Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

A Cyber-Attack On an American City

timothy posted more than 5 years ago | from the if-by-one-day-you-mean-already dept.

Security 461

Bruce Perens writes "Just after midnight on Thursday, April 9, unidentified attackers climbed down four manholes in the Northern California city of Morgan Hill and cut eight fiber cables in what appears to have been an organized attack on the electronic infrastructure of an American city. Its implications, though startling, have gone almost un-reported. So I decided to change that."

cancel ×

461 comments

Sorry! There are no comments related to the filter you selected.

FRIST POST (-1)

Anonymous Coward | more than 5 years ago | (#27679133)

FRIST POST

Bruce ! Careful or HP will fire your ass again ! (-1, Troll)

Anonymous Coward | more than 5 years ago | (#27679461)

Bruce ! Careful or HP will fire your ass again ! And HP will do it with prejudice and make you wish your mama never told you how to lie so much !!

Redundancy, redundancy, redundancy... (5, Insightful)

explosivejared (1186049) | more than 5 years ago | (#27679147)

We should also consider whether it might be necessary to harden some of the local infrastructure of our communities. The old Bell System used to arrange cables in a ring around a city, so that a cut in any one location could be routed around. It's not clear how much modern telephone companies have continued that practice. It might not have helped in Morgan Hill, as the attackers apparently even disabled an unused cable that could have been used to recover from the broken connections.

Always assume the enemy knows the system. Hardening wouldn't hurt, but redundancy is the most important thing. Hardening a system tends to make it that much more vulnerable to a single insider. Redundancy mitigates this effect. Having such a small group be able cause so much disruption from such a relatively simple act makes it obvious that the city placed way too much on a single point of failure remaining in tact. Have redundant fiber. Have auxiliary wireless setups. Maintain a base of ham volunteers. Multiply your points of failure.

Personally, I think this sort of lax infrastructure security has become endemic. The 'war on terror' rhetoric we were fed for so long has us looking for the next suicide jet-liner attack or what have you, completely distorting any real conception the public had of real-world modern security risks.

Re:Redundancy, redundancy, redundancy... (4, Insightful)

Red Flayer (890720) | more than 5 years ago | (#27679301)

Multiply your points of failure.

I'm not sure that means what you think it means :)

Reducing single points of failure is what is needed, which is not the same thing as multiplying the places it is possible to have failure.

But all the methods you describe have merit, but they also have a huge drawback -- cost. It's hard to get private entities to absorb the cost of redundant fiber, etc, since they will see very little gain from them.

So is the answer to nationalize our fiber infrastructure? Is that the only way we can make our systems secure?

Re:Redundancy, redundancy, redundancy... (1)

eleuthero (812560) | more than 5 years ago | (#27679453)

This answer would seem to make everything cheaper in the long run for consumers... but maybe I am reading the Swedish model for internet wrong.

Re:Redundancy, redundancy, redundancy... (3, Insightful)

Xeth (614132) | more than 5 years ago | (#27679963)

As with any infrastructure that has national security implications, the answer is yes. Where is the profit incentive to make you triple your costs (at least) to safeguard against an incredibly rare occurrence?

Re:Redundancy, redundancy, redundancy... (2, Insightful)

twidarkling (1537077) | more than 5 years ago | (#27679317)

Isn't that always been the way, though? Society focusses on one threat to the point where it becomes blind to others, and is unable to recover properly when that weak spot is uncovered and exploited?

Re:Redundancy, redundancy, redundancy... (4, Insightful)

Bruce Perens (3872) | more than 5 years ago | (#27679377)

Redundancy of means, not just points. That means not just relying on the wired communications infrastructure or things that depend on it like cellular, for your emergency services.

Redundancy isn't always economically efficient, but we have to do it anyway, and what is worse we have to keep testing it so that it keeps working. This is hard to do if you are a private company with your stockholders baying at your feet for more efficiency.

Re:Redundancy, redundancy, redundancy... (2, Informative)

wh1pp3t (1286918) | more than 5 years ago | (#27679395)

For such a relatively small area, only so much redundancy can be expected. Fiber rings are alive and well but are for switch-switch connectivity; not for the end user points. Granted, redundant communication systems should be in place for emergency services, but the answer is more to have alternative methods (backup) of communication.

Re:Redundancy, redundancy, redundancy... (1)

NewbieProgrammerMan (558327) | more than 5 years ago | (#27679483)

Have redundant fiber. Have auxiliary wireless setups.

You'll have to legally and explicitly require all communications companies to provide such redundancies. If it's not a legal requirement, most providers will just choose not to do it: "Why should I spend money on redundancy when I can just cut prices to attract more customers, or use it to pay bonuses and dividends to make my shareholders and employees happy?"

Re:Redundancy, redundancy, redundancy... (1)

russotto (537200) | more than 5 years ago | (#27679599)

Redundancy is insufficient when dealing with knowledgeable and resourceful attackers. The phone system already has redundancy, otherwise every idiot with a backhoe would take it out (rather than just the occasional idiot with a backhoe who hits a non-redundant resource). But if you're dealing with an attacker who knows the system and has full access to it, they can cut all the redundant connections too. You need some sort of hardening and security as well as redundancy, and those are even more expensive.

Re:Redundancy, redundancy, redundancy... (4, Insightful)

couchslug (175151) | more than 5 years ago | (#27679551)

"Personally, I think this sort of lax infrastructure security has become endemic."

That's why the incident under discussion is a good thing in the way that cracker threats and viruses are good.

Without attacks there is little incentive to build robust systems.

Re:Redundancy, redundancy, redundancy... (1)

inject_hotmail.com (843637) | more than 5 years ago | (#27679795)

"Personally, I think this sort of lax infrastructure security has become endemic."

That's why the incident under discussion is a good thing in the way that cracker threats and viruses are good.

Without attacks there is little incentive to build robust systems.

Without attacks, there's no reason to build robust systems.

Well, sorta...redundancy is always a good idea...stuff breaks...100% uptime would be nice.

I had an idea: build a system with utilized redundancy...if one area/link goes down, the other keeps going...e.g. 50% of total capacity, but it's still going...

Re:Redundancy, redundancy, redundancy... (4, Funny)

Red Flayer (890720) | more than 5 years ago | (#27679987)

Without attacks there is little incentive to build robust systems.

Without attacks there is little need to build robust systems.

Except natural disasters, of course, but you can turn them off in the options menu.

Re:Redundancy, redundancy, redundancy... (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#27679655)

Personally, I think the war our federal government has waged on gun ownership is to blame.

There used to be a time in this country when the fear of being shot to death was a strong deterrent for criminal activity, let alone trespassing.

I for one advocate not only the owning of guns, but the usage of them on criminals as well.

Re:Redundancy, redundancy, redundancy... (0)

Anonymous Coward | more than 5 years ago | (#27679961)

This is redundancy talk is kind of ridiculous dont you think? All of the telecom/ISP's have at least two lines... any more and it gets expensive. Any city will also have at least two lines in. If someone wants to physically take down your network, it doesn't matter how many freaking lines you have, that will be one more line that the attacker will take down. Notice the attackers cut eight cables, if they would have had nine and a radio link, than the attackers would have taken down 9 cables and a radio link, you can also secure your lines, but that gets expensive too, it makes no sense to secure every single line in america, that would just be another couple of hundred billion dollars wasted...

Re:Redundancy, redundancy, redundancy... (1)

Elektroschock (659467) | more than 5 years ago | (#27679983)

So what about operating systems? Isn't it dangerous if everyone is using Windows, everyone is using Firefox and so forth. I agree with you on the aspect of reundancy but there is another point, the decentral nature of a net.

Well this is something (1, Interesting)

ForeverOrangeCat (1430461) | more than 5 years ago | (#27679159)

first! Honestly though, doesn't everything think it only was a matter of time?

Hams FTW (5, Insightful)

ipX (197591) | more than 5 years ago | (#27679167)

Ham radio operators save the day once again... 'nuff said.

Re:Hams FTW (2, Interesting)

Seakip18 (1106315) | more than 5 years ago | (#27679297)

You know, I've always wondered what it would take to get into Ham radios. Any links or info for someone looking at picking it up?

Re:Hams FTW (3, Informative)

tchuladdiass (174342) | more than 5 years ago | (#27679355)

arrl.org (the American Radio Relay League). Also, the electronic department of most community colleges have a ham club, which offer the tests on a monthly basis.

You don't need to know Morris code any more, but you do need to study up on radio & electronic theory. Radio shack used to sell the Ham license study guides, but I don't know if they have them any more.

Re:Hams FTW (3, Funny)

Maserati (8679) | more than 5 years ago | (#27679397)

"Morris code" implies Morse Dancing. Which added a little hilarity to my afternoon.

Re:Hams FTW (0, Flamebait)

Anonymous Coward | more than 5 years ago | (#27679725)

Up until they die of brain cancer from being too close to their antennas, at which point we all golf-clap in delight that another fat-ass, middle-aged house hermit wasting his time on his toy radio has bitten the fucking dust.

Terrorists? Probably not. (5, Insightful)

Sir_Lewk (967686) | more than 5 years ago | (#27679173)

Lets not all go blaming terrorist organizations on this one.

My money is on unionized workers facing layoffs or payroll cuts. They would best know how to hurt the system and this sort of sabotage being linked to unions is not exactly unheard of.

Re:Terrorists? Probably not. (3, Insightful)

Red Flayer (890720) | more than 5 years ago | (#27679243)

Lets not all go blaming terrorist organizations on this one.

Define terrorism.

Now define terrorist organization.

If an organized group of people orchestrated this attack in order to bring attention to some goal, wouldn't that make them a terrorist group?

Admittedly, an attack on property is not the same as an attack on people, but yet... to me this seems textbook.

Re:Terrorists? Probably not. (4, Insightful)

Sir_Lewk (967686) | more than 5 years ago | (#27679289)

Well, I'd certainlly concede that this could be classified as terrorism but I was refering more to the "ZOMG TALIBAN" kind of terrorists. Modern media interpretation of the word. ;)

Re:Terrorists? Probably not. (4, Insightful)

couchslug (175151) | more than 5 years ago | (#27679613)

""ZOMG TALIBAN" kind of terrorists. Modern media interpretation of the word. ;)"

Shortly to turn into "ZOMG Wobbly Anarchist Union Menace to be cleansed with fire and legislation" if formerly-gruntled union workers are found to be the cause...

Re:Terrorists? Probably not. (4, Insightful)

MightyYar (622222) | more than 5 years ago | (#27679347)

wouldn't that make them a terrorist group?

I'd presume that some amount of "terror" would need to be created for one to be considered a terrorist. But maybe I'm old-fashioned.

Re:Terrorists? Probably not. (2, Insightful)

TubeSteak (669689) | more than 5 years ago | (#27679973)

I'd presume that some amount of "terror" would need to be created for one to be considered a terrorist. But maybe I'm old-fashioned.

Terrorist acts need not generate terror.
Part of the definition is that the acts can be designed to intimidate or cause fear.
Actions that don't fit your 9/11 definition of terrorism are still considered terrorism.

Ultimately, unless some ideological motivation is discovered, this isn't terrorism, just sabotage.

Re:Terrorists? Definitely not. (5, Insightful)

Anonymous Coward | more than 5 years ago | (#27679357)

If an organized group of people orchestrated this attack in order to bring attention to some goal, wouldn't that make them a terrorist group?

No.

What makes a terrorist group a terrorist group, is that they inflict, you know, terror .

Cutting some cables isn't going to (and, in fact, didn't) send the general populace into a panic.

Yes, it's an inconvenience, but unless they are trying to instill terror in the general populace, they're not terrorists.

Re:Terrorists? Definitely not. (4, Funny)

TheRaven64 (641858) | more than 5 years ago | (#27679813)

They might just be really, really, incompetent terrorists? I don't think we have a word mildinconvenienceists.

Re:Terrorists? Definitely not. (0)

Anonymous Coward | more than 5 years ago | (#27679917)

They might just be really, really, incompetent terrorists?

Considering there was no claim of responsibility, no demand, etc., I'd doubt it.

I don't think we have a word mildinconvenienceists.

You say that like it's a bad thing.

I realize that applying simple labels makes it easier for sheeple to know whether they're "us" or "them", but it's not really productive as it makes it harder for them to make independant evaluations.

Re:Terrorists? Probably not. (1)

fuzzyfuzzyfungus (1223518) | more than 5 years ago | (#27679365)

You could extend "terrorism" to cover this incident; but it might not mean very much thereafter. "An organized group of people orchestrated this attack in order to bring attention to some goal" is a very low bar to set.

Re:Terrorists? Probably not. (1)

radish (98371) | more than 5 years ago | (#27679421)

Define terrorism

It probably wouldn't involve people running through the streets screaming because their cable TV was out.

(Of course I realise that "fiber cables" can be used for much more important things than TV, but on a serious point I do think the word "terror" has had it's definition watered down a lot in the past few years).

Re:Terrorists? Probably not. (2, Interesting)

Gat0r30y (957941) | more than 5 years ago | (#27679473)

Um, was anyone terrified that the fiber had been cut?

Define terrorism (1)

microbox (704317) | more than 5 years ago | (#27679631)

The use of violence and terror for political aims.

That's why it's called terrorism

Re:Terrorists? Probably not. (5, Interesting)

PapayaSF (721268) | more than 5 years ago | (#27679257)

sabotage being linked to unions is not exactly unheard of

Indeed, that's very possible: the contract between the Communication Workers of America and AT&T expired on April 11th [morganhilltimes.com] .

Re:Terrorists? Probably not. (2, Interesting)

CSFFlame (761318) | more than 5 years ago | (#27679413)

A friend of mine is working for an entity involved in this. AT&T was trying to negotiate the (new) contract down, created and uproar and then this happened. They are 99% sure it was disgruntled CWA workers.

Re:Terrorists? Probably not. (2, Insightful)

bjourne (1034822) | more than 5 years ago | (#27679571)

Um.. That article explicitly refutes that rumor. Although they used weasel words to deny the suspicions in such a way that the suspicion seems more plausible to a casual reader. E.g. AT&T has not identified any suspects and does not believe Bruce Perens sabotaged their fiber like others have suggested. Although he did post a slashdot article about it two weeks after the incident...

Blaming those damn commie unions sure is popular.

Re:Terrorists? Probably not. (1)

Bruce Perens (3872) | more than 5 years ago | (#27679309)

I don't think it was terrorists. No terrorism occurred. I am just pointing out that the attack indicates that should someone really want to do something nasty, not just to Morgan Hill but to a larger city, and attack like the one in Morgan Hill is just too darned easy and disables the whole communications infrastructure.

Re:Terrorists? Probably not. (0, Flamebait)

Sir_Lewk (967686) | more than 5 years ago | (#27679635)

Understood, I was just envisioning in my mind dozens of wingnut drones trying to make that connection.

Re:Terrorists? Probably not. (0, Offtopic)

fisticuffs (1537381) | more than 5 years ago | (#27679737)

Bruce, pardon my tinfoil hat, but could it have been a 3-letter agency running a live simulation? The data would be skewed if the participants knew it were an exercise.

Re:Terrorists? Probably not. (1)

michtu (541114) | more than 5 years ago | (#27679837)

I don't think it was terrorists. No terrorism occurred.

Of course if I were looking to do something in the future, I'd probably want to see response times and methods before really sticking my neck out. That would be the case for an attack or just regular old theft. Most likely this is not the case but hopefully those in charge are keeping something like that in mind.

Re:Terrorists? Probably not. (3, Informative)

Elwood P Dowd (16933) | more than 5 years ago | (#27679375)

Or just regular blackmail:

http://yro.slashdot.org/article.pl?sid=09/04/20/1427259 [slashdot.org]

I assumed these were both the same story at first. But the YRO story was 2005, and this one was a few weeks ago.

Re:Terrorists? Probably not. (4, Insightful)

Sponge Bath (413667) | more than 5 years ago | (#27679597)

My money is on unionized workers...

I think it was management, upset that so few people wore Hawaiian shirts on casual Friday.

Re:Terrorists? Probably not. (1)

FlyingBishop (1293238) | more than 5 years ago | (#27679801)

Unions have a stake in their company, and no reason to do this sort of thing unless they actually have been laid off, or have taken an unfair pay cut, which is more likely to happen to non-unionized employees.

Re:Terrorists? Probably not. (1)

Phred T. Magnificent (213734) | more than 5 years ago | (#27679819)

My money is on unionized workers facing layoffs or payroll cuts.

I'd be more inclined to bet on anti-union people trying to make the union workers look bad.

Re:Terrorists? Probably not. (5, Funny)

TheRaven64 (641858) | more than 5 years ago | (#27679825)

My money is on unionized workers

Well then, ionize the workforce in future.

Ocean's 14? (5, Funny)

Absolut187 (816431) | more than 5 years ago | (#27679197)

Is there a casino nearby?

Hams (5, Funny)

pete-classic (75983) | more than 5 years ago | (#27679253)

Jesus. Here come four thousand posts about how awesome hams are, and how Internet over power cables sucks, etc.

My Dad was a ham. Yes, hams are awesome. In their nutty little useful-once-in-a-lifetime, semi-Luddite way.

We love you, hams. We're glad you're out there. But please, seriously, shut the fuck up. On the Internet. Feel free to blather on your radios.

-Peter

Re:Hams (5, Funny)

Red Flayer (890720) | more than 5 years ago | (#27679345)

My Dad was a ham.

He was delicious.

Yes, hams are awesome.

I concur. Especially with eggs. Or spiced and pressed into a can.

Re:Hams (2, Insightful)

idontgno (624372) | more than 5 years ago | (#27679443)

But please, seriously, shut the fuck up. On the Internet. Feel free to blather on your radios.

Quoth the slashbot. On the Internet.

+1 Ironic (and not in the Morissette sense)

Hell, there's no sane reason amateur radio shouldn't be a low-capacity emergency part of the Internet [wikipedia.org] .

You should probably work out your deep-seated issues with your daddy someplace else. Rather than on the Internet.

Re:Hams (2, Insightful)

pete-classic (75983) | more than 5 years ago | (#27679625)

It's really weird that you interpreted what I said as daddy issues. Was the association of, "A was a B. Bs are awesome." lost on you?

What I was trying to convey, in fact, is that I respect amateur operators. I just find the obligatory self-congratulations every time there's an article that has anything to do with ham radio annoying.

I also find it fascinating that you dismiss me as a "slashbot", since I regularly go against the grain here. Come to think of it, you accuse me of being a slashbot when I complain about the prevailing view of hams on slashdot. I think we're tied in the irony department.

-Peter

Re:Hams (0)

Anonymous Coward | more than 5 years ago | (#27679727)

You should probably work out your deep-seated issues with your daddy someplace else. Rather than on the Internet.

I hear they have these radio things that once you get your license for you can babble on for hours with random folks.

Re:Hams (1)

Phroggy (441) | more than 5 years ago | (#27679527)

What's impressive about this story is not how awesome hams are, but how swiftly the local authorities turned to them for help.

Re:Hams (1)

pete-classic (75983) | more than 5 years ago | (#27679685)

What's impressive about your post is that you replied to my post, which was about refraining from talking about how awesome hams are, by talking about how awesome hams are.

My hat is off to you, sir!

-Peter

PS: I'm seriously toying with the idea of getting an amateur operators license because of this story. But don't let that dick idontgno know!

Re:Hams (1)

Bruce Perens (3872) | more than 5 years ago | (#27679667)

You're just grousing because you couldn't pass the code test :-)

Re:Hams (1)

pete-classic (75983) | more than 5 years ago | (#27679765)

I thought they did away with that test.

I'm delighted that you see through my bullshit, though. You might have a word with that idontgno dude. He's taking it a little hard.

-Peter

Re:Hams (1)

psicop (229507) | more than 5 years ago | (#27679911)

Since the filter thinks a straight comment looks like ascii art .. .-.. --- .-.. -.. (twice)

Re:Hams (1)

makapuf (412290) | more than 5 years ago | (#27679787)

As seen in 10 years :

Jesus. Here come one hundred thousand posts how awesome linux is, and how Internet on windows servers sucks, etc.

My father was a linuxian. Yes, linux is awesome. In their nutty little useful-once-in-a-lifetime, semi-Luddite way. We love you, linuxians. We're glad you're out there. But please, seriously, shut the fuck up. On the Internet. Feel free to blather on your Slashdot.

(alt. : linux,windows = bsd,linux)

Cyber(?) Attack (5, Insightful)

Duradin (1261418) | more than 5 years ago | (#27679281)

So now a "cyber" attack includes the physical destruction of hardware/infrastructure without any exploitation of any programming logic?

Re:Cyber(?) Attack (2, Interesting)

Bruce Perens (3872) | more than 5 years ago | (#27679405)

IMO this is what a real "cyber" attack looks like. It's interesting that someone can do it remotely, but the fact that someone - maybe just one person - was able to be 100% effective in denying communications with not much more than a hacksaw, that's a real hack :-)

Re:Cyber(?) Attack (1)

Duradin (1261418) | more than 5 years ago | (#27679831)

The problem I have is that when you start casually mixing things like the method of attack with the target of the attack (cyber attack vs. attack on cyberspace) it muddies up the language and provides far too much fodder for the shout-loudly-at-each-other-and-call-it-analysis media to go off half-cocked on.

It doesn't take much thinking to come up with examples of things that sound like or look like other things but get wrongly lumped in with the other things by the general populace (and the media and politicians) that drive those in the know crazy.

Re:Cyber(?) Attack (2, Informative)

stevied (169) | more than 5 years ago | (#27679429)

I guess it's kinda reasonable to use the term for an attack on the "cyber" domain (by going after its physical substrate) as well as for attacks that occur within that domain. Either way, it screws up people's access to comms.

Re:Cyber(?) Attack (1)

Elwood P Dowd (16933) | more than 5 years ago | (#27679643)

YES. That is the old definition of cyber attack, my brother. Your console cowboy isn't worth a damn without some muscle behind him. Case wouldn't have gotten anywhere without Molly and the Panther Moderns.

Re:Cyber(?) Attack (5, Insightful)

Darth_brooks (180756) | more than 5 years ago | (#27679689)

Four words: Denial of Service Attack. You want the hospital's network cut off from the outside world for 8 hours? Congrats. Done. This was Indiana Jones vs. the Scimitar-wielding Arab. I'd like to this this whole situation has encouraged people to start thinking a little bit more outside the box when it comes to infrastructure planning and what "mission critical" really means.

For example, my last employer took mission critical to heart. They were the regional blood bank, so that mentality was infused (tee hee. I made a pun.) into every aspect of the organization. Microwave links between our sites (and several customer sites. If need be we had the capacity to route traffic in and out through locations that were physically 5-10 miles away), generator power up the wazoo (including written contracts that put us second in line behind the hospital for diesel fuel. on top of the ample reserves we kept on site. Don't know why we weren't natural gas, though I assume that was more capacity than anything else), redundant external power connections to independent grids (which paid off handsomely one day), pneumatic tube connections to two hospitals and a couple other local sites, and a disaster preparedness plan that could have been leather bound and used for Law Office commercials if it wasn't being updated so often.

Infrastructure and disaster planning require some in depth "disaster porn" level of thought. It's hard to excuse civic services for not being ready to handle this sort of outage. Between that job and working in SE Michigan during the '04 blackout, I've learned a lot about just how ready some places think they are vs. how ready they really are to handle a disaster, be it man made or otherwise.

Re:Cyber(?) Attack (1)

Quiet_Desperation (858215) | more than 5 years ago | (#27679869)

Eh... it's an attack on the network. I'll allow it. Objection overruled. :)

Re:Cyber(?) Attack (1)

Red Flayer (890720) | more than 5 years ago | (#27679905)

So now a "cyber" attack includes the physical destruction of hardware/infrastructure without any exploitation of any programming logic?

The usage struck me as odd, too.

I always figured "cyber-" refers to the mechanism, not the target. A cyber-attack would therefore be one that was perpetrated using "cyberspace", or our communications and communications control mechanisms... This attack, while targeting "cyberspace" infrastructure, was a meatspace attack.

We wouldn't claim that a missile launched from the ground that targets a ship at sea is a naval attack, would we? It's a missile attack.

Cables were cut in San Jose and San Carlos (4, Informative)

georgewilliamherbert (211790) | more than 5 years ago | (#27679325)

Bruce, the cable cuts were in San Jose and San Carlos. The cable between San Jose and Morgan Hill was cut, but the cut location was in the city of San Jose.

(otherwise, agree with what you said, hopefully wider audience for this will help...)

Re:Cables were cut in San Jose and San Carlos (2, Informative)

Bruce Perens (3872) | more than 5 years ago | (#27679431)

As far as I am aware, there were four locations entered, and eight cables cut. Do you have the locations for all four? If so, don't put it on Slashdot :-)

Re:Cables were cut in San Jose and San Carlos (5, Funny)

Anonymous Coward | more than 5 years ago | (#27679545)

I doubt many readers here could physically fit into a manhole, much less survive a climb down any sort of non-motorized ladder.

Re:Cables were cut in San Jose and San Carlos (1)

Maxo-Texas (864189) | more than 5 years ago | (#27679629)

Along those lines, apparently a single cable leaving california provides most of the indian bandwidth.
They probably need a bit more redundancy there.

Re:Cables were cut in San Jose and San Carlos (2, Informative)

Bruce Perens (3872) | more than 5 years ago | (#27679691)

I changed the article to "cables serving the city of Morgan Hill" instead of "in" it.

Hmm (1)

Tgeigs (1497313) | more than 5 years ago | (#27679343)

Perhaps a government operation on how to isolate "trouble spots" in the country should "trouble makers" be suspected?

Bruce to the rescue! (0)

EveryNickIsTaken (1054794) | more than 5 years ago | (#27679379)

Um, Bruce, there's a reason this didn't make news in mainstream media. Besides, I thought they had some internet out there in Californy! ---- Go ahead and mod me down, I've got karma to burn.

Even bigger news: (-1, Troll)

Anonymous Coward | more than 5 years ago | (#27679381)

Niggers smell like dead apes.

this is interesting (4, Interesting)

Satanboy (253169) | more than 5 years ago | (#27679399)

We had a similar cyber attack here in columbus, ohio. A disgruntled employee (it is thought) shot the fiber backbone for Time Warner with a .22. I don't believe they ever caught the guy who did this. This one action disrupted the internet for hundreds of companies and thousands of users. It took around 3 days to get the internet back up for everyone.

This was just one fiber cable, imagine if someone had purposely cut lines downtown?

The stuff is very centralized and not well protected.

There needs to be better protection against these sorts of actions, and there needs to be a backup plan in place in case something like this does happen.

Re:this is interesting (1)

matty619 (630957) | more than 5 years ago | (#27679811)

I remember this one [youtube.com] (its an old VCR recording of the local news)

A recently fired worker goes into a Riverside Pac Bell CO with a shotgun, and blows the crap out of the switching equipment. This is before internet and cell phones were common, which means it took out people's only means of telecommunication, for a couple days in some areas.
You can't plan for everything

-M@

Discussed on NANOG (4, Informative)

lothos (10657) | more than 5 years ago | (#27679423)

This was discussed extensively on the NANOG (North American Network Operators Group) email list.

It appears that the outage affected multiple carriers including ATT and Alternet.

Re:Discussed on NANOG (0)

Anonymous Coward | more than 5 years ago | (#27679843)

I think that was the point. It wasn't well reported to the 6.5 billion people *not* on the NANOG list.

Ugh. (-1, Troll)

Anonymous Coward | more than 5 years ago | (#27679445)

Again the insufferably "nasal" Bruce Perens and his colossal ego have returned, this time to pretend he's a journalist breaking the news on some sort of terrorist attack in progress. In the process he manages to get the facts wrong like a real reporter (as pointed out by previous posters, the actual cable cut occurred in San Jose, not out in the ass end of nowhere that is Morgan Hill). Great job Bruce. See about getting your fucking nose fixed by the way, you sound like an elephant with a cocaine habit.

The hospital (0)

Twillerror (536681) | more than 5 years ago | (#27679457)

I'd almost guarantee that the hospital involved new about this problem.

I've had apps with accidental\stupid reliances on external connetions. After having the external connection fail we usually took care of the issue.

I'm be shocked if the hospital hadn't lost internet connectivity for a least 10 minutes in the not to distanct past. So they would have known.
Some techy probably had warned about it to deaf ears.

Even something as simple as charging a credit card at a hospital should have some manual backup procedure. Given the hospital has the chance of loosing lifes why this basic DR scenario hadn't been more properly addressed
means some IT manager swept it under the rug...and chances are someone needs to get a stern talking to or canned.

911 is the scariest and hardest to defend. We need some sort of emergency tower to tower protocal for this sort of thing. Why couldn't
the phone companies hook their towers together to work around a fiber cut and then restrict phone calls to 911 traffic.

Re:The hospital (0)

Anonymous Coward | more than 5 years ago | (#27679709)

Any RF links they would have would be very susceptible to interference. If there was a concerted effort to black out communications infrastructure, those would be down as well.

Re:The hospital (2, Informative)

Bruce Perens (3872) | more than 5 years ago | (#27679889)

Be assured, air traffic controllers do have access to HF radio.

Thanks for bringing this to our attention but... (1)

An dochasac (591582) | more than 5 years ago | (#27679469)

If it is 'terrorists', who are they scaring besides a few computer geeks who understand the complexity and instability of our infrastructure? Yes, someone is inconveniencing and possibly slightly increasing the level of computational system errors in one community slightly above background noise. Yes malware attacks, cyber attacks and Y2k did actually cause some financial and personal damage, but this damage will always pale in comparison to the damage caused by the fact that significant investment in software and systems quality ended with the Apollo program in the 1970s.

Re:Thanks for bringing this to our attention but.. (1)

Bruce Perens (3872) | more than 5 years ago | (#27679827)

significant investment in software and systems quality ended with the Apollo program in the 1970s.

Do you travel on airplanes? Most of the newer ones are fly-by-wire now.

Surprisingly, there is a good deal of work on provable software systems. Everybody gets as much software and systems quality as they are willing to pay for. The hospital in question either wasn't getting what it was paying for, or wasn't paying enough. You can't afford consumer software with a life-or-property level of quality, that's why you don't get it. So instead we have things like Open Source that let us each invest as much as we want in making it better.

Not a cyber attack (3, Insightful)

sunderland56 (621843) | more than 5 years ago | (#27679539)

This sounds like a good old physical attack to me, not a cyber attack. Bashing in someone's computer with a hammer is not the same thing as a infiltrating it with a computer virus/worm/etc.

Re:Not a cyber attack (1)

PhxBlue (562201) | more than 5 years ago | (#27679647)

It's a cyber attack because of the overall effect it delivered ... which, from a certain perspective, makes sense. Consider: If someone infects your computer with a virus that wipes your hard drive, your computer becomes just as useless as if someone had gone Office Space on its ass. Likewise for cutting these cables -- it's not the same methodology as a DDNS, but the outcome is the same.

Morgan Hill (1, Informative)

ShakaUVM (157947) | more than 5 years ago | (#27679641)

I stayed in Morgan Hill last month.

It's not really a "city", more like a town south of the Bay Area.

How is this a "cyber" attack? (1)

PolyDwarf (156355) | more than 5 years ago | (#27679673)

This looks more like plain old (physical) sabotage, with the use of the word "cyber" to pander to the slashdot crowd.

If the definition of "cyber attacks" means "doing anything to hamper the internet", hurricanes and tornadoes have been committing cyber attacks against the mid-west for years now. Let's not even talk about typhoons, tsunamis, and other sorts of natural disasters.

I'm going to start the Outlaw Natural Disasters movement... Who's with me?

A Fearmongering-Attack On an American Website (1)

Hurricane78 (562437) | more than 5 years ago | (#27679703)

Truce's Parents write "Just before midnight on Thursday, April 22, unidentified attackers climbed up four firehoses on the geeky IT site of Slashdot and spread eight fearmongering exaggerations in what appears to have been an organized attack on the social infrastructure of an American community. Its implications, though startling, have gone almost un-reported. So I decided to change that."

Was actually reported in several places (0)

Anonymous Coward | more than 5 years ago | (#27679715)

This was actually reported - in several places including PCMag.com. Just search google news and you can find several mentions of this outage/attack.

What Bruce Left out (5, Informative)

Anonymous Coward | more than 5 years ago | (#27679797)

The entire Santa Cruz County area was cut off from all telecommunications outside of Point to Point wireless and Satellite. (Comcast customers aside.) Sprint, AT&T, Verizon, long distance for POTS was all down. TFN's were not able to be dialed by any customers. 911, 611, 411 were not functioning. 'Point-to-point' T1's that were aggregated over DS3's in Hayward, were not functioning for area users. Many of the "redundant" network connections for companies in the Monterey Bay area were completely down. Both legs of their "best practice" 2 provider networks were crippled.

Other than a couple islands of connectivity (namely the Shell Gas station at 41st and Capitola Rd in Capitola, my mother In Law's house, and my Uncle's business) who were lucky enough to only have Satellite service available to them, or were on Comcast, the packets stopped flowing.

Ironically Comcast services inside the Santa Cruz county were still working. Users of Comcast voice wouldn't have noticed (except for the fact that everyone they called went straight to voicemail.)

However, inter CO calling was working (you could
call anyone in the Watsonville-Santa Cruz area if they had a POTS line from a POTS line. Still, corporate communications for nearly everyone in the area (Ag. Brokers, Packers, Pickers, Shippers, Bottlers, etc.) Was down. Commerce came to a halt.

People couldn't get gas at gas stations around the area unless they had cash. Area banks wouldn't let people inside the bank unless you were making a deposit. People couldn't be players in the game of commerce without little pieces of paper. And so once again, cash was king.

More cars sat on the side of the road that day then normal between santa cruz and watsonville. Which begs the question how does the regular joe call for help if the call boxes can't talk to a phone switch?

silly terrorists (1)

Nyall (646782) | more than 5 years ago | (#27679835)

I've always wondered: why fly a plane into a building? Its nice and dramatic but it would seem much easier to chop down telephone poles.

cloud computing (5, Informative)

margaret (79092) | more than 5 years ago | (#27679871)

I guess this kinda puts a damper on all the cloud computing hype of late...

The UK centralised electronic medical records... (4, Informative)

malkavian (9512) | more than 5 years ago | (#27679879)

When I first saw the way that one worked, I shook my head, and said "You're joking, right?"..
Alas, the answer was no. And the reason that it had been designed as a centralised system (well, ok, there's a 'failover' data centre or two) is (according to the designers) that you'll never lose the main and the redundant connections at the same time.
I seriously hope that they're paying attention to this at the moment. The severing of very few, carefully chosen fibres could quite simply deny a lot of UK hospitals access to their medical records. And if all come on board, then you could deny nearly all hospitals access to the medical records.
This, as can be imagined, would be rather a bad thing...

Oh, Bruce (4, Insightful)

fm6 (162816) | more than 5 years ago | (#27679967)

Bruce makes some good points, but he consistently undercuts himself "information" that is poorly sourced, poorly explained, or just plain wrong.

The question I'm most interested in is why the "internal only" network at Dominican Hospital went down. Bruce doesn't explain this, and I can't find a reference to it elsewhere. I suspect that he just has his facts wrong — Dominican is part of Catholic Healthcare West, and I'd be very surprised if the computers at Dominican didn't rely on servers in a central CHW facility.

That's still a dangerous vulnerability, just like Bruce says it is. But he'd be more persuasive if he checked his facts.

And dude, everybody but you knows that that internet technology research was funded by DARPA. Some DARPA personnel are in the Army, but DARPA has never been part of the Army.

And can we please stop repeating that idiotic myth about the Internet being designed to survive a nuclear attack? It isn't and it wasn't designed to be. The basis of the myth is that early proposals harped on the superior survival characteristic of a decentralized network versus the star topology networks of the time. Not quite the same thing.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>