco Oil and Gas had full data center backup. Where is this thought today in our attention deficit management world?

    ARCO did NOT depend on their local Plano TX data center. ARCO had a building prepared in Independence KS on top of pipelines that was an empty data center. They had a contract with IBM to get the next big iron off the production lines. That combined with their backup tapes means quick switch over.

    ARCO also never allowed all top executives to travel on the same jet. They flew TWO jets with passengers selected for functional redundancy. Two jets to the same location by the way.

    I like the idea, if possible, of local redundancy. Like hospitals have generators.

    I would appreciate examples of backup and redundancy today. These quiet things are often unnoticed.

    Cheers,
    Jim

  5. Re:Redundancy, ARCO OIL & GAS by benjamindees · · Score: 3, Interesting

    hospitals have generators.

    In addition, resources that should not have failed, like the local hospital's internal computer network, proved to be dependent on external resources, leaving the hospital with a "paper system" for the day.

    Hospitals have generators, true. But I know of one hospital that keeps all of it's patient records via remote Windows terminal sessions to a datacenter in the next state.

    Not a small hospital either. A huge one. And it sounds like that is the norm.

    Windows terminal sessions. Not a remote database for redundancy. Not something that can be cached. A hospital, with complete dependence on a single real-time data link across hundreds of miles. Let that sink in.

    --
    "I assumed blithely that there were no elves out there in the darkness"
  6. Redundancy vs Expert Attacks by billstewart · · Score: 4, Interesting

    It's not hard to get private entities to build redundant systems as long as they get paid for it - they're trying to sell reliable service to customers, and many kinds of customers need redundancy, and it's very hard to provide even regular reliability without it. If they had had better geographical diversity down there, then the vandals would have had to cut two different manholes in south county to do the job instead of cutting one down there and one up in the location they vandalized. Post-2001, it _is_ harder for businesses to get information on what redundancy is available, because while they all are much more aware that they need it, the governments have pushed the never-tell-anybody-real-locations paranoia - and realistically, while everybody can tell that the large building downtown with no windows and a faded bell logo on the wall is a telco office, the only way they can tell where fibers are is to look for the "Don't Dig Here - Fiber" signs which don't tell you which ones are critical.

    What's hard to get is Right of Way, and governments can sometimes help that but often interfere - highway departments can be really difficult to deal with, compared to railroads which are usually much more helpful because they're in business and you're paying them. It's especially a problem in the area south of San Jose, because the government regulators constrain ex-monopoly-telcos to operating in LATA boundaries, and they're near several LATA boundaries down there (because it used to be mostly empty farmland, and a lot of it has hills that aren't stable enough to put significant housing on, so most of the area is either reservoir watersheds or cattle ranches on one side of the freeway.) It used to be that the only industry down there was one railroad company, some farmers, and biker bars, and it was 30-40 miles from Watsonville up to the San Jose POP, a frequently-flooding river between them and Santa Cruz, and a LATA boundary between them and Monterey. Even so, I found it surprising that one well-placed cable cut was enough - usually there's one direct connection available and if a business customer needs redundancy, you can find them a second connection but it'll cost a lot more because it has to go a lot longer.

    But even in northern Silicon Valley and the peninsula, there are a number of areas that don't have as much redundancy as they'd like because the locations where telcos can cross freeways are limited. From a nationwide carrier perspective, things are better - while there are some constraints, like a limited number of railroads and highways crossing the Rockies, and a few major cities that have limited numbers of bridges and tunnels, so cable cuts out west will cost you a bunch of extra milliseconds, but the carriers do have alternate routes, and the growth of Microsoft and the Phoenix-area financial and high-tech data centers has meant that everybody's got extra capacity on the northern and southern routes as well as I-80.

    The one other source of right-of-way I'm familiar with was a gas pipeline company that ran lots of fiber along their routes. They had a certain advantage over the rest of the industry, because while Bubba the Backhoe Driver might ignore a "telco fiber - don't dig here" sign, a "Gas Pipeline! Explosive! Flammable! Don't Dig Here or You'll Blow Up and Die" sign generally got its point across better.

    Disclaimer: This is entirely my personal opinion, not that of any current or past employer.

    --

    Bill Stewart
    New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
  7. Re:FYI by Bruce+Perens · · Score: 3, Interesting

    "Ramrod" is an interesting way to refer to me :-)

    Although I would like to see more folks become hams, I did not work to eliminate the Morse test just for quantity, but because having Morse on the test didn't make sense for the (then) next century's amateur radio. The survival of Amateur Radio was a goal. Some hams asked me to let it "die with dignity". To heck with them.

    I would be happy to see a more intensive technical exam.

    As it happens, U.S. ham numbers are around 8000 higher this year than last, but about 20,000 down since 2002. We still have yet to see if we can achieve stability or increase, or if the service is still declining in numbers. Some of us still wonder if we will see it die in our lifetime. That would be really sad.

  8. Re:Redundancy, redundancy, redundancy... by SanityInAnarchy · · Score: 3, Interesting

    There is one advantage, though, especially in a small town:

    I can do absolutely nothing about Lisco's current bandwidth cap, other than blog loudly. They know I'm not going to switch to Mediacom, and definitely not Iowa Telecom. No one else can really compete with their fiber network, partly because they have a government grant to do it.

    However, if it was actually local to the town, and the town chose to be assholes about our Internet, all I really have to do is make enough of a fuss to get the rest of the town pissed off. That's not hard in a small town. March them all down to the town hall and demand to know why our tax dollars aren't being spent efficiently enough...

    Maybe I'm being optimistic. Maybe things don't work that way in the real world. Or maybe the better solution would be to start laying some of our own fiber.

    --
    Don't thank God, thank a doctor!
  9. Hexapodia as the key insight? by The+Master+Control+P · · Score: 4, Interesting

    Sammy's shoulders hunched down. "They've avoided the killing disasters. They haven't had the war plagues or nuclear war. The governance is still flexible and responsive. There are just the Lord-be-damned technical problems."

    "They are technical symptoms, Sammy, of problems I'm sure the governance understands very well." And can't do a thing about. He remembered back to the cynicism of Gunnar Larson. In a way this conversation was rumbling down the same dead-end street. But Pham Nuwen had had a lifetime to think of solutions. "The flexibility of the governance is its life and its death. They've accepted optimizing pressures for centuries now. Genius and freedom and knowledge of the past have kept them safe, but finally the optimizations have taken them to the point of fragility. The megalopolis moons allowed the richest networking in Human Space but they are also a choke point...."

    But we knew -- I mean, they knew that. There were always safety margins."

    Namqem was a triumph of distributed automation. And every decade it became a little better. Every decade the flexibility of the governance responded to the pressures to optimize resource allocation, and the margins of safety shrank. The downward spiral was far more subtle than the Dawn Age pessimism of Karl Marx of Han Su, and only vaguely related to the insights of Mancur Olson. The governance did not attempt direct management. Free enterprise and individual planning were much more effective. But if you avoid all the classic traps of corruption and central planning and mad intervention, still -- "In the end there will be failures. The governance will have to take a direct hand." If you avoided all other threads, the complexity of your own successes would eventually get you.

    -- Vernor Vinge, A Deepness In The Sky.

    Always we hear that something should be privatized because private industry is more efficient. Yet never does anyone stop to ask whether efficiency is the only concern.

    Thus rather than having a reserve in transmission capacity on our electric grid, since deregulation we simply eat farther and farther into former safety margins. Rather than spend the time to set up proper local mirrors of systems, hospital networks collapse when their Internet connection breaks. It's reasoned that the time-integrated cost of safety margins exceeds the price to be paid when failures they would have prevented occurs.

    And so far, they're mostly right. We have a little more latitude for technical failures on Earth than the fictional inhabitants of Namqem. But eventually, as we hop and skip blithely into privatization of core systems, we're going to pay a horrible price for it. It's sad how many innocent lives it's going to take, but no one listened to those calling for improved maritime safety until Titanic sank either.