Slashdot Mirror
A Cyber-Attack On an American City
Bruce Perens writes "Just after midnight on Thursday, April 9, unidentified attackers climbed down four manholes in the Northern California city of Morgan Hill and cut eight fiber cables in what appears to have been an organized attack on the electronic infrastructure of an American city. Its implications, though startling, have gone almost un-reported.
So I decided to change that."
We should also consider whether it might be necessary to harden some of the local infrastructure of our communities. The old Bell System used to arrange cables in a ring around a city, so that a cut in any one location could be routed around. It's not clear how much modern telephone companies have continued that practice. It might not have helped in Morgan Hill, as the attackers apparently even disabled an unused cable that could have been used to recover from the broken connections.
Always assume the enemy knows the system. Hardening wouldn't hurt, but redundancy is the most important thing. Hardening a system tends to make it that much more vulnerable to a single insider. Redundancy mitigates this effect. Having such a small group be able cause so much disruption from such a relatively simple act makes it obvious that the city placed way too much on a single point of failure remaining in tact. Have redundant fiber. Have auxiliary wireless setups. Maintain a base of ham volunteers. Multiply your points of failure.
Personally, I think this sort of lax infrastructure security has become endemic. The 'war on terror' rhetoric we were fed for so long has us looking for the next suicide jet-liner attack or what have you, completely distorting any real conception the public had of real-world modern security risks.
I got a catholic block.
Ham radio operators save the day once again... 'nuff said.
Lets not all go blaming terrorist organizations on this one.
My money is on unionized workers facing layoffs or payroll cuts. They would best know how to hurt the system and this sort of sabotage being linked to unions is not exactly unheard of.
"linux is just DOS with a UNIX like syntax" -- Galactic Dominator (944134)
Comment removed based on user account deletion
Define terrorism.
Now define terrorist organization.
If an organized group of people orchestrated this attack in order to bring attention to some goal, wouldn't that make them a terrorist group?
Admittedly, an attack on property is not the same as an attack on people, but yet... to me this seems textbook.
"Trolls they were, but filled with the evil will of their master: a fell race..." -- J.R.R. Tolkien on Olog-hai
Jesus. Here come four thousand posts about how awesome hams are, and how Internet over power cables sucks, etc.
My Dad was a ham. Yes, hams are awesome. In their nutty little useful-once-in-a-lifetime, semi-Luddite way.
We love you, hams. We're glad you're out there. But please, seriously, shut the fuck up. On the Internet. Feel free to blather on your radios.
-Peter
Indeed, that's very possible: the contract between the Communication Workers of America and AT&T expired on April 11th.
Q: What does the "B." in Benoit B. Mandelbrot stand for? A: Benoit B. Mandelbrot
Hopefully this catches enough attention to get people to evaluate their area's utilities similar to the blackout across parts of the US and Canada back in 2003. http://en.wikipedia.org/wiki/2003_North_America_blackout
So now a "cyber" attack includes the physical destruction of hardware/infrastructure without any exploitation of any programming logic?
Well, I'd certainlly concede that this could be classified as terrorism but I was refering more to the "ZOMG TALIBAN" kind of terrorists. Modern media interpretation of the word. ;)
"linux is just DOS with a UNIX like syntax" -- Galactic Dominator (944134)
Bruce, the cable cuts were in San Jose and San Carlos. The cable between San Jose and Morgan Hill was cut, but the cut location was in the city of San Jose.
(otherwise, agree with what you said, hopefully wider audience for this will help...)
wouldn't that make them a terrorist group?
I'd presume that some amount of "terror" would need to be created for one to be considered a terrorist. But maybe I'm old-fashioned.
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2009/04/11/MNJB170JM7.DTL
If an organized group of people orchestrated this attack in order to bring attention to some goal, wouldn't that make them a terrorist group?
No.
What makes a terrorist group a terrorist group, is that they inflict, you know, terror .
Cutting some cables isn't going to (and, in fact, didn't) send the general populace into a panic.
Yes, it's an inconvenience, but unless they are trying to instill terror in the general populace, they're not terrorists.
Or just regular blackmail:
http://yro.slashdot.org/article.pl?sid=09/04/20/1427259
I assumed these were both the same story at first. But the YRO story was 2005, and this one was a few weeks ago.
There are no trails. There are no trees out here.
We had a similar cyber attack here in columbus, ohio. A disgruntled employee (it is thought) shot the fiber backbone for Time Warner with a .22. I don't believe they ever caught the guy who did this. This one action disrupted the internet for hundreds of companies and thousands of users. It took around 3 days to get the internet back up for everyone.
This was just one fiber cable, imagine if someone had purposely cut lines downtown?
The stuff is very centralized and not well protected.
There needs to be better protection against these sorts of actions, and there needs to be a backup plan in place in case something like this does happen.
A friend of mine is working for an entity involved in this. AT&T was trying to negotiate the (new) contract down, created and uproar and then this happened. They are 99% sure it was disgruntled CWA workers.
This was discussed extensively on the NANOG (North American Network Operators Group) email list.
It appears that the outage affected multiple carriers including ATT and Alternet.
Hosting and Domain name coupons
As far as I am aware, there were four locations entered, and eight cables cut. Do you have the locations for all four? If so, don't put it on Slashdot :-)
Bruce Perens.
Um, was anyone terrified that the fiber had been cut?
Prediction: The real iPhone killer is going to be sex robots from Japan. Think about it.
This sounds like a good old physical attack to me, not a cyber attack. Bashing in someone's computer with a hammer is not the same thing as a infiltrating it with a computer virus/worm/etc.
I doubt many readers here could physically fit into a manhole, much less survive a climb down any sort of non-motorized ladder.
Um.. That article explicitly refutes that rumor. Although they used weasel words to deny the suspicions in such a way that the suspicion seems more plausible to a casual reader. E.g. AT&T has not identified any suspects and does not believe Bruce Perens sabotaged their fiber like others have suggested. Although he did post a slashdot article about it two weeks after the incident...
Blaming those damn commie unions sure is popular.
Football Odds
My money is on unionized workers...
I think it was management, upset that so few people wore Hawaiian shirts on casual Friday.
""ZOMG TALIBAN" kind of terrorists. Modern media interpretation of the word. ;)"
Shortly to turn into "ZOMG Wobbly Anarchist Union Menace to be cleansed with fire and legislation" if formerly-gruntled union workers are found to be the cause...
"This post is an artistic work of fiction and falsehood. Only a fool would take anything posted here as fact."
I changed the article to "cables serving the city of Morgan Hill" instead of "in" it.
Bruce Perens.
The entire Santa Cruz County area was cut off from all telecommunications outside of Point to Point wireless and Satellite. (Comcast customers aside.) Sprint, AT&T, Verizon, long distance for POTS was all down. TFN's were not able to be dialed by any customers. 911, 611, 411 were not functioning. 'Point-to-point' T1's that were aggregated over DS3's in Hayward, were not functioning for area users. Many of the "redundant" network connections for companies in the Monterey Bay area were completely down. Both legs of their "best practice" 2 provider networks were crippled.
Other than a couple islands of connectivity (namely the Shell Gas station at 41st and Capitola Rd in Capitola, my mother In Law's house, and my Uncle's business) who were lucky enough to only have Satellite service available to them, or were on Comcast, the packets stopped flowing.
Ironically Comcast services inside the Santa Cruz county were still working. Users of Comcast voice wouldn't have noticed (except for the fact that everyone they called went straight to voicemail.)
However, inter CO calling was working (you could
call anyone in the Watsonville-Santa Cruz area if they had a POTS line from a POTS line. Still, corporate communications for nearly everyone in the area (Ag. Brokers, Packers, Pickers, Shippers, Bottlers, etc.) Was down. Commerce came to a halt.
People couldn't get gas at gas stations around the area unless they had cash. Area banks wouldn't let people inside the bank unless you were making a deposit. People couldn't be players in the game of commerce without little pieces of paper. And so once again, cash was king.
More cars sat on the side of the road that day then normal between santa cruz and watsonville. Which begs the question how does the regular joe call for help if the call boxes can't talk to a phone switch?
They might just be really, really, incompetent terrorists? I don't think we have a word mildinconvenienceists.
I am TheRaven on Soylent News
My money is on unionized workers
Well then, ionize the workforce in future.
I am TheRaven on Soylent News
I guess this kinda puts a damper on all the cloud computing hype of late...
When I first saw the way that one worked, I shook my head, and said "You're joking, right?"..
Alas, the answer was no. And the reason that it had been designed as a centralised system (well, ok, there's a 'failover' data centre or two) is (according to the designers) that you'll never lose the main and the redundant connections at the same time.
I seriously hope that they're paying attention to this at the moment. The severing of very few, carefully chosen fibres could quite simply deny a lot of UK hospitals access to their medical records. And if all come on board, then you could deny nearly all hospitals access to the medical records.
This, as can be imagined, would be rather a bad thing...
Be assured, air traffic controllers do have access to HF radio.
Bruce Perens.
Bruce makes some good points, but he consistently undercuts himself "information" that is poorly sourced, poorly explained, or just plain wrong.
The question I'm most interested in is why the "internal only" network at Dominican Hospital went down. Bruce doesn't explain this, and I can't find a reference to it elsewhere. I suspect that he just has his facts wrong — Dominican is part of Catholic Healthcare West, and I'd be very surprised if the computers at Dominican didn't rely on servers in a central CHW facility.
That's still a dangerous vulnerability, just like Bruce says it is. But he'd be more persuasive if he checked his facts.
And dude, everybody but you knows that that internet technology research was funded by DARPA. Some DARPA personnel are in the Army, but DARPA has never been part of the Army.
And can we please stop repeating that idiotic myth about the Internet being designed to survive a nuclear attack? It isn't and it wasn't designed to be. The basis of the myth is that early proposals harped on the superior survival characteristic of a decentralized network versus the star topology networks of the time. Not quite the same thing.
I'd presume that some amount of "terror" would need to be created for one to be considered a terrorist. But maybe I'm old-fashioned.
Terrorist acts need not generate terror.
Part of the definition is that the acts can be designed to intimidate or cause fear.
Actions that don't fit your 9/11 definition of terrorism are still considered terrorism.
Ultimately, unless some ideological motivation is discovered, this isn't terrorism, just sabotage.
[Fuck Beta]
o0t!
So, for example, a soldier violently killing another soldier to further his country's political agenda.
Does that make all wars acts of terrorism? Where does that leave the war on terror?
Violence shouldn't be a necessary requirement to define an act as an act of terrorism.
I think the proper word we are all hunting for is "activist"
For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
The cut location in San Carlos was reported as being at Bing St and Old County Road. That's actually alongside the rail line that runs up the SF Peninsula. There are many fibre optic cables along that right of way. It used to be a Southern Pacific Railroad line, and "Sprint" was originally Southern Pacific Communications.
There aren't that many long haul fibre optic cable routes. Many of them run along rail lines, because the railroad owns the right of way and doesn't need anyone else's permission to run cables. Often you can run cable for miles without crossing a street, which makes installation much simpler.
Its implications, though startling, have gone almost un-reported. So I decided to change that.
DUUUUUUPE
http://tech.slashdot.org/article.pl?sid=09/04/09/2044205
Well, any kind of warfare would then be terrorism, wouldn't it, at least according to Clausewitz, who famously called war "the continuation of policy by other means."
The difference between a terrorist and a freedom fighter is often in the eye of the beholder. My wife was on a boy scout leader forum the other day in which one participant claimed that trade unions and the National Organization of Women were terrorist organizations.
The salient features of terrorism are that
(1) it is violently intimidating, either causing or threatening civilian casualties as its primary effect.
(2) it falls outside the internationally recognized norms for conducting warfare.
(3) is not justifiable in terms of attacking a nation's war fighting or military operational capabilities. i.e. it does not target military units or civilian infrastructure critical to those units' operations.
Even so, it's not always possible to draw a bright line. For example, there is still debate as to whether the WW2 firebombing of Dresden was justifiable. "They deserve it because they're at war with us" isn't a justification. You could use the same justification for the 9/11 attacks; certainly of the Pentagon, and probably of the WTC too. They're both part of a system which helps keep regimes that Al Qaeda doesn't like in power, for example the Saudi monarchy.
Likewise the American Revolution included non-uniformed militia who could attack British units then fade back into the population, e.g. in the NJ Forage War. These militia operated outside the norms of warfare during their day. In fact some of the arguments advanced to show that Taliban fighters are terrorists would serve for US Revolutionary minutemen as well.
While it is possible to argue that those Taliban fighters are "illegal combatants", they aren't necessarily terrorists.
Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
I guess it's kinda reasonable to use the term for an attack on the "cyber" domain (by going after its physical substrate) as well as for attacks that occur within that domain. Either way, it screws up people's access to comms.
I don't think it's reasonable, at least not enough that we should accept it and start using "Cyber Attack" to refer to the target of the attack rather than the means. The reason basically boils down to the opposite of attack, which would be Cyber Defense, and what was mentioned earlier on /., the Pentagon Cyber Command.
If we accept this meaning of Cyber Attack, then that means that an airplane that drops a bomb on an ISP is a "Cyber Attack", while bombing any other form of infrastructure would be a "regular attack". Logically this would also mean that an anti-aircraft gun that is placed near an ISP is a form of "Cyber Defense". Except that isn't logical, it makes no sense. Anti-aircraft defenses should not be under the purview of Cyber Command regardless of where they are located.
No. I insist that the adjective "Cyber" before the word "Attack" should indicate the means, not the target, in the same way that Cyber Defense should mean securing computer networks, not preventing physical assaults that may or may not happen to hit internet infrastructure.
This was nothing more than plain ol' sabotage. It's the same as them destroying a sewage line, except the impact was different. If it was a power line, that too would have cut off many forms of communication, is that a cyber attack? No. It's an attack.
The enemies of Democracy are
Note that the attack did knock out emergency response in several cities, and there were reports of increased armed robberies during the communication outage in affected areas. While defining this as terrorism is unwarranted, as it is unlikely that the attack was meant to physically harm anyone directly, it does go beyond mere vandalism when you put people's lives at risk, by preventing them from reaching the hospital, fire department or police in case of emergency.
"I like systems, their application excepted", George Sand (French)
Hey hey hey! Hold it right there. I think there is LITTLE that strikes fear into the hearts of most nerds like being cut off from the net. So before you go waving your burning flags and crying alla akbar, maybe you should consider whistling like a 14.4k baud, and putting on that "I make Token Ring Networks" t-shirt.
On slashdot, THAT my friend, is true terror.
If you want to be a real tard, maybe throw in some rhetoric about head to head gaming via Com1!
Moved to http://soylentnews.org/. You are invited to join us too!
The day my employer strips me of my loosely bound electrons is the day I give notice.
Unless of course I'm on the "to be negatively charged" list, in which case:
Sucks to be you, alkali employees!!!
"Trolls they were, but filled with the evil will of their master: a fell race..." -- J.R.R. Tolkien on Olog-hai
Thirty years ago Arco Oil and Gas had full data center backup. Where is this thought today in our attention deficit management world?
ARCO did NOT depend on their local Plano TX data center. ARCO had a building prepared in Independence KS on top of pipelines that was an empty data center. They had a contract with IBM to get the next big iron off the production lines. That combined with their backup tapes means quick switch over.
ARCO also never allowed all top executives to travel on the same jet. They flew TWO jets with passengers selected for functional redundancy. Two jets to the same location by the way.
I like the idea, if possible, of local redundancy. Like hospitals have generators.
I would appreciate examples of backup and redundancy today. These quiet things are often unnoticed.
Cheers,
Jim
Bruce was one of the main ramrods getting the requirements eased so that more folks would get Ham licenses.
Well whoever it was, AT&T is offering up $100,000 to find out. Sounds like AT&T might be a little upset.
Below is an excerpt from the article. The link to the story has an interesting video clip from a local news station (see "video gallery" (flash)). Interesting to me, anyway, as I've never seen a cut fiber cable flopping about. The "play by play" event sequencing was also interesting to see; sounds like it hit the fan about 2am local time.
---begin---
AT&T is Now Offering a $100,000 Reward for Phone Vandalism Information
AT&T is now offering $100,000 reward for information leading to arrest/conviction of those responsible for California phone vandalism. To report information call 408-947-STOP
Police say someone cut the fiber optic cables inside the south San Jose vault on purpose early Thursday morning. ...etc...
---end---
The logical technological response to this is to have a central record repository with local caches at each hospital.
That way, if the central database is not accessable there is still a chance that your records are cached locally.
No, that's not correct, though there's a certain amount of Moore's-Law-like behaviour where the newest cable always has a significantly higher capacity than anything built before it. There's a limited number and capacity of cables going from India to Europe through the Mediterranean, but a somewhat larger number going to and/or around Singapore, and from there there's a wide range of cables heading to North America, either more or less directly, plus a bit of connectivity going to North America by way of Australia and even less going to Europe around the southern end of Africa.
For India-Europe, the cables mostly go through the Med, and have been getting cut a lot recently, usually by ships but occasionally by earthquakes. For India and Southern Asia to Japan and North America, almost everything passes between Taiwan and the Philippines, as we discovered in the earthquake a couple of years ago that took out 95% of it at once (and there's now an effort to build some that go around the other side of the Philippines, but the geography's difficult, and there's some growth in land-based cables across Russia and Kazakhstan.) Australia has decent connections to the US, if you don't mind a few thousand extra miles worth of milliseconds, but their connections to Japan that don't go through the Taiwan Straits mostly go via North America, though there's increasing growth in connections via Hawaii and Guam that cuts off some of that distance.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Sure, you can do things like reducing single-points-of-failure, beefing up security, but you can do this only to a point. At some point, you realize that society is, by nature, cooperative, and if you remove that basic assumption of cooperation, society will fail.
There aren't any exceptions to this. There are just too many possible things that can be destroyed by people who desire a society or civilization to perish.
You can salt fields. The Romans did this thousands of years ago, and the areas they ravaged are, to this day, incapable of meaningful agriculture.
You can poison drinking water. LSD is pretty easy to make cheaply, and a single pound of it thrown into a public water system would cause mass insanity.
This list is infinite: You can destroy power lines, you can cut fiber cables, you can make a bomb out of fertilizer and destroy a building or the Golden Gate Bridge or any of a quintillion other things that are both easily done and highly destructive.
A society is secure when its population are generally happy with it continuing. When a society reaches the point where enough of its population are disenfranchised with it, it will becomes incapable of maintaining the critical infrastructure necessary for a complex civilization. Adding security measures such as multiple points of failure quickly become reasons NOT to fix why anyone would want the civilization to perish in the first place - and thus actually make the civilization LESS secure.
And that's just the simple truth of it. So, if we want to be secure, we need to clear up the reasons why people would want our culture to fail. These include things like
A) Not torturing people.
B) Allowing other countries to be sovereign in their own affairs.
C) Not being overly greedy with our wealth. Exploitation is only good for the short term - it's a long-term destabilizing force and that's bad for everyone.
Really, I don't get it. You get people who swear by our Constitution yet somehow think that torturing is OK. Perhaps they should read the 4th and 5th ammendments? This issue is a deep, dark stain on the freedoms we are otherwise so quick to espouse.
I have no problem with your religion until you decide it's reason to deprive others of the truth.
I was voting for the CWA as well...
This happened the same day the CWA was reported as saying "contract talks with AT&T are not going well", 5 days after most of the employment contracts in California expired and AT&T tried to low-ball the healthcare benefits they'd be giving union workers in the future, and force a series of job cuts. One imagines that, in a down economy, AT&T felt they had their workers over a barrel, since job prospects are tighter these days.
Here's a telecom industry rags take on the whole thing: http://www.fiercetelecom.com/special-reports/cwa-strike.
-- Terry
I don't know how old you were on January 1, 2000, but I probably wouldn't be far off is I guessed you weren't old enough to have worked on Y2K stuff, old enough to vote, old enough to drive, or maybe not even old enough to get dressed by yourself for school in the morning. You're certainly far too ignorant of Y2K to be talking about it.
The reason Y2K was pretty much a non-event (I say pretty much because there were some failures, but they were generally of the minor/hahaha variety) is because of all the fixing stuff that went on during 1999. I was a sysadmin at the time, and even though we were pretty sure all our systems were properly patched, my entire department spent the night of December 31, 1999, until the wee hours of the morning, in our office. Pizza, snacks (and once we were sure nothing was going to go wrong, other refreshments) were provided by our CTO. To his credit, he also spent the night at the office. Not because he expected to be needed, but because if he was requiring us to do it, he was going to put in the hours, too. And besides, somebody had to pay for all that stuff :)
hospitals have generators.
In addition, resources that should not have failed, like the local hospital's internal computer network, proved to be dependent on external resources, leaving the hospital with a "paper system" for the day.
Hospitals have generators, true. But I know of one hospital that keeps all of it's patient records via remote Windows terminal sessions to a datacenter in the next state.
Not a small hospital either. A huge one. And it sounds like that is the norm.
Windows terminal sessions. Not a remote database for redundancy. Not something that can be cached. A hospital, with complete dependence on a single real-time data link across hundreds of miles. Let that sink in.
"I assumed blithely that there were no elves out there in the darkness"
Yeah, but that's because you're not living in a city with their fibres cut.
signature is pants
It's not hard to get private entities to build redundant systems as long as they get paid for it - they're trying to sell reliable service to customers, and many kinds of customers need redundancy, and it's very hard to provide even regular reliability without it. If they had had better geographical diversity down there, then the vandals would have had to cut two different manholes in south county to do the job instead of cutting one down there and one up in the location they vandalized. Post-2001, it _is_ harder for businesses to get information on what redundancy is available, because while they all are much more aware that they need it, the governments have pushed the never-tell-anybody-real-locations paranoia - and realistically, while everybody can tell that the large building downtown with no windows and a faded bell logo on the wall is a telco office, the only way they can tell where fibers are is to look for the "Don't Dig Here - Fiber" signs which don't tell you which ones are critical.
What's hard to get is Right of Way, and governments can sometimes help that but often interfere - highway departments can be really difficult to deal with, compared to railroads which are usually much more helpful because they're in business and you're paying them. It's especially a problem in the area south of San Jose, because the government regulators constrain ex-monopoly-telcos to operating in LATA boundaries, and they're near several LATA boundaries down there (because it used to be mostly empty farmland, and a lot of it has hills that aren't stable enough to put significant housing on, so most of the area is either reservoir watersheds or cattle ranches on one side of the freeway.) It used to be that the only industry down there was one railroad company, some farmers, and biker bars, and it was 30-40 miles from Watsonville up to the San Jose POP, a frequently-flooding river between them and Santa Cruz, and a LATA boundary between them and Monterey. Even so, I found it surprising that one well-placed cable cut was enough - usually there's one direct connection available and if a business customer needs redundancy, you can find them a second connection but it'll cost a lot more because it has to go a lot longer.
But even in northern Silicon Valley and the peninsula, there are a number of areas that don't have as much redundancy as they'd like because the locations where telcos can cross freeways are limited. From a nationwide carrier perspective, things are better - while there are some constraints, like a limited number of railroads and highways crossing the Rockies, and a few major cities that have limited numbers of bridges and tunnels, so cable cuts out west will cost you a bunch of extra milliseconds, but the carriers do have alternate routes, and the growth of Microsoft and the Phoenix-area financial and high-tech data centers has meant that everybody's got extra capacity on the northern and southern routes as well as I-80.
The one other source of right-of-way I'm familiar with was a gas pipeline company that ran lots of fiber along their routes. They had a certain advantage over the rest of the industry, because while Bubba the Backhoe Driver might ignore a "telco fiber - don't dig here" sign, a "Gas Pipeline! Explosive! Flammable! Don't Dig Here or You'll Blow Up and Die" sign generally got its point across better.
Disclaimer: This is entirely my personal opinion, not that of any current or past employer.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
The moral seems to be that if you want your internet to reliably stay up, but can't be bothered to protect the infrastructure (and fair enough to some extent, since it would be a tough job) then you need a wireless backup for every community. Something that can bypass the cut and provide a trickle of internet.
Assuming we only think we'll have this problem occasionally in one place at a time, maybe a mobile solution would be appropriate. A pair of vehicles, wirelessly linked, that hook up to either side of the cut and bridge it seamlessly.
In other words, our only problem is that the internet isn't a truck.
Everyone should get ice cream.
But seriously, why should there be nothing on the internet or attached to it that could threaten national security?
The obvious answer to that is because it increases the risk.
Consider that any radio communication between soldiers in war can potentially be a risk because there is the possibility of interception. Does that mean that radio should not be used? no!
The more subtle answer to that is that the internet isn't yet perfectly secure or maybe 'secure enough'. The answer to that is to be educated and use encryption. Don't forget the original purpose of the internet.
Even addressing security questions, you might say "if there are alternatives that work, just let the government use those." Well, fine, but that may sacrifice efficiency.
Maybe I'm wrong, but there seems to be a very compartmentalized attitude in such an objection. The government..should do whatever it does and just leave me alone. *I* should not have to pay attention to the safety of the people around me since that is not my job. Everything must be cut and dried. There is a hierarchy and I will do as told and no more and I expect everyone to follow rules to the letter.
I am the Network Administrator for an ISP (AS4307) in San Martin, CA (between Morgan Hill and Gilroy) that was directly affected by the cuts.
We are multi-homed by two providers. BOTH providers fiber ran through those SONET rings that were cut. We were COMPLETELY isolated (internet, POTS AND cell) from 2:15am to 10:42pm. Luckily, 90% of our customers are in the Morgan Hill/Gilroy/San Martin/San Jose area, so they were fully aware of what happened.
As a side note, the cuts were actually in San Jose. I live 3 blocks from where the cuts occured (Monterey Hwy and Cottle Rd. for those interested). And it did not just affect Morgan Hill. Some parts of South San Jose were affected, along with Morgan Hill, San Martin, Gilroy, Watsonville, Santa Cruz, and parts of Hollister.
What was interesting was when service was restored, customers who lived out of the area who had not heard of the happenings here, called and told us they thought one of two things:
A) We went out of business
B) Natural disaster (Earthquake was #1 on the list, considering where we are located)
We lost no customers over this fiasco, and are now looking at getting a provider that feeds from completely separate fiber (i.e. from the SOUTH)
Robert Glover
Director of I.S.
South Valley Internet (AS4307)
... and that two cable cut sites had been found, I speculated that there were two more sites. Turns out that was the case.
The SONET network is normally configured in a ring, or a set of interconnected rings and ring segments - a net with MOST nodes being points on a line and a few being points at a Y junction. (It's the cheapest way to insure two geographically diverse paths to every site when you have to dig things up to string your connections.) The rings are configured so that a cut link is automatically bypassed. (The traffic may already be propagating around the ring both ways and the sites just switch to the side that still has good info. Or it may have reserved bandwidth and when a link goes down the sites beside the cut "fold the traffic back" onto the reserved bandwidth.
Packet networks can have similar redundancy characteristics:
- They may be carried on existing SONET infrastructure.
- They may be connected as "Redundant Packet Ring" - essentially the IP equivalent of SONET rings using arbitrary transport methods with the same physical layout.
- Or they may have any of a number of other net-style redundant connections. (But they usually reduce to the same geographic layouts.
- (Or they may be non-redundant or "2x-redundant" with both cables taking the same path. Oops!)
Given this, when I heard that there were two dead patches and that phone service (along with everything else) was out, I figured the dead patches were on rings and that there had to be cuts on two points of each ring to defeat the redundancy.
Now we hear that there were indeed four manholes entered and cables cut in each.
So it sounds to me like the system ALREADY had the redundancy built in - but the attackers knew about it and deliberately made the multiple-location cuts needed to defeat the backups.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
Pretty easy to take out public safety trunked systems too. All you need is a hammer and some nails.
In my city the repeaters are on telephone poles. Just punch a hole through the feedline. If the repeater designer knew their shit they'll detect the high SWR an shut down the oscillator and amplifiers. But I can tell you, I've seen lots of gear that has no such SWR protection.
You don't even have to go that far. A little conductive grease, or even water in a connector will also reflect lots of RF power back to the emitter.
It is virtually impossible to protect any given communication medium. You must have several independent means of communication.
If by unreported then you mean it was mentioned on NPR, CNN and a local radio station too here in silicon valley, then you're right the media completely missed this one. I guess AT&T isn't getting the news out their with the quarter million dollar reward they've put up for finding the thugs who did it.
-- Vernor Vinge, A Deepness In The Sky.
Always we hear that something should be privatized because private industry is more efficient. Yet never does anyone stop to ask whether efficiency is the only concern.
Thus rather than having a reserve in transmission capacity on our electric grid, since deregulation we simply eat farther and farther into former safety margins. Rather than spend the time to set up proper local mirrors of systems, hospital networks collapse when their Internet connection breaks. It's reasoned that the time-integrated cost of safety margins exceeds the price to be paid when failures they would have prevented occurs.
And so far, they're mostly right. We have a little more latitude for technical failures on Earth than the fictional inhabitants of Namqem. But eventually, as we hop and skip blithely into privatization of core systems, we're going to pay a horrible price for it. It's sad how many innocent lives it's going to take, but no one listened to those calling for improved maritime safety until Titanic sank either.
Since I live in the area where this happened and it was reported extensively on the local news, I noticed *many* errors in TFA, such as :
- Morgan Hill was not specifically targeted .. the cuts were in San Jose and Santa Clara. At most, Morgan Hill was collateral damage.
- Cables were cut in four different locations, so there was no single point of failure.
- Hosting everything at your site might help in cases like this, but is your mail really more reliable if managed by a part-time sysadmin on a single $1000 box, or at Google where they have triple-redundant everything?
Heading south on 101 from San Jose Thursday morning, I was on my cell as I usually am. It cut out about 4 miles north of my Morgan Hill exit. I thought it was a dead spot. I got to work and realized we had no phones, no internet, no cell if you were a Verizon or AT&T customer. The only link we had was AM radio (KGO), who told us of the outage. We needed an ETA for restoration of service. How? We drove north until we had cell coverage, and called our respective providers. Neither had a clue. We called our spouses outside the DOS area and they said that cables were cut, but still no ETA. Finally we heard on the AM radio they expected to restore service by end of day. We ended up sending our customer service and order entry people home, and the rest of us worked the internal network or paperwork for the day. The phone came back around 4 PM, but the internet and cells never did until the next day. No 911, all the stores and restaurants were pretty much cash only. It was truly eerie. It was front page news for a couple days but has faded from view since. We think it was almost certainly the union, since the first thing the union did was vehemently deny they had anything to do with it.
I hate being bipolar; it's awesome!
Unget updandered. The point is that this could happen in many cities just as easily, and while something more pernicious is carried out at the same time. And the fact that the hospital was not ready indicates that yes, people need to be awakened.
Bruce Perens.
So you talked to the IT department and asked them about their disaster recovery plan ?
... shoot ... an hour ? including travel time.
No ?
The last time I participated in the DR at a hospital, the last set of "tapes" was flown down to the DR center and the system was recovered in
This won't support 100% of the users because the links were lower bandwidth than the local data center but definitely wouldn't shutdown the hospital.
and don't forget the ultimate DR plan - PAPER. You still can get critical care because it's on paper.
This was the mainframe era of the hospital (IBM knows DR) now with the Windows stuff it should work the same but I wouldn't count on it. Lots more machines.