At 4:20 am. on Tuesday morning, three fiber optic cables providing Internet access to Sacramento were physically cut leaving California’s capital with an outage that lasted until 11:40 pm. In the latest attack an underground vault was broken into and three fiber-optic cables belonging to Colorado-based service providers Level 3 and Zayo were severed.
I mention that this was the latest incident because over the course of the past year, there have been a total of 11 attacks disrupting fiber optic cables causing massive Internet outages. According to FBI Special Agent Greg Wuthrich, these attacks date back to at least July 6, 2014.
It is believed that unknown vandals entered an Alameda County manhole and clipped three fiber optic cables which were housed in a subterranean vault. The attack further highlights the vulnerabilities and interconnectivity of the telecommunications grid. Peter Kranz, who is chief executive of Berkeley-based Internet provider Unwired Ltd, said “Pretty much everybody who has a large network in the Bay Area was affected by the vandalism. The fiber bundles carry traffic for lots and lots of companies. Hundreds, thousands of businesses will share.”
Although there have been a total of 11 attacks in a 12-month period, Wuthrich said that investigators are unsure how, or even if the incidents are connected. The problem is that the nature of the attacks is often in remote areas and a good guess is that vandals are dressed as utility workers. This has made it difficult to identify suspects.
I understand that cables can accidently be cut since it happened in my neighborhood. Con Edison was working on a corner and accidently cut the fiber optic cables providing service to my area. All of the cables in Manhattan are housed next to each other, so cutting a little too far or slipping is always a possibility.
However, 11 separate instances within a vault seem like a completely different situation. According to the FBI these fiber optic cable lines have been intentionally severed in at least 10 Bay Area cities, including Fremont, Berkeley, San Jose and Walnut Creek. Wuthrich said, "When it affects multiple companies and cities, it does become disturbing. We definitely need the public's assistance."
JJ Thompson, the CEO of Rook Security, a security consulting and services provider in Indianapolis, said, "When it's situations that are scattered all in one geography, that raises the possibility that they are testing out capabilities, response times and impact. That is a security person's nightmare."
Unfortunately, since this is considered to be an ongoing investigation, the FBI is not really able to discuss any of the details. The one thing that we can assume is that the people who cut the lines came prepared for the job. Fiber optic cables are usually enclosed in tough flexible conduit, which means certain tools are required.
If, as Thompson suggests, capabilities are being tested, does this mean that we can expect more tests in the future? Different companies have thousands of these types of vaults, so does that make them all vulnerable?
The area has been a hotbed for such attacks over recent years. Fiber-optic cables at four California locations were clipped on April 9, 2009, affecting more than 50,000 people in Santa Clara, Santa Cruz and San Benito counties.
On April 16, 2013, suspects cut cables and opened fire on electrical transformers outside San Jose, causing more than $15 million in damage. According to the FBI, the incidences which have occurred over the past year are unconnected to the sniper attack on the Metcalf substation.