Fwd: [Clips] Re: The Backhoe: A Real Cyberthreat?
there are other easy ways to obtain outage information, especially when the fiber affected handles significant amounts of traffic. they have stemmed the tide of outage information but more than enough gets by to be useful for this type of analysis. (although it was much easier to just hit up the FCC for history when they kept track of it. the telcos are just as glad to keep this data secret - they pushed as hard as uncle sam to hide this data) and as mentioned below, it doesn't take a backhoe either. highly capable portable power tools, post hole diggers, a myriad of other construction equipment, could wreak havoc just as easily. (Milwaukee V28 portable saws are a good example - some disgruntled telco employee(s?) in canada used a portable saw to cut two long distance cables into the US causing over 280,000 circuits to go dead) the tricky part is identifying redundant paths/rings as both must usually be interrupted to create significant outage. (graph theory applied to directed high degree node/link attacks) there is a reason they are pursuing security through obscurity so heavily. sometimes it's all you've got... :) --- begin forwarded text ---------- Forwarded message ---------- From: R. A. Hettinga <rah@shipwright.com> Date: Jan 19, 2006 10:06 AM Subject: [Clips] Re: The Backhoe: A Real Cyberthreat? To: Philodox Clips List <clips@philodox.com> --- begin forwarded text Delivered-To: nanog-outgoing@trapdoor.merit.edu Delivered-To: nanog@trapdoor.merit.edu Delivered-To: nanog@segue.merit.edu Delivered-To: nanog@nanog.org Date: Thu, 19 Jan 2006 13:00:43 -0500 From: sgorman1@gmu.edu Subject: Re: The Backhoe: A Real Cyberthreat? Cc: nanog@nanog.org Sender: owner-nanog@merit.edu While it is always fun to call the government stupid, or anyone else for that matter, there is a little more to the story. - For one you do not need a backhoe to cut fiber - Two, fiber carries a lot more than Internet traffic - cell phone, 911, financial tranactions, etc. etc. - Three, while it is very unlikely terrorists would only attack telecom infrastructure, a case can be made for a telecom attack that amplifies a primary conventional attack. The loss of communications would complicate things quite a bit. I'll agree it is very far fethced you could hatch an attack plan from FCC outage reports, but I would not call worrying about attacks on telecommunications infrastructure stupid. Enough sobriety though, please return to the flaming. ----- Original Message ----- From: Joe Maimon <jmaimon@ttec.com> Date: Thursday, January 19, 2006 12:01 pm Subject: Re: The Backhoe: A Real Cyberthreat?
Dennis Dayman wrote:
"In 2004, Department of Homeland Security officials became fearful that terrorists might start using accidental dig-ups as a road map for deliberate attacks, and convinced the FCC to begin locking up previously public data on outages. In a commission filing, DHS argued successfully that revealing the details..."
--MORE--
http://wired.com/news/technology/0,70040-0.html?tw=wn_tophead_1
-Dennis
This is really stupid. Assuming the terrorist actually have the dozens of backhoes needed to completely erase meaningfull internet connectivity in north america, they would probably prefer to use them to smash cars and kill people on the interstate highways or something.
Terrorist inflict terror by killing people, not by forcing internet explorer to display "page cannot be displayed".
Let us not assume that murderous terrorist are as dumb as people in DHS.
--- end forwarded text -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips@philodox.com http://www.philodox.com/mailman/listinfo/clips
Back when I was in Telecom we used to talk about how silly most terrorist attacks are, at least in terms of real damage: The COs are only barely guarded...a few well placed surprises could have an impact that far exceeds mere PR. As for Graph theory that isn't really necessary...most of the big telecom Rings have been publically documented. The trick, however, is to ensure you hit both sides of the ring. If there's a big-ass 1000-fiber sheath, however, you will need a backhoe. The interesting thing is that packetized traffic (combined with optical layer protection) might makes things even less disruptable... -TD
From: coderman <coderman@gmail.com> To: cypherpunks@jfet.org Subject: Fwd: [Clips] Re: The Backhoe: A Real Cyberthreat? Date: Thu, 19 Jan 2006 11:01:40 -0800
there are other easy ways to obtain outage information, especially when the fiber affected handles significant amounts of traffic. they have stemmed the tide of outage information but more than enough gets by to be useful for this type of analysis. (although it was much easier to just hit up the FCC for history when they kept track of it. the telcos are just as glad to keep this data secret - they pushed as hard as uncle sam to hide this data)
and as mentioned below, it doesn't take a backhoe either. highly capable portable power tools, post hole diggers, a myriad of other construction equipment, could wreak havoc just as easily. (Milwaukee V28 portable saws are a good example - some disgruntled telco employee(s?) in canada used a portable saw to cut two long distance cables into the US causing over 280,000 circuits to go dead)
the tricky part is identifying redundant paths/rings as both must usually be interrupted to create significant outage. (graph theory applied to directed high degree node/link attacks)
there is a reason they are pursuing security through obscurity so heavily. sometimes it's all you've got... :)
--- begin forwarded text
---------- Forwarded message ---------- From: R. A. Hettinga <rah@shipwright.com> Date: Jan 19, 2006 10:06 AM Subject: [Clips] Re: The Backhoe: A Real Cyberthreat? To: Philodox Clips List <clips@philodox.com>
--- begin forwarded text
Delivered-To: nanog-outgoing@trapdoor.merit.edu Delivered-To: nanog@trapdoor.merit.edu Delivered-To: nanog@segue.merit.edu Delivered-To: nanog@nanog.org Date: Thu, 19 Jan 2006 13:00:43 -0500 From: sgorman1@gmu.edu Subject: Re: The Backhoe: A Real Cyberthreat? Cc: nanog@nanog.org Sender: owner-nanog@merit.edu
While it is always fun to call the government stupid, or anyone else for that matter, there is a little more to the story.
- For one you do not need a backhoe to cut fiber - Two, fiber carries a lot more than Internet traffic - cell phone, 911, financial tranactions, etc. etc. - Three, while it is very unlikely terrorists would only attack telecom infrastructure, a case can be made for a telecom attack that amplifies a primary conventional attack. The loss of communications would complicate things quite a bit.
I'll agree it is very far fethced you could hatch an attack plan from FCC outage reports, but I would not call worrying about attacks on telecommunications infrastructure stupid. Enough sobriety though, please return to the flaming.
----- Original Message ----- From: Joe Maimon <jmaimon@ttec.com> Date: Thursday, January 19, 2006 12:01 pm Subject: Re: The Backhoe: A Real Cyberthreat?
Dennis Dayman wrote:
"In 2004, Department of Homeland Security officials became fearful that terrorists might start using accidental dig-ups as a road map for deliberate attacks, and convinced the FCC to begin locking up previously public data on outages. In a commission filing, DHS argued successfully that revealing the details..."
--MORE--
http://wired.com/news/technology/0,70040-0.html?tw=wn_tophead_1
-Dennis
This is really stupid. Assuming the terrorist actually have the dozens of backhoes needed to completely erase meaningfull internet connectivity in north america, they would probably prefer to use them to smash cars and kill people on the interstate highways or something.
Terrorist inflict terror by killing people, not by forcing internet explorer to display "page cannot be displayed".
Let us not assume that murderous terrorist are as dumb as people in DHS.
--- end forwarded text
-- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list Clips@philodox.com http://www.philodox.com/mailman/listinfo/clips
On 1/19/06, Tyler Durden <camera_lumina@hotmail.com> wrote:
Back when I was in Telecom we used to talk about how silly most terrorist attacks are, at least in terms of real damage: The COs are only barely guarded...a few well placed surprises could have an impact that far exceeds mere PR.
the solution (at least, the only effective solution aside from significant infrastructure redundancy - $$$) is rapid repair, and att's disaster recovery program works well in this regard. if you recall after the trade center attacks (taking out massive CO capacity) they used a fleet of mobile switching trailers to terminate and switch all of the damaged fiber. this type of disaster recovery is also expensive, but much less than buried infrastructure and fixed COs.
The interesting thing is that packetized traffic (combined with optical layer protection) might makes things even less disruptable...
in my experience severely congested packet networks are just as shitty as outages in general; what good is that broadband line when your path to the world is constrained at 14.4? :P the real problem is the lack of diversity at the physical "X fibers through same conduit / RoW" layer that forces a single point of failure. the telco idea of path diversity is one ring buried plant and the other ring aerial plant along the same right of way... doesn't take much for a clustered outage in this environment to disrupt packet/cell based networks as much as dedicated circuits. in this respect the DHS paranoia over bridge photography begins to make a little more sense (although still useless).
Well, redundancy is basically universal, thanks to SONET rings. In fact, this is why there was any traffic at all on 9/11 and why Wall Street was able to come back on line so quickly afterwards. Even the big CO on West Street, which took some decent damage (and which I can see over my right shoulder), was rebooted very quickly thereafter (and true to GR-63-CORE just about all the equipment came back online correctly provisioned). BUT, someone knowledgeable about Ring architectures and other things could fairly easily figure out how to disconnect big chunks of the network if they really wanted to, and in such a way to cause some real damage. In telecom it always surpirsed us that "terrorists" never seemed to try this. -TD
From: coderman <coderman@gmail.com> To: Tyler Durden <camera_lumina@hotmail.com> CC: cypherpunks@jfet.org Subject: Re: Fwd: [Clips] Re: The Backhoe: A Real Cyberthreat? Date: Thu, 19 Jan 2006 16:29:50 -0800
On 1/19/06, Tyler Durden <camera_lumina@hotmail.com> wrote:
Back when I was in Telecom we used to talk about how silly most terrorist attacks are, at least in terms of real damage: The COs are only barely guarded...a few well placed surprises could have an impact that far exceeds mere PR.
the solution (at least, the only effective solution aside from significant infrastructure redundancy - $$$) is rapid repair, and att's disaster recovery program works well in this regard. if you recall after the trade center attacks (taking out massive CO capacity) they used a fleet of mobile switching trailers to terminate and switch all of the damaged fiber.
this type of disaster recovery is also expensive, but much less than buried infrastructure and fixed COs.
The interesting thing is that packetized traffic (combined with optical layer protection) might makes things even less disruptable...
in my experience severely congested packet networks are just as shitty as outages in general; what good is that broadband line when your path to the world is constrained at 14.4? :P
the real problem is the lack of diversity at the physical "X fibers through same conduit / RoW" layer that forces a single point of failure. the telco idea of path diversity is one ring buried plant and the other ring aerial plant along the same right of way... doesn't take much for a clustered outage in this environment to disrupt packet/cell based networks as much as dedicated circuits.
in this respect the DHS paranoia over bridge photography begins to make a little more sense (although still useless).
When I worked for Citicorp in the late 80s we switched over much of our backbone to private fiber. At the time I was shown detailed fiber routes for Sprint's network and after the meeting discussed how easy it would be for a disgruntled former employee to dig up multiple locations along their the often rural and remote routes and sabotage the entire network. The scenario that particularly concerned me was trenching and installing electromechanical guillotines triggered by receive-only terrestrial pagers since a multitude of locations could be severed in any order and at will. Although it might be possible to radio locate these it could be a grueling job. Meanwhile the saboteur could extort at will and even plant new ones after areas had been declared clean. Steve
participants (3)
-
coderman -
Steve Schear -
Tyler Durden