Eavesdropping and physical attack, through an intentional or unintentional cut, are two main and often underreported threats to the country?s fiber-optic communications infrastructure.
Conventional wisdom holds that fiber-optic lines, unlike its copper wire predecessors, are very difficult to tap and only national governments have the resources to eavesdrop on communications transmitted through fiber-optic lines. However, Seth Page, chief executive officer of Oyster Optics, makers of intrusion-detection equipment, believes fiber-optic cables are vulnerable to sophisticated eavesdroppers who can run a tap with commercially available tools and technology. Moreover, Kimberlie Witcher in a SANS Institute research paper entitled Fiber Optics and its Security Vulnerabilities states, ?to do a virtually undetected tap, it is almost certain that intruders would only need available commercial items, such as, a laptop, optical tap, packet-sniffer software, and an optical/electrical-converter.?
It should therefore come as no surprise that there is documented evidence of taps placed on fiber-optic cables. According to the March 2003 Wolf Report, ?Security forces in the US discovered an illegally installed fiber eavesdropping device in Verizon?s optical network. It was placed at a mutual fund company… shortly before the release of their quarterly numbers.?
Like eavesdropping, there exists a debate on the degree of threat presented by a physical attack on fiber-optic lines. Conventional wisdom holds that recent upgrades have made the country?s fiber optic infrastructure more redundant and resistant to an attack. According to Frank Dzubeck, president of Communications Network Architects, ?nothing is centralized in one spot anymore, so if you want to take out one of these [rings], you?d have to take out many, many sections at once. There are multiple paths communications can take through these rings, and if you do cut a cable, you are only cutting one small section.?
In contrast, Dr. Sean Gorman, CTO of FortiusOne, a startup that’s aids financial companies diversify their electronic infrastructures, says there are vulnerabilities in the country?s fiber-optic infrastructure for two principal reasons. First, the recent mergers and consolidation in the telecommunications industry result in more communications routed through fewer fiber-optic cables. Second, many telecommunications companies do not want to invest the extra capital required to lay redundant fiber optic lines.
Evidence gathered regarding a series of recent fiber cuts supports Dr. Gorman?s analysis and contradicts Mr. Dzubeck?s statements. On January 9, 2006 cable TV contractors working just outside of Buckeye, Arizona cut a critical line of fiber-optic cable. This cut caused a three-and-a-half hour outage with national impact. Sprint PCS and Nextel wireless customers west of the Rockies lost long distance service. Additionally, transcontinental Internet traffic routed through Sprint?s network suffered from severe degradations in performance. The impact of this singular cut was so severe because only a few days earlier another section of the same ring of fiber in Reno Junction, California was damaged in a mudslide. These twin accidental events served to disrupt communications nationwide, and demonstrated that a well-planned intentional attack could have the same effect.
While nation-wide service disruptions are rare, cuts that affected a more localized area are unfortunately more common. An investigation by a KIRO 7 Eyewitness News, a local Washington state news broadcast, revealed that someone intentionally cut fiber lines and knocked out 911 emergency service to Whatcom County three times between 2001 and 2003.
These examples demonstrate that not only are there real vulnerabilities in the nation?s fiber-optic infrastructure, but these vulnerabilities have been previously exploited. While it is unclear who has carried out the attacks in Whatcom Country discussed above, it is reasonable to assume that other malicious actors such as terrorist groups or rival nation-states have take notice of these vulnerabilities. A determined actor intent on exacerbating another physical attack, such as a suicide bombing, could cut a critical regional node in the fiber optic infrastructure and adversely impact the emergency communications capability of an the targeted region. A communications disruption of this type in combination with another attack may result in extra confusion, delayed emergency response, and an increased psychological impact.