A simple snip of a few fiber-optic communications cables left thousands of people in Silicon Valley and throughout parts of the San Francisco Bay Area without phone, Internet, or wireless service for more than 12 hours on Thursday.
The San Jose Police Department is investigating the incidents, which took place in two different locations in San Jose and San Carlos and classified as acts of vandalism. Now that the network is up and running again, people are asking how difficult is it to take down the nation's communications network? And should we be more worried about the fiber optic cables that ring our communities and crisscross the country carrying all of our communications?
"A couple of well-placed attacks could do a lot of damage to the communications network," said Sam Greenholtz, co-founder and principal of Telecom Pragmatics, a consulting and research firm specializing in the telecommunications market. "And it's not really that hard to figure out where the fiber optic cables are laid and to get access to them."
That said, Sgt. Ronnie Lopez of the San Jose Police Department said there is no reason yet to suspect terrorism in this case. But the FBI has been briefed on the case.
AT&T is offering a $250,000 reward to anyone who can provide information that leads to the arrest and conviction of the vandals.
"We are aggressively working with law enforcement authorities to see that those responsible for this willful act are apprehended and prosecuted to the fullest extent of the law," the company said in a statement Friday.
AT&T also said in a press release that following the terrorist attacks of September 11, 2001, its networks were declared National Critical Infrastructures, which means that anyone who tampers with, destroys, or disrupts the company's network or its components is in violation of both federal and state laws.
Wondering about vulnerabilities
Still, with recent reports that our nation's electrical grid has gotten less secure due to technological advances, incidents such as this one leaves many wondering how vulnerable the communications network really is.
I talked to a few experts about how telecommunications networks are built and how they operate. And I've concluded that while it's somewhat easy to figure out where fiber is laid and to gain access to the fiber infrastructure in the ground, it's much harder to actually cause major damage unless you know what you're doing.
Let me explain. In the AT&T fiber cut case, it was fairly easy for the perpetrator to access the fiber-optic cables that were eventually cut. Sgt. Lopez said that it appeared that whoever cut the fibers simply lifted the manhole cover, went down the ladder, and cut two cables.
But knowing exactly which manhole cover to open and which cables to cut that would cause widespread damage to the network is another story.
Greenholtz, who was a former manager in the Planning and Engineering Group at Verizon where he worked for nearly 28 years, said that causing a network outage of this magnitude was likely orchestrated by someone who not only knew which manholes provided access to AT&T fibers, but also knew which places on the network were most vulnerable and could cause the most damage.
"The manhole covers are not locked," he said. "Anybody can open them and go down there. But most of these networks have redundancy and diversity built-in to the architecture, so if you cut a cable, it reroutes itself and recovers."
Greenholtz explained that someone with knowledge of the network would know the most vulnerable points in the network and could pinpoint those areas.
Built in rings
AT&T declined to discuss specifics of the company's network architecture, but experts say that the Baby Bell phone companies, such AT&T's predecessor SBC Communications, typically built their regional fiber networks in rings. The rings themselves would help provide protection against an outage, because if a line were cut, the traffic could just reverse itself in less than 50 milliseconds and go the other direction around the ring.
But the phone companies also typically ran redundant lines that are spaced some distance apart from each other, so that if one line is cut, there is also a separate fiber carrying the traffic. And to ensure that the redundant line can handle excess traffic in an emergency, most phone companies run these systems at 50 percent capacity.
(Credit:
Google Maps)
The fiber-optic cables that were cut in San Carlos, which were owned by Sprint Nextel, appear to have worked in this way. The traffic was quickly rerouted to another path, and service to Sprint's business customers was not interrupted.
Unlike regional networks, which have multiple fiber rings running through and between cities, undersea cables that connect continents do not have this type of redundant architecture because it's much too expensive to build it that way. This means that undersea cables are particularly vulnerable to fiber cuts. But because they are deployed beneath the ocean floor, they tend to be more difficult to tamper with. That said, cables are severed and massive outages do occur from time to time.
By contrast, some networks in highly trafficked regions or networks that service critical customers have even more redundancy built into them. Michael Howard, a principal analyst at telecommunications research firm Infonetics Research, said that carriers such as Deutsche Telekom have begun building meshed networks so that there is a third path for traffic if fibers are cut or there is some other disruption on the network.
"The more traffic there is on the route, the more redundancy the carrier provides," he said. "There are usually two aspects to a backup plan for networks. One is providing a diversity of virtual routes for the traffic, but the other is providing physically separate routes on separate fibers. I'd have to say the outage that occurred in Silicon Valley seems odd, given the traditional network architecture."
An inside job?
Indeed, AT&T's network failure seems to suggest that at least one other path that would have rerouted the traffic was also damaged or cut. Given that the police indicated that the incidents occurred in only two locations, San Jose and San Carlos, it seems likely that there was already some damage or issue happening on AT&T's network at the time the fiber was cut or the vandals managed to cut the ring in two places.
Of course, neither I nor any other expert could know this for sure. But the fact is that fibers are cut all the time in regional networks, and rarely do they cause massive outages that shut down entire regions for hours. Most of these incidents are accidents. Someone might be landscaping a yard and a back-hoe severs a cable. Or another utility worker accidentally damages a cable while working in the same manhole where communication cables are located.
"Fiber cuts happen more often than people realize," said Crystal Davis, a spokeswoman for Sprint Nextel. "It happens by accident all the time when someone is drilling or digging up a street. Or they're doing regular maintenance. We know this, and that's why traffic can be quickly rerouted."
This is also why Greenholtz believes that the AT&T fibers were likely cut by someone who knew the network and its potential weaknesses.
"If there was an ongoing maintenance issue on one side of the fiber ring that hadn't been addressed," he said. "And then the other side is cut, it would cause a major outage like the one AT&T experienced. But in order to cause that much damage, someone would have to know that. Otherwise, it was just a very lucky vandal."
More theories
This line of thinking has caused some bloggers to suspect that the vandal was a disgruntled former or current AT&T employee.
And some have even gone so far as to suggest that the perpetrator could be an unhappy union worker. AT&T is currently in contract negotiations with its largest union the Communications Workers of America, which represents some 80,000 workers at AT&T. Workers have already voted to strike if a new contract can't be agreed upon. So far, no date has been set for a strike, and Candice Johnson, a spokeswoman for the union said that the two sides are still negotiating.
But Johnson also said that the union was not involved in the vandalism and that claims that its members might be involved are unfounded.
"There is no basis for speculation that our members were involved in this act of vandalism," she said. "We are cooperating with authorities. We are currently at the bargaining table with AT&T management, and our workers are on the job. Our goal is to get a contract renewed."
Sgt. Lopez from the San Jose Police Department said that it's still too early in the investigation to talk about suspects or motives.
Regardless of whether the cables were cut by disgruntled employees or random vandals, the recent incident highlights the potential for such an attack to be undertaken on a broader scale by foreign terrorists, who may infiltrate our nation's telephone companies or gain access to information about the country's communications network. But Greenholtz and other experts say that because these networks have always been built with redundancy in mind, it would take a massive coordinated effort to target individual manholes and to cut fibers.
"If you really want to take down the communications network and cause damage, you'd probably target a central office," Greenholtz said.
A central office is the nerve center of a telecommunications network. It houses all the switching equipment and billing data for a particular region of the network. As an example, Greenholtz said that if a terrorist was able to damage Verizon's central office on 38th Street in Manhattan, communications services on Wall Street could be wiped out not just for a few hours, but likely for days, weeks, or even a month. Because these facilities are so critical, he said all the major phone companies have tight security.
"Those places have tons of security," he said. "You'd probably need Jack Bauer (of the TV show '24') to help you get in there."
AT&T has increased its reward to $250,000 for information that will help law enforcement arrest and convict vandals who cut the company's fiber-optic cables in San Jose, Calif., on Thursday, the company said in its Twitter feed.
On Thursday, AT&T said it would offer a $100,000 reward for anyone who has information that could lead to the arrest or conviction of anyone involved in cutting the fiber.
Thousands of wireless, Internet, and landline phone customers were without service beginning at about 1:30 a.m. PDT on Thursday after vandals had cut four fiber-optic cables owned by AT&T. A cable in San Carlos, Calif., owned by Sprint Nextel, had also been severed about two later. But Sprint spokeswoman Crystal Davis said the company was able to reroute most of that traffic onto another fiber link and for the most part, service was not disrupted.
Wireless customers from almost every carrier were also without service, because AT&T's network is used to connect cell towers back to these carriers' respective national networks. Officials also said that residents in the San Jose/Santa Clara region were without emergency 911 service for much of the day.
AT&T said early Friday morning that service had been restored to all of its customers.
San Jose Police Sgt. Ronnie Lopez said that the fiber cut appeared to be deliberate and the police department is treating it as a felony act of vandalism. The FBI has also been briefed on the case, although Lopez said that for now local officials are handling the investigation.
Anyone with information or tips is being asked to call 408-947-STOP.
Update 2:58 p.m. PDT: This story has been updated with information about what caused the massive phone and Internet outage in Silicon Valley on Thursday. Comments from Sprint Nextel have also been added.
Vandals are to blame for the massive phone and Internet outage in Silicon Valley on Thursday, an AT&T representative has confirmed.
A story published by the San Francisco Chronicle and carried on SFGate.com first reported that police confirmed the phone and Internet outage that has left thousands of customers in the San Jose, Calif., area without phone or broadband Internet service was caused by vandals who had cut fiber-optic cables.
Police told the newspaper that four AT&T fiber-optic cables were severed shortly before 1:30 a.m. PDT along Monterey Highway north of Blossom Hill Road in South San Jose. A cable in San Carlos, Calif., owned by Sprint Nextel was also cut about two hours later, Crystal Davis, a Sprint spokeswoman confirmed.
Davis said that a manhole cover had been lifted, and the fiber underground had been cut. She confirmed that the Sprint fiber that was cut also appeared to be the work of vandals. But she explained that fiber cuts happen all the time, typically due to an accident.
"Fiber cuts happen more often than people think," she said. "Usually it happens accidentally when someone is drilling in the ground, landscaping a lawn or repairing some other infrastructure in the ground. We know this happens all the time, so we're ready to reroute traffic whenever we have to."
Earlier AT&T confirmed the incident and said it's working to resolve the problem. The company added that in addition to repairing the cut cables, it's also looking for alternative options to reroute traffic and get customers back online. And the company expects service to be restored in the new few hours.
"We are aware of a cable cut situation impacting services in Santa Clara and San Jose areas," a company spokesman said an e-mail. "We have crews on the scene. More details and repair ETAs will be shared as soon as possible. We apologize for any inconvenience this morning's service outage has caused."
The company spokesman also said AT&T is working with law enforcement officials to find who vandalized the cables. The company declined to comment further on how vandals were able to gain access to its cable infrastructure.
The fiber outage is affecting service for customers of AT&T and Verizon Wireless and Verizon broadband customers. Verizon uses AT&T's fiber-optic lines to connect its wireless and DSL service to the phone company's own national network. So a disruption in AT&T's fiber link also affects Verizon's service.
A source close to Verizon said the phone company has its own technicians on site to help AT&T repair the cut fiber as quickly as possible.
Sprint's Davis said that the Sprint fiber that had been cut was used to carry traffic for Sprint's IP data customers, most of whom are business users. Sprint was able to reroute the traffic and have service restored to most of its customers before business hours this morning.
But like Verizon Wireless, Sprint also uses AT&T's network to carry its so-called "backhaul" wireless traffic from its cell towers to its own national network. As a result, the AT&T fiber cut has also interrupted service for thousands of Sprint wireless customers.
Davis said the company is working closely with AT&T to get service restored as soon as possible. But the company is also considering deploying mobile cell towers or cell-on-wheels units that will provide temporary service to Sprint's wireless customers.
"We have resources that can provide supplemental service staged around the area that has been affected by the outage," she said. "But we are waiting to hear from the local exchange carrier (AT&T) about when they think service will be restored."
Davis said Sprint will likely decide whether to use mobile cell stations in the next three to four hours.
AT&T hasn't provided any additional information about when it expects to get service working again. The last update the company provided over its Twitter feed, ATTNews was posted more than three hours ago and said: "Our priority is to restore service to all affected customers as soon as possible. We apologize for any inconvenience."
At least one company affected by the outage has said it's back in business. VerticalResponse, a San Francisco-based company that uses an ISP whose servers are collocated in Palo Alto, Calif., said its servers went back online around 12:30 p.m. PDT. The company, which works with about 56,000 small business customers to distribute direct e-mail marketing campaigns, has been keeping customers up-to-date using its Twitter feed VerticalResponse.
"Our systems have been restored and delayed campaigns are in the process of being sent. We sincerely apologize for this inconvenience," the company's latest update reads.
A report earlier Thursday from KTVU-TV in Northern California said the service outage is affecting customers in southern Santa Clara, Santa Cruz, and San Benito counties. A dispatcher in Santa Clara County told the TV station that the line was knocked out at 2 a.m. PDT.
- prev
- 1
- next
