Wires and cables are essential components of nearly all modern computer and communications systems. Because they are often poorly protected, unintentional or malicious damage to these cables can readily occur, potentially causing significant network disruption. This paper profiles cable cut attacks by examining their frequency, common locations, causes, and impacts.
Cables are ubiquitous and vital aspects of our modern information infrastructure. A quick glance at a typical PC can verify this fact. One computer can have individual cables for the monitor, keyboard, mouse, printer, power supply, and communications device (network card or modem, if so equipped). On a larger scale, cables are an essential part of any local or wide area network. Large corporate networks may contain thousands of cables for the sole purpose of linking computers together. KMI Corporation, a fiber-optics consulting group, estimates that over 283 million miles of fiber optic cable has been installed below ground since the 1980s, and an additional 335,000 miles are projected to be added by 2006. [1] The United States alone contains over 200,000 miles of above- and below-ground high voltage transmission lines [2] and over 3.6 million miles of metallic (generally copper) phone lines. [3]
The sheer number of these cables and our dependence on their integrity make cables a prime target for attacks on our information infrastructure. As an attack method, cable cuts are defined as incidents where a communication cable is damaged, effectively disrupting normal operations and typically requiring an emergency repair response. [4] A single cable cut can disrupt network, phone, or electricity service to thousands of end users in a short period of time. Since no technical skill is required to physically cut a cable, it is difficult to determine who might be responsible for this type of attack. Furthermore, most cable cuts occur accidentally as a result of construction and utility crew activity [5, 6], making it nearly impossible to predict when and where cable cuts might occur. In order for us to better understand the dynamics of cable cut attacks, this paper will explore the frequency, location, causes, and impact of cable cuts on information systems. Since damaged power lines constitute another form of attack (power failures), this paper will focus solely on cuts to communication and computer-related cables.
Cable cuts are the single largest root cause of network outages in the United States. Between the years 1993 and 2001, fiber optic cable cuts were responsible for 386 (or 25%) of all network outages reported to the FCC. [7] This alone is a significant figure, but it is important to note that in order to be reported to the FCC, a network outage has to affect over 30,000 customers for a period of 30 minutes or more. [8] While there is no hard data on the number of smaller outages that occur nationwide, searching for the phrase "cable cut" with any Internet search engine will return hundreds of cable cut related network outage notifications from Internet service providers (ISPs), academic institutions, phone companies, and government institutions. In general, the annual number of fiber optic cable cuts has risen with the increased growth of the Internet. [9]
The locations of reported cable cuts form a clear picture of which cables are most likely to be damaged. In the United States, approximately 67% of communications cables are buried underground while the remaining 33% are suspended in the air. [10] Because buried cables are hidden from plain view, they are involved in almost 80% of fiber optic cable cuts. [11] Furthermore, one study showed that communication cables were more likely to be cut in rural areas than in urban areas, even though urban areas have a higher number of cables for a given area. This discrepancy appears to be due to shallower cable burying depths in rural areas. [12]
Cable damage is also common at the PC and local area network levels. Although statistics implicating cable damage in computer and network malfunctions are not available, it is common for hardware manuals to recommend checking all cable connections early in the troubleshooting process. Many computer cables are constantly exposed, making them more vulnerable to damage. In areas with large numbers of computers and high foot traffic, such as offices, libraries, and university computer labs, exposed cables can easily be damaged through accidental contact. In fact, some network managers consider disconnected or damaged cables to be the most persistent problems with their networks [13] Wire closets, rooms that house many of a local area network's connections to servers or the wide area network, are also especially vulnerable to accidental or intentional cable damage.
There are a number of different ways cables can be cut, so it can be convenient to classify the causes of cable damage as human error, accidental, or malicious. According to data on FCC-reportable network outages, human error is by far the most common cause of cable damage and failure, accounting for over 40% of all cable malfunctions. [14] Of the human error events, construction accidents are the single most common cause of cable cuts. In fact, cable damage caused by construction crews represented 50-70% of yearly cable cuts from 1992 to 2001. [6, 14, 15] The seasonal distribution of cable cuts reflects the impact of construction crews on communications cables; the number of cable cuts that occur in the first quarter of the year (the coldest months when many construction crews aren't active) is approximately 1/3 less than every other time of the year. [16] The vast majority of construction crew cuts are due to digging errors or inadequate notification to cable location authorities prior to digging. [17]
While construction crews are to blame for cable cuts, accidents and acts of nature account for nearly all of the remaining causes of cable cuts. Cable cuts have been reported that have been caused by vehicles running into aerial poles, fires, stray bullets, floods, and fallen trees. [6] Animals have also been implicated in cable cuts. For example, a rat in Ontario, Canada is believed to have chewed through a fiber optic cable, an act which cut over 300,000 customers off of their internet service. Deer, gophers, squirrels, and even sharks are thought to be responsible for a number of cable outages. [18] Hard data on cable cuts caused by animals is difficult to find, indicating either that animals are mistakenly blamed or that outages caused by the animal cable cuts are too small to be reported to the FCC.
While relatively rare compared to the other causes of cable cuts [6,15], vandalism and sabotage are two sources of cable cuts that greatly concern the information security community. Since it is not feasible to devote economic or human resources to protect every length of communication cable worldwide, a vital part of our information infrastructure is essentially left undefended. Groups that target communication cables have the potential of causing widespread network disruption with nothing more than a shovel. Although our information infrastructure has some security through its redundancy, groups that know which cables to cut can eliminate redundant cables in order to disrupt service. [19] At least one communications industry group offers maps of the world's major fiber optic lines, which, while expensive, are readily available to anyone who can afford to buy them. [20] Several cases of cable vandalism have been reported [21,22,23,24], but none of these acts were considered to have very widespread effects. It remains to be seen if cable vandalism and sabotage will become more predominant attack forms in the future.
Cable cuts can impact our information infrastructure in a variety of ways. First, cable cuts can cause a widespread denial of service to communications customers. On average, each FCC-reported cable cut affected over 105,000 customers for over 4 hours. [25] Depending on which services are affected, cable cuts can have disastrous consequences. In 1998, a 8-month-old baby died when a cable cut disabled 911 and phone service, preventing his parents from calling for help when he stopped breathing. [26] Although statistics on smaller outages are not tracked, it is likely that many Americans are impacted by outages caused by cable cuts every year. In addition, it is difficult to accurately and impartially assess the financial impact that cable cuts have on businesses that depend on the communication network. The city of Portland, OR, estimated the cost of each fiber optic cable cut at approximately $2,500 [27], but that number did not take into account the cost of network disruption. In 1986, AT&T estimated that cable cuts cost about $4000 to physically repair and about $3,600 per minute in lost revenues [28], but this estimate, like others published by hardware vendors with a vested interest in network failure, have questionable reliability. Needless to say, the AT&T figures, if accurate, are probably significantly higher today than they were 16 years ago.
In short, cables are essential components of our information infrastructure that are inherently vulnerable to accidental, natural, or intentional damage. Damage to communication cables can cause immediate and long-lasting disruptions to communications networks and the industries that depend on them. The problem of cable cut attacks can potentially be addressed by further research into the effectiveness of different notification procedures for construction crews working near communications cables. Enabling construction crews to locate existing cables more accurately may reduce the number of cable cuts due to digging errors. In addition, further research is needed in the design of redundant fiber optic networks. Networks that can efficiently re-route data to several other undamaged cables are more likely to survive a cable cut attack. Addressing these issues may help make cable cuts a less common and less disruptive attack method.