Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
The Internet Technology

The Unsolved Mystery Attack on Internet Cables in Paris (wired.com) 47

As new details about the scope of the sabotage emerge, the perpetrators -- and the reason for their vandalism -- remain unknown. From a report: Buried deep beneath your feet lie the cables that keep the internet online. Crossing cities, countrysides, and seas, the internet backbone carries all the data needed to keep economies running and your Instagram feed scrolling. Unless, of course, someone chops the wires in half. On April 27, an unknown individual or group deliberately cut crucial long-distance internet cables across multiple sites near Paris, plunging thousands of people into a connectivity blackout. The vandalism was one of the most significant internet infrastructure attacks in France's history and highlights the vulnerability of key communications technologies. Now, months after the attacks took place, French internet companies and telecom experts familiar with the incidents say the damage was more wide-ranging than initially reported and extra security measures are needed to prevent future attacks. In total, around 10 internet and infrastructure companies -- from ISPs to cable owners -- were impacted by the attacks, telecom insiders say. The assault against the internet started during the early hours of April 27. "The people knew what they were doing," says Michel Combot, the managing director of the French Telecoms Federation, which is made up of more than a dozen internet companies. In the space of around two hours, cables were surgically cut and damaged in three locations around the French capital city -- to the north, south, and east -- including near Disneyland Paris.

"Those were what we call backbone cables that were mostly connecting network service from Paris to other locations in France, in three directions," Combot says. "That impacted the connectivity in several parts of France." As a result, internet connections dropped out for some people. Others experienced slower connections, including on mobile networks, as internet traffic was rerouted around the severed cables. All three incidents are believed to have happened at roughly the same time and were conducted in similar ways -- distinguishing them from other attacks against telecom towers and internet infrastructure. "The cables are cut in such a way as to cause a lot of damage and therefore take a huge time to repair, also generating a significant media impact," says Nicolas Guillaume, the CEO of telecom firm Nasca Group, which owns business ISP Netalis, one of the providers directly impacted by the attacks. "It is the work of professionals," Guillaume says, adding that his company launched a criminal complaint with Paris law enforcement officials following the incident. Two things stand out: how the cables were severed and how the attacks happened in parallel. Photos posted online by French internet company Free 1337 immediately after the attacks show that a ground-level duct, which houses cables under the surface, was opened and the cables cut. Each cable, which can be around an inch in diameter, appears to have straight cuts across it, suggesting the attackers used a circular saw or other type of power tool. Many of the cables have been cut in two places and appear to have a section missing. If they had been cut in one place they could potentially have been reconnected, but the multiple cuts made them harder to repair.

This discussion has been archived. No new comments can be posted.

The Unsolved Mystery Attack on Internet Cables in Paris

Comments Filter:
  • Not really a mystery. Putin said it was coming and all Western nations next.
    • Re:Putin (Score:5, Insightful)

      by r2kordmaa ( 1163933 ) on Monday July 25, 2022 @04:44PM (#62733090)
      Seems like a stretch based on no evidence whatsoever, but.... This is done too competently for loonies but clearly involving too many people for it to be a job of a disgruntled employee, also targeting Paris as a whole, not any single company or organization. Also nobody claiming credit, bragging, etc. This doesn't leave much on the table so it's no wonder people think of state actors next.
      • Follow the money: What would a state actor, or any large-scale actor for that matter, gain by doing this? And I don't mean a generic "well they could do X when Y is happening", I mean this specific attack at this time?

        Pulling the top plate off a cable duct and cutting the cables with a cordless cutter of some kind isn't Mission Impossible, I could organise that with a few friends in about an hour, most of which would be spent googling where the cables ran and driving there. So if the overall impact was ab

    • Russan attack or CIA operation?

      Both are totally possible and you guys know it

  • Sounds like a test (Score:5, Insightful)

    by SuperKendall ( 25149 ) on Monday July 25, 2022 @03:28PM (#62732852)

    This sounds like a test to be to judge if simultaneous attacks were possible, how well they would work, and probably response/repair time.

    Now that data has been gathered, the next one will be the real deal.

    Would be interesting to see how they act to try and prevent this. Increased security around the entrance for these maintenance points? Seems like you couldn't really guard all of them very well.

    • by njvack ( 646524 )

      Would be interesting to see how they act to try and prevent this. Increased security around the entrance for these maintenance points? Seems like you couldn't really guard all of them very well.

      I would guess something like better armor on the ducts, maybe fencing, maybe cameras and alarms? It should be possible (if annoying, ugly, and expensive) to change the physical design from a "resist accidental damage and protect the uninvolved public" model to "delay and respond to intentional attack" one.

      You can't make these kinds of attack totally impossible, but if you can make them take more time, require heavier equipment, or reduce response time it can be a lot harder to do an attack and get out witho

      • This not work of random vandalism, this is quite carefully planned sabotage. Protecting such a large and easy to attack infrastructure from planned attacks like these is somewhere between hard and impossible. You can work on redundancies and repair times though.
    • by gweihir ( 88907 )

      Maybe. It could be French intelligence playing games again. They have a history of being loose cannons.

    • Could also be a distraction while a fourth cut was made on a more interesting junction to install tapping equipment. Remember the âoeJimmy Carter?â

  • Time to round up Silhouette.

  • We like to think of the internet as decentralized. Separate networks have to connect somewhere to make an internet. These inter-connection points create centralized places to do a lot of damage.

  • by b0s0z0ku ( 752509 ) on Monday July 25, 2022 @03:47PM (#62732892)
    ... for their "active protest measures." This was probably a job action by some workers whose jobs are being destroyed by "tech"/"gig economy" companies and designed to send a message. Could be taxi drivers, could be public transit workers ... in any case, playing a small fiddle.
  • by Anonymous Coward

    Back in the early 90s I used to work in a hospital. Over the preceding 2 decades, cables were ran in the ceilings. We're talking an RS-232 cable for each terminal connecting to mainframes and DEC minis. It was to the point that the drop-ceiling in the basement had quite a bow in parts due to the weight of the cables. They called this one guy named Hank from telecom and told him to reduce the weight on the ceiling on the parts that were bowing by removing unneeded cables.

    So what did Hank do? He goes to

  • by Opportunist ( 166417 ) on Monday July 25, 2022 @03:59PM (#62732934)

    That's what I would do when I would prepare for an assault on a company that relies heavily on internet connectivity. How long does it take for the connection to be reestablished? What services are actually down? What processes are in place to remedy the situation? What backup services are in place?

    Backup services are notoriously badly secured. Because they exist as an emergency tool that doesn't receive the same scrutiny as the primary connections when it comes to security and safety, because they should never really be used, so why waste resources on securing it?

    • You wouldn't cut the cable to prepare. You'd access the cable and identify it and do everything but cut it, if you could be reasonably sure that you could avoid detection in the process. You don't cut the cable until you're actually ready to perform the attack, so presumably whatever was going to happen has already happened.

      • Depends on the attack. If the attack includes the line "Hi, I'm here from your provider to fix your problem"...

  • i know it's fashionable to always blame Russia, but it may be warranted in this case.

    This is a "cheap" operation which is capable of causing a great deal of trouble.

    if you are trying to destabilize european democracies, these sort of attacks can cause a great deal of chaos with very little investment.

    also too, is it possible that this was done as misdirection, i.e. to cover up some other attack ?

    • Maybe not... (Score:1, Interesting)

      by SuperKendall ( 25149 )

      i know it's fashionable to always blame Russia, but it may be warranted in this case.M

      If it was Russia it would have been 100 cuts, not 3, and many of the junctures would have had explosives to take out repair crews.

      Though it could still be Russia and that's the eventual plan.

  • I'm disappointed the DGSI doesn't clamp down hard on these rascals. Too much of this in France because the authority is too soft.
  • Over 50 years ago, I was living in Wilmington, Del. They were doing highway construction on a local road. It leaked out that the contract had a penalty clause. Apparently, the communication lines from the White House to the SAC bases in upstate New York ran under the area being worked on. I do not remember the details, bu the penalty was some ridiculous amount like a $100k a minute. Basically, do not break those cables for any reason. It is impossible to protect the backbone cables from attack, so the
  • This is the most optimistic interpretation; 'white' attackers have proved to a lot of companies that they need to get their level of redundancy in their networks WAY up.

    Let's hope this wake up call gets the attention it deserves. As evidence it was the government, I find the fact that no videos of the attackers were referred to; if this had happened in London, such images would have been released. Note also that it's just after the Presidential election, so not designed to affect that.

  • - This wasn't a test. Drawing this kind of attention to a test would be dumb, this doesn't look dumb. - This was probably the "main event". Considering I'm yet to see reports of anything stolen, it would be either hard to detect/miss _or_ cannot be reported as such. - My guess is that they cut connectivity to the target, *or* forced it to be routed through something compromised. If you have 4 connections, you only need to sniff one if you take the other 3 offline. - Alternatively, what kind of service gets
  • What an unusual choice for a company name! I'm no detective but if they were the first to "immediately" post images of the cut lines, that seems awfully sus to me.

    • Yes indeed, actually "Free 1337" is not the company name, it's just one of the twitter accounts of the Free ISP.
  • I'd take a hard look at any connections that were up and running during this time. Just a theory, but this would be a really handy way to force traffic onto a connection that you had compromised or were monitoring. No idea how or why, but this is a lot of work and coordination for a temporary downtime. To coordinate this sort of thing you'd have to know cable routes different companies use, is that available to the public at a planning office, or is this something only these companies would know? In the U
  • That name sounds a bit fishy. Is that really just a communications bot?

Don't tell me how hard you work. Tell me how much you get done. -- James J. Ling

Working...