Last  Thursday (9 Apr 2009) brought a new experience to many  in the telecommunications industry - a malicious  attack on two separate underground fiber optic systems.  The damage wiped out normal communications, including emergency 911 services, in many areas of the San Jose/San Carlos area, including service as far away as Gilroy.

This is the first time most in the telecom industry have experienced intentional disruption to telecom infrastructure, and both industry experts and authorities are scrambling to understand the WHYs, HOWs, and WHOs of the incident. 

The telecom industry, and watchdogs looking at the telecom industry, have long advocated stricter oversight and control over critical telecom  infrastructure.   In New York most manholes are not secured with any kind of lock, allowing virtually anybody with the desire to enter the underworld of critical infrastructure.  In downtown Los Angeles there is a high density of telecom carriers centered in the Wilshire, West 7^th, and West 6^th area.  In addition to telecom infrastructure, the power company, water, and sewage share the space below our major streets and intersections.  Thus, if there was a desire for malicious activity below the streets of LA, or other major cities, it is not just telecom, but nearly all our critical infrastructure services which would be damaged or seriously disrupted.

While the San Jose/San Carlos events may simply be the action of a disgruntled employee, or some person who enjoys inflicting a bit of disruption and suffering on others, the implication is very clear.  A person with some basic knowledge of fiber optics and outside plant (fiber cable running outside of buildings in metro or long distance routes) can be considered a high risk.  With our lives becoming increasingly dependent on the Internet, mobile phones, E911 services, and messaging, disruption to our infrastructure could have catastrophic results.

We need to consider the following:

• Ensure security (locks as a minimum) of all manholes and access points to critical infrastructure
• Add real time intrusion monitoring devices to those access points
• Ensure awareness of local law enforcement to understand the locations and nature of critical infrastructure
• Consider government guidelines on management of telecom and Internet infrastructure (as it applies to our critical national infrastructure interests - NOT monitoring the private activities of law-abiding citizens!!!)
• Increased awareness and intelligence gathering on organizations who may have the expertise to physically or logically disrupt critical infrastructure

The cable cuts in northern California were no accident.  Human beings intentionally took hack saws and cut through bundles of fiber optic cable.  The distance separating submarine cable landing stations from the cities where other physical interconnections are managed allows ample opportunity for a malicious action that would result in serious international telecom disruptions.  While you may be able to secure a city manhole, that does not help the 275 miles from Grover Beach to LA or to San Jose.  A lot of open space.

Natural disasters are also a concern, however we can more easily plan for natural disasters.  It is a rare hurricane or snow storm that takes us completely by surprise, and systems should be designed with adequate diversity to accommodate the potential of earthquake.

We are now in a window where our businesses are increasingly looking at outsourcing through cloud computing, and putting our security into the hands of those outside of our organization - including geographically outside of our organization.  It is time for us as users, and the telecom industry, to seriously consider the potential effects of disruption to our infrastructure, and ensure adequate security and disaster recovery planning.