The Vulnerability of Fiber Optic Networks
Contents:
Fiber optic communication systems have been increasingly deployed in telecommunications systems, as their high bandwidth has allowed them to replace copper at an initial rate, for example, of approximately one fiber cable for each one thousand copper wires. Advances in DWDM have continued to push such ratios even further through additional wavelengths and channels.
This background paper serves to provide an overview of the vulnerabilities of today's modern optical networks; describe methods of addressing. This book reveals much about vulnerabilities of fiber lines as a key national communication infrastructure. Although the research focuses on San Diego.
With such popular properties, it should come as no surprise that optical fibers have become the most affordable and efficient means of transmitting information over communications systems. The increased capacity and growth of overall bandwidth has allowed for the tremendous grow of other communications media, such as wireless networks, the internet, corporate Wide Area Networks, Storage Area Networks, and the like, which all utilize fiber optic cores. Fiber-based communications systems have thus replaced virtually every prior type of communications system at the core and as they continue expanding to the edge of the network, it is indeed only a matter of time before optical fibers reach nearly every desktop and most homes.
Further advances in all-optical switching and even early developments in optical processors and busses promise a future teeming with all-optical, land-based network infrastructures. These networks allow for the transmission of large amounts of data and information from point-to-point cheaply and easily, and carry extremely important and confidential information.
Although it was initially though that these fiber optic systems would be inherently secure, it has been discovered that the extraction of information from optical fibers is relatively simple and is aided by the increasing sophistication and availability of standard test and maintenance equipment. There are various fiber optic tapping methods, but most fall into the following main categories: The simplest method of tapping is by splicing the optical fiber briefly and inserting equipment to allow for the signal to transit to the end party while also being intercepted by the intruder.
Optical splices do provide a momentary lapse of data while the fiber is no operational. Carriers do not, however, have the real-time ability to locate fiber breaks and must then usually roll-out trucks, technicians and insert additional external equipment. Thus, if downtime is short, many operators will attribute the disturbance to a network glitch and allow data transit to continue, unaware that a tap has been placed. Most off-the-shelf tapping equipment today, however, does not interrupt the signal and thus the splicing method is not preferred.
Such methods allow the tapping of an optical fiber without actually breaking the fiber or disrupting the data flow. One of the lesser-known properties of optical fibers is that light is easily lost from both the jacket and the cladding of the fiber, particularly if the fiber is bent, or clamped, in such a way that micro-bends or ripples are formed in its surface. In reality, all that is required to extract all of the information traveling through an optical fiber is to introduce a slight bend into the fiber, or clamp onto it at any point along its length, and photons of light will leak into the receiver of the intruder.
Illustrated below are two simple taps that allow for the bleeding of light from the optical fiber.
Product details
In fact, many optical fiber test instruments are designed specifically to take advantage of this fact. For example, below is a commonly available optical Fiber Identifier that is used to determine the direction of an optical signal, without the need to remove the jacket. Other passive, non-intrusive tapping devices are also shown. Commercially available optical signal tapping advice for determining signal direction 3 a , polarization maintaining variable ratio evanescent wave coupler 3 b , micro-bend clamping tapping device 3 c , and macro-bend tapping device 3 d.
For a basic tap, only 0. Thus it is quite simple to utilize more sensitive optical detectors and additional electronics to collect the entire optical signals. Once this is accomplished, an optical fiber network analyzer, which is a commonly available test instrument manufactured by a number of companies, may be used to determine the communication protocol and to decipher the information. Even when only less than 0. The user at the other end will never know that their information has been compromised since they will experience no apparent interference with their communication.
In fact, some tapping device may be utilized not just for passive tapping, but for active tapping, in which there occurs an injection of signals into the fiber plant for various uses, such as legitimate maintenance or even dangerous network disruptions and attacks. Such techniques could be used in order to introduce false information or to corrupt existing information flows.
Such capabilities allow a wide range of misuse, ranging from corporate espionage disinformation to terrorist disruptions of the critical communications infrastructure. Some methods, while having been around for over a decade, have recently been published in the public domain and are now accessible worldwide by anyone who has access to an Internet connection. More notable is that although off-the-shelf equipment for such undetectable optical taps are not currently available for purchase, the patent documents describe clearly the preferred method and how such a device is constructed and operates.
More advanced non-touching active taps in contrast inject additional light into the fiber plan and are able to deduce the underlying optical signal by gauging certain interactions between the two. Such non-touching taps are primarily undetectable and thus, without the proper physical-layer optical signal protection in place, data may be intercepted indefinitely without notice by the network operator or end-user.
Figure 3 e An example of the tapping of a live video conference over a 10 kilometer span without network disruption or visible signal degradation in a laboratory setting. Intercepted video conference between two laptops replayed on third laptop in real-time 5. Government networks, however, do incorporate more robust protections against tapping methods in general. Such efforts depend on the type of network, the importance of data being transmitted, and importance of data being transmitted, and the nature of application.
For instance, many government networks prudently encrypt much or all data for transmission. In such cases non-touching passive and active tapping methods still leave government networks susceptible to eavesdropping, espionage and disruption. More drastic measures such as reinforced concrete conduits or gas-filled packaging may also be used in extreme situations where cost is not a discernable issue.
It should be noted that in all cases government networks are trying to protect against optical tapping methods. Otherwise there would be no reason to undertake such protective measures in the first place. Typically sensitive information is believed to be the domain of high security organizations such as the military or foreign affairs departments. In the competitive global marketplace, however, commercial organizations possess and exchange communications and information that is critical to their survival. Much of this data is exchanged or supplied in strict confidence with their clients, partners or global subsidiaries.
All public and private network operators and their respective clients are completely vulnerable to the tapping and stealing of their mission critical communications and information. The underlying vulnerability of the global optical communications infrastructure has not been publicly raised to-date mainly because suppliers, operators and users have failed to understand the severe threat and because there have been no effective solutions available until recently to counteract such occurrences. Furthermore, suppliers and operators have not yet integrated optical security technologies and thus tapping incidents are rarely detected and never publicized for obvious reasons of brand protection and risk mitigation.
The public today is under the false impression that topical fibers are a secure means of communications.
11 Incidents Of Fiber Optic Cable Cutting Reveals Security Issues On Infrastructure | Tech Times
This is simply not the case. Optical networks are particularly vulnerable in the local and access loops and wherever intruders have ample opportunity to access fiber in the public domain or choice spots of weakness. For example, access to fiber cables is plentiful in and around a customer premise, as well as between the customer premise and the first switching centre, typically in the local fiber loop. If accessed before the first switching center, typically in the local fiber loop.
11 Incidents Of Fiber Optic Cable Cutting Reveals Security Issues On Infrastructure
The required equipment for optical taping is also less expensive and complex in the local and access loops, where speeds and network topology are simpler to manage. In larger cities and financial centers, optical network vulnerabilities are particularly magnified for systems in multi-story, multitenant buildings, such as high-rises, where users often occupy a number of non- adjacent floors.
Optical cables linking the telecommunication facilities typically travel in risers or elevator shafts where there is no existing monitoring or security capabilities. Organization simply do not realize that their information and communications are simple to extract via an easily placed tap in such easily accessible common areas. Telephone closets, cages, conduits, risers, shafts, parking garages, manholes, subways, telephone poles and many other areas are all accessible to place fiber taps.
The further trend towards greater globalization only adds to the problem as companies become more competitive and find themselves located on less than familiar foreign soil.
Most security measures today are reactive in nature. That is, they are meant to slow down or hinder an intruder that is trying to penetrate a network through means such as encryption.
Used illicitly, however, such devices allow the extraction of all voice and data communication in the fiber plant with little or no chance of detection. The Role of Optical Tapping. Acceptable signal-to-noise-ratios and bit-error rates are software programmable, allowing for robust optical links while limiting, however, the superfluous light typically found in fiber plants, which would otherwise provided further means of exploit through optical taps. Let's Keep in Touch! Corporate espionage has surpassed government espionage as the primary motivation behind such actions. I'd like to read this book on Kindle Don't have a Kindle?
While such reactive techniques may be successful in deterring many intruders, they do not stop all intruders nor do they allow for the actual interception of the intruder. Thus intruders are not caught and cannot be stopped from pursuing such efforts again in the future Proactive security measures, however, enable the immediate determination of an intrusion event and can identify the extract location in the fiber plant of the intruder in real-time.
Law enforcement and Homeland Security Forces thus have an effective tool to detect and locate intruders during an intrusion attempt while also stopping the perpetrators from future network attacks. Therefore a comprehensive combination of proactive and reactive security methods that not only protect the entire fiber optic carrier signal from eavesdropping, but also allow the interception of intruders, is highly desirable.
Because the physical transport layer is completely secured, all higher networking layers and data types are subsequently protected as well. Top Reviews Most recent Top Reviews.
- .
- .
- .
There was a problem filtering reviews right now. Please try again later. This book reveals much about vulnerabilities of fiber lines as a key national communication infrastructure. Although the research focuses on San Diego downtown, the facts uncovered by the author should be true in other metropolitan areas as well. Thus, its findings regarding the layout of fiber lines and suggestions to improve their protection especially policy recommendations are highly generalizable.
Unfortunately, I was not able to read some figures suppressed due to their sensitive nature. I bought this book initially thinking it would roughly scratch the surface of my knowledge base regarding the computer-infrastructure network and its vulnerability to CT, but surprisingly - it went beyond the normal constraints of technology. This book is a must-have for those interested in the field of infrastructure technology and for those interested in mind-boggling truths about the fragility of our technology.
Overall, I enjoyed reading this book to its entirety and would recommend it to anyone. I believe that this author, Lance Larson, is an upcoming figure, and soon to become expert, in the field of networking security. One person found this helpful. Amazon Giveaway allows you to run promotional giveaways in order to create buzz, reward your audience, and attract new followers and customers.
Learn more about Amazon Giveaway. The Vulnerability of Fiber Optic Networks: Set up a giveaway. There's a problem loading this menu right now. Learn more about Amazon Prime.
Get fast, free shipping with Amazon Prime. Get to Know Us. English Choose a language for shopping. Explore the Home Gift Guide. Amazon Music Stream millions of songs.