"In 2004, Department of Homeland Security officials became fearful that
terrorists might start using accidental dig-ups as a road map for deliberate
attacks, and convinced the FCC to begin locking up previously public data on
outages. In a commission filing, DHS argued successfully that revealing the
details..."
--MORE--
http://wired.com/news/technology/0,70040-0.html?tw=wn_tophead_1
-Dennis
My observation is that attempts to wield backhoes in a correct manner
yield enough of a cyberthreat [the "Serbian Backhoe Brothers" team has
visited us enough times for us to be justifiably paranoid].
On the other hand, it's quite possible that attempts to deliberately cut
fiber might be exactly as successful as attempts to avoid fiber, and we
have nothing to worry about in terms of deliberate sabotage.
Dennis Dayman wrote:
"In 2004, Department of Homeland Security officials became fearful that
terrorists might start using accidental dig-ups as a road map for deliberate
attacks, and convinced the FCC to begin locking up previously public data on
outages. In a commission filing, DHS argued successfully that revealing the
details..."--MORE--
http://wired.com/news/technology/0,70040-0.html?tw=wn_tophead_1
-Dennis
This is really stupid. Assuming the terrorist actually have the dozens of backhoes needed to completely erase meaningfull internet connectivity in north america, they would probably prefer to use them to smash cars and kill people on the interstate highways or something.
Terrorist inflict terror by killing people, not by forcing internet explorer to display "page cannot be displayed".
Let us not assume that murderous terrorist are as dumb as people in DHS.
[subject change since this is a change of subject, was "Re: The Backhoe: A Real Cyberthreat?"]
The biggest threat to Cyber security is stupidity, followed only by indifference. Period. There. Someone was bound to say it, so I said it first.
Now, in an attempt to get my NANOG "Header to Content" size ratio to 1, I'll rant on a little for your entertainment, enjoyment, annoyance, or hatred. 
Terrorists want to kill people. Did anyone die when those two fibers were cut? Did it cripple the US Economy? Did it close the stock markets? When the markets opened the next day, did stock prices fall across the board for weeks and months on end? Not exactly. Will people put bumper stickers on their cars that say "Remember 1/9?" or "Remember Buckeye and Reno Junction" No. Not one person will do that.
[most] Religious extremists tend to site religious verses saying things along the lines of it being acceptable to kill those who do not belive or who oppose their religion. [just like Christianity during the crusades] I'm pretty sure there's nothing in the Koran that says anything about "taking away their internet and cell phones, and knocking out their power." [so they can live like we do] This is something that the DHS knows, but doesn't want to admit too loudly. Why? Because it's easy to say "We're doing more to prevent cyber attacks. See? We took away the fiber maps! We accomplished something! This is bound to help out!" [now give us more money so we can afford to do more things like that]
They say that, to throw us [the public, and Congress that pays for their department to exist] a bone every now and again. It's nearly impossible for them to say "you're safer today than you were yesterday!" Well, they could say it, but it would be laughed at by the majority of the population. [more so than they are now] How are they supposed to calm people's fears? With a statement like: "See? You aren't being attacked by terrorists today! We must be doing our job!"
The graphic in the Wired story from FortiusOne showing fiber optic backbones and how they clump also shows just how many other fiber routes exist. It also shows where terrorists should go looking for fiber to cut. Look at THAT map. Go look for, and follow the signs. Failing that, make a few phone calls, and have the stuff marked so it can be found to cut it. It's really that easy. But why even do that? We already cut enough of it without any help from terrorists. Just in case no one was paying attention, the score is: Lack of information + guy on backhoe = 675,000 cuts per year: Terrorists = ZERO. It's up to carriers to either diversify or feel the wrath of the backhoe. Fortunately [for carriers that have an outage] and unfortunately [for long term reliability], the general population is forgiving and forgetful enough that when outages do occur and their life is back to 'normal' they just don't care enough to want to pay higher prices for that extra infrastructure.
The part that wasn't mentioned, is something I'm most interested in. How much did the outage cost Sprint? And is it worthwhile for them to use install or lease different fiber routes to prevent that type of revenue loss in the future? [My guess would be.... "No"] Marketing will make up for lost customers, and trying to convince people to forget that it ever happened, and rate increases and/or insurance will make up for any lost revenue.
-Jerry
This is really stupid. Assuming the terrorist actually have the dozens of backhoes needed to completely erase meaningfull internet connectivity in north america, they would probably prefer to use them to smash cars and kill people on the interstate highways or something.
Terrorist inflict terror by killing people, not by forcing internet explorer to display "page cannot be displayed".
Let us not assume that murderous terrorist are as dumb as people in DHS.
Agreed. However, if you disappear now, we'll know why! 
-Robert
Tellurian Networks - The Ultimate Internet Connection
http://www.tellurian.com | 888-TELLURIAN | 973-300-9211
"Well done is better than well said." - Benjamin Franklin
While it is always fun to call the government stupid, or anyone else for that matter, there is a little more to the story.
- For one you do not need a backhoe to cut fiber
- Two, fiber carries a lot more than Internet traffic - cell phone, 911, financial tranactions, etc. etc.
- Three, while it is very unlikely terrorists would only attack telecom infrastructure, a case can be made for a telecom attack that amplifies a primary conventional attack. The loss of communications would complicate things quite a bit.
I'll agree it is very far fethced you could hatch an attack plan from FCC outage reports, but I would not call worrying about attacks on telecommunications infrastructure stupid. Enough sobriety though, please return to the flaming.
Terrorists want to kill people. Did anyone die when those two
fibers were cut? Did it cripple the US Economy? Did it close the
stock markets? When the markets opened the next day, did stock
prices fall across the board for weeks and months on end? Not
exactly. Will people put bumper stickers on their cars that say
"Remember 1/9?" or "Remember Buckeye and Reno Junction" No. Not one
person will do that.
You are oversimplifying things here.... Why was the World Trade Center
chosen (twice) to attack.... it is an economic target. All wars are
economic, including drug wars and terror wars... what was the COST of
9/11???
A hell of a lot: http://www.ccc.nps.navy.mil/si/aug02/homeland.asp
that? We already cut enough of it without any help from terrorists.
Just in case no one was paying attention, the score is: Lack of
information + guy on backhoe = 675,000 cuts per year: Terrorists =
ZERO.
Consider the economic impact of cutting a significant portion of the
cross-country fiber capacity in such a way that it is very difficult
and time-consuming to repair (let's say, shaped-charges along the two
fiber routes every 1 mile or so for 50 miles, in remote terrain), in
combination with ambush and execution of the work crews sent out to
repair the damage, in combination with a similar types of attacks on
major cable landing points in the US. And while you are at it, a
truck bomb at 8:30 am Monday morning outside Wall Street. What about
an attack that specifically targetted SFTI? http://sfti.siac.com/
How much more critical does this get when you consider that NYSE is
going to all-electronic trading in the near future?
The IRA carried out very effective economic bombing campaigns in
London... is Al-Queda (or a hostile foreign government, say Syria) any
less-capable?
"Inflict[ing] terror by killing people" is not the only tactic
terrorists use. Attacks can be anything from a SPAM flood to a
DDoS attack to taking down dozens of servers or routers utilizing
known vulnerabilities. Targets can be bridges, buildings, etc. and
don't necessarily result in loss of life. Disrupting communications
channels is a common tactic used to attack the "enemy", so keeping
a close eye on and protecting key communications infrastructure is
a valid goal.
Further, It doesn't take "dozens" of backhoes nor dozens of sites
to cause a significant disruption. Imagine if 60 Hudson and 111 8th
were to go down at the same time? Finding means to mitigate this
threat is not frivolously spending the taxpayer's money, IMO;
although perhaps removing fiber maps is not the best way to
address this.
I would tend to disagree on that depending on how detailed those reports are. For example, if they indicate that junction X will hinder / disable communications to sector/grid Y, then yes, it could be a serious threat if you have police, fire, hospitals, etc on that section of the grid.
Mike P.
While it is always fun to call the government stupid, or anyone else for that matter, there is a little more to the story.
- For one you do not need a backhoe to cut fiber
- Two, fiber carries a lot more than Internet traffic - cell phone, 911, financial tranactions, etc. etc.
- Three, while it is very unlikely terrorists would only attack telecom infrastructure, a case can be made for a telecom attack that amplifies a primary conventional attack. The loss of communications would complicate things quite a bit.I'll agree it is very far fethced you could hatch an attack plan from FCC outage reports, but I would not call worrying about attacks on telecommunications infrastructure stupid. Enough sobriety though, please return to the flaming.
I agree with you on all points except the one you didn't make. 
The point is: What's more damaging? Being open with the maps to EVERYONE can see where the problem areas are so they can design around them? (or chose not to) or pulling the maps, and reports, and sticking our heads in the sand, and hoping that security through obscurity works.
The purpose of terrorism is to create widespread _terror_ (the
hint is in the word).
You are oversimplifying things here.... Why was the World Trade Center
chosen (twice) to attack.... it is an economic target. All wars are
economic, including drug wars and terror wars... what was the COST of
9/11???A hell of a lot: http://www.ccc.nps.navy.mil/si/aug02/homeland.asp
Was the terror caused by 9/11 because of the economic impact, or because
3000 innocent people died in such a terrible and unexpected manner ? If
the goal was "lets get those Amercians and the grand financial
institutions", Fort Knox might have been a better target for the
terrorists.
I strongly recommend reading the book I quote below, which deals exactly
with this topic.
Jerry Pasker wrote:
While it is always fun to call the government stupid, or anyone else for that matter, there is a little more to the story.
- For one you do not need a backhoe to cut fiber
- Two, fiber carries a lot more than Internet traffic - cell phone, 911, financial tranactions, etc. etc.
- Three, while it is very unlikely terrorists would only attack telecom infrastructure, a case can be made for a telecom attack that amplifies a primary conventional attack. The loss of communications would complicate things quite a bit.I'll agree it is very far fethced you could hatch an attack plan from FCC outage reports, but I would not call worrying about attacks on telecommunications infrastructure stupid. Enough sobriety though, please return to the flaming.
I agree with you on all points except the one you didn't make.
The point is: What's more damaging? Being open with the maps to EVERYONE can see where the problem areas are so they can design around them? (or chose not to) or pulling the maps, and reports, and sticking our heads in the sand, and hoping that security through obscurity works.
The people who have the problem areas should already know about them and be designing around them. I'm sure that Sprint, for example, knows very well where backhoes have gone through it's fiber. Although it sounds like they may not know where all their fiber is... <sigh>
Joe Schmuck down on 2nd Street doesn't need to know about the problem areas and his input would likely be unwelcome.
And no security or amount of redundancy is likely to be perfect - and these companies are in business to make money after all.
Obscurity is not the entire answer. But it should be part of it.
Jerry Pasker wrote:
The point is: What's more damaging? Being open with the maps to EVERYONE can see where the problem areas are so they can design around them? (or chose not to) or pulling the maps, and reports, and sticking our heads in the sand, and hoping that security through obscurity works.
Let's look at this from another point of view: Should we remove all
keylocks from backhoes so that everyone can have access to them?
I'm all for openness, but sometimes some things only need to be accessed
and used by the professionals that need those things. I fully trust that the big network operators, the ones that really really do need this data, have all the info they need to plan their network expansions, etc. I don't need to see this data, even though I might want to.
-Jim P.
And what is terror? Warfare
What is War?
(from Von Clausewitz's Om Kriege)
War is fighting and operates in a peculiar element -- danger. But war
is served by many activities quite different from it, all of which
concern the maintenance of the fighting forces. These preparatory
activities are excluded from the narrower meaning of the art of war --
the actual conduct of war, because they are concerned only with the
creation, training, and maintenance of the fighting forces. "The
theory of war proper, on the other hand, is concerned with the use of
these means, once they have been developed, for the purposes of the
war."
How do we defeat our enemy?
(again, Von Clausewitz)
- "The acts we consider most important for the defeat of the enemy are . .
--- Destruction of his army, if it is at all significant
--- Seizure of his capital if it is not only the center of
administration but also that of social, professional, and political
activity
--- Delivery of an effective blow against his principal ally if
that ally is more powerful than he."
I'd say economic attacks fall under #2. I'd further venture that if
9/11 happened in say, Tonopah, NV, there would not have been $XXX B
damage as a result of direct and indirect costs... and further, there
would have been (far) less of an uproar and DHS-type activity
increase.
What is worse for destruction of the US? Crippling the economy or
killing +/-3000 people? Was WW2 Germany defeated economically or
head-to-head, mano-y-mano in Europe? Was the Confederacy defeated by
systematically winning most land-enagements?
I submit that:
* there is a significant reason that WTC was targeted twice
* this is not the first or last time economics means have been
employed in terror campaigns
* every war ever, since the beginning of time, is was and will be
rooted in economics, and all other reasons given for war are BS.
* economic targets (supplies, infrastructure, shipping terminals,
communications, railroads) do far more to defeat an enemy than killing
some civilians... as a terrorist, great, an added bonus, you got so
infidels too!!!
I suspect that various entities will shortly start bitching about
operational content here, so...
Operations related, I think it *is* important to know, and conduct
war-games (you *.gov types) which include multi-vector attacks, in
which terrorists think and operate a coordinated manner that say, a
few Special Forces A-teams would, if they were given the same
mission... inflict as much economic and political damage as possible
with 40 people and a million dollar budget. I think this definitely
includes having access to the positions of these communications lines.
I think that public access to the locations of these communications
lines would have the end result of a far more fault-resilient
infrastructure.
Agree that a level of security is required, but the real value is in customers like banks knowing where their fiber is, so when they lease service for a back up provider they know it is not in the same ditch.
The article attribute the pro regulation quote to me, but actually it was out of context. I was proposing that you need an anonymous secure data pool that cusomers could qery to see what providers for a set of buildings are diverse. The mathematics to do the diversity optimization are available just an issue of data.
War is certainly terrible, although it isn't necessarily terrifying if
you aren't there :
http://dictionary.cambridge.org/define.asp?key=82098&dict=CALD
"1 [C or U] (violent action which causes) extreme fear:
They fled from the city in terror.
There was sheer/abject terror in her eyes when he came back into the room.
Lots of people have a terror of spiders.
What he said struck terror in my heart (= made me very frightened).
The separatists started a campaign of terror (= violent action causing fear) to get independence.
Heights have/hold no terrors for me (= do not frighten me)."
This is so way off topic for nanog that I'm going to stop here.
Jim Popovitch <jimpop@yahoo.com> writes:
Jerry Pasker wrote:
The point is: What's more damaging? Being open with the maps to
EVERYONE can see where the problem areas are so they can design
around them? (or chose not to) or pulling the maps, and reports, and
sticking our heads in the sand, and hoping that security through
obscurity works.Let's look at this from another point of view: Should we remove all
keylocks from backhoes so that everyone can have access to them?
This analogy is faulty, but illuminating insofar as it illustrates the
fallacy of putting up low bars to access that don't actually stop
people who're willing to put a little bit of effort into beating it.
Keylocks only work when your threat model is drunk fratboys or bored
teenagers (which is not necessary a disjoint set). They aren't a
significant part of the threat model for intentional fiber cuts.
Any John Deere dealer will be able to supply you with a key that
operates the vast majority of John Deere equipment of a certain type.
Anyone who can plan ahead enough to order from eBay is in like Flynn.
I'm all for openness, but sometimes some things only need to be accessed
and used by the professionals that need those things. I fully trust
that the big network operators, the ones that really really do need
this data, have all the info they need to plan their network
expansions, etc. I don't need to see this data, even though I might
want to.
Then don't look at it.
---Rob
Does the bank actually need that information? Or does there need to
be a way for the two providers to do conflict detection between their
design layout groups? You don't need copies of all provider's fiber
maps to do conflict detection for a particular group of circuits.
They need to know what the most resilient provider or combination of providers is to light up a set of locations. A data pool would not give you the data just the answer.
I do not think the problem is with the design layout groups. They have the ROWs they have - there is little change in that currently. Nor is there much incentive to volunteer the information if it could possibly result in the loss of a potential customer.
Currently there is no optimization of the diversity we have because the information is not available to the market to make an informed decision. As a result we have problems like during 9/11 when nobody realized that all the banks where using the same circuit to connect to the Fed for fund transfers.
Simply put the customer needs the information to make the best decision. I don't think anybody would rely on the providers to make the best decision for them. Trust me I'll give you the best price I am just not going to tell you what it is or how that compares to anyone elses prices. Substitute diversity for price and you get the point.
First of all: the IRA carried out very successful "systems attacks" on
the City of London, and also on major transport systems - motorway
viaducts, railway stations and signalling centers, airport terminals -
both in kinetic (real, actual bombs) and nonkinetic (hoax calls)
modes. All of these were practically speaking pre-Internet.
All right, this is NANOG. Yes, some of you were chatting over the
thing about who you wanted to fuck at Berkeley in 1973. For
economically and practically real-existing purposes in the UK, 1996
was pre-Internet. I'm sorry, I'm not in the master race.
The IRA 1990s London offensive was intended specifically to inflict
economic costs and political disruption without serious casualties, as
the IRA was in negotiations with government at the time. After John
Major kicked over the negotiations in order that the DUP would keep
his government in power, they wanted to put a fire to his balls
without appearing uncivilised enough to cause a hate-wave among the
public. Hence the sysdisrupts.
One thing they did not do was attack telecommunication targets. I
still have no idea why. In the UK they are normally quite obvious.
Beware..