The Vulnerable Cables Undergirding the Internet

By Kenneth Anderson
Sunday, November 8, 2015, 6:23 PM

Amid concerns of cybersecurity and cyberwarfare, there is a related security topic that receives far less attention: vulnerabilities of the physical cables that enable telecommunications traffic and the Internet. Journalist Kate Murphy has a good, brief, non-technical analysis of the problem in today’s NYT, "The Cyberthreat Under the Street"(NYT, Sunday Review, November 8, 2015).

Murphy reports that within the last year there have been sixteen “so-called fiber cuts in the San Francisco Bay Area … someone or some group has been going through manholes to sever fiber optic cables that supply telecommunications to the region.” Ominously, following each incident, affected residents “couldn’t make land or mobile calls, not even to 911, or send texts or emails.” The problem, Murphy says, is that when we talk about the Internet, we talk

about clouds and ether. But the Internet is not amorphous. You may access it wirelessly, but ultimately you’re relying on a bunch of physical cables that are vulnerable to attack. It’s something that’s been largely forgotten in the lather over cybersecurity. The threat is not only malicious code flowing through the pipes but also, and perhaps more critically, the pipes themselves.

These physical cables have particular points of vulnerability - the “throughways and junctures” that handle vast quantities of Internet traffic - think by analogy of major freeway interchanges and what would happen to traffic in all directions if those junctures were brought down. Murphy reports that there isn’t even a good map of the Internet’s highways and byways, one that would show “locations that, if taken out, would severely hamper the system.” The most important points for possible disruption are the “Internet exchange points,” or I.X.P.s, where the “networks come together” to trade traffic; a handful of vital I.X.P.s, Murphy says, are located in major US metropolitan areas, carrying domestic as well as international traffic.” If these major hubs were “taken out by natural disaster … or a strategic attack, much of the United States, if not much of the world, would have hindered Internet access or none at all, depending on the severity and sophistication of the strike.” Remarkably many I.X.P.s are housed in

old, unprotected buildings … Often it’s possible to lease adjacent office space in the buildings. Sometimes there aren’t even security guards in the lobby. And the manholes around the buildings are also unprotected … The Department of Homeland Security, which is responsible for critical infrastructure, has no requirements for the physical protection of I.X.P.s nor does it have any rules against ownership by companies affiliated with a hostile foreign state.

Experts interviewed by Murphy point to two different strategies for protecting this infrastructure. One is to increase security at the critical junctures, perhaps even concentrating traffic within those specially protected sites. The other is to disperse the system far more than it is now, so that no single juncture is as critical as now and the system is protected through redundancy. If you create redundancy, says Bill Woodcock of the research institute Packet Clearing House, it “doesn’t matter if it’s in a mop closet.” He refers, Murphy says, to one “heavily trafficked I.X.P. in a former janitor’s closet on an upper floor of an old building.”