Back when I was in Telecom we used to talk about how silly most terrorist attacks are, at least in terms of real damage: The COs are only barely guarded...a few well placed surprises could have an impact that far exceeds mere PR. As for Graph theory that isn't really necessary...most of the big telecom Rings have been publically documented. The trick, however, is to ensure you hit both sides of the ring. If there's a big-ass 1000-fiber sheath, however, you will need a backhoe. The interesting thing is that packetized traffic (combined with optical layer protection) might makes things even less disruptable... -TD
From: coderman <coderman@gmail.com> To: cypherpunks@jfet.org Subject: Fwd: [Clips] Re: The Backhoe: A Real Cyberthreat? Date: Thu, 19 Jan 2006 11:01:40 -0800
there are other easy ways to obtain outage information, especially when the fiber affected handles significant amounts of traffic. they have stemmed the tide of outage information but more than enough gets by to be useful for this type of analysis. (although it was much easier to just hit up the FCC for history when they kept track of it. the telcos are just as glad to keep this data secret - they pushed as hard as uncle sam to hide this data)
and as mentioned below, it doesn't take a backhoe either. highly capable portable power tools, post hole diggers, a myriad of other construction equipment, could wreak havoc just as easily. (Milwaukee V28 portable saws are a good example - some disgruntled telco employee(s?) in canada used a portable saw to cut two long distance cables into the US causing over 280,000 circuits to go dead)
the tricky part is identifying redundant paths/rings as both must usually be interrupted to create significant outage. (graph theory applied to directed high degree node/link attacks)
there is a reason they are pursuing security through obscurity so heavily. sometimes it's all you've got... :)
--- begin forwarded text
---------- Forwarded message ---------- From: R. A. Hettinga <rah@shipwright.com> Date: Jan 19, 2006 10:06 AM Subject: [Clips] Re: The Backhoe: A Real Cyberthreat? To: Philodox Clips List <clips@philodox.com>
--- begin forwarded text
Delivered-To: nanog-outgoing@trapdoor.merit.edu Delivered-To: nanog@trapdoor.merit.edu Delivered-To: nanog@segue.merit.edu Delivered-To: nanog@nanog.org Date: Thu, 19 Jan 2006 13:00:43 -0500 From: sgorman1@gmu.edu Subject: Re: The Backhoe: A Real Cyberthreat? Cc: nanog@nanog.org Sender: owner-nanog@merit.edu
While it is always fun to call the government stupid, or anyone else for that matter, there is a little more to the story.
- For one you do not need a backhoe to cut fiber - Two, fiber carries a lot more than Internet traffic - cell phone, 911, financial tranactions, etc. etc. - Three, while it is very unlikely terrorists would only attack telecom infrastructure, a case can be made for a telecom attack that amplifies a primary conventional attack. The loss of communications would complicate things quite a bit.
I'll agree it is very far fethced you could hatch an attack plan from FCC outage reports, but I would not call worrying about attacks on telecommunications infrastructure stupid. Enough sobriety though, please return to the flaming.
----- Original Message ----- From: Joe Maimon <jmaimon@ttec.com> Date: Thursday, January 19, 2006 12:01 pm Subject: Re: The Backhoe: A Real Cyberthreat?
Dennis Dayman wrote:
"In 2004, Department of Homeland Security officials became fearful that terrorists might start using accidental dig-ups as a road map for deliberate attacks, and convinced the FCC to begin locking up previously public data on outages. In a commission filing, DHS argued successfully that revealing the details..."
--MORE--
http://wired.com/news/technology/0,70040-0.html?tw=wn_tophead_1
-Dennis
This is really stupid. Assuming the terrorist actually have the dozens of backhoes needed to completely erase meaningfull internet connectivity in north america, they would probably prefer to use them to smash cars and kill people on the interstate highways or something.
Terrorist inflict terror by killing people, not by forcing internet explorer to display "page cannot be displayed".
Let us not assume that murderous terrorist are as dumb as people in DHS.
--- end forwarded text
-- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips@philodox.com http://www.philodox.com/mailman/listinfo/clips