Posted on 04/26/2009 8:35:06 AM PDT by 2banana
A Cyber-Attack on an American City
Bruce Perens
Just after midnight on Thursday, April 9, unidentified attackers climbed down four manholes serving the Northern California city of Morgan Hill and cut eight fiber cables in what appears to have been an organized attack on the electronic infrastructure of an American city. Its implications, though startling, have gone almost un-reported.
That attack demonstrated a severe fault in American infrastructure: its centralization. The city of Morgan Hill and parts of three counties lost 911 service, cellular mobile telephone communications, land-line telephone, DSL internet and private networks, central station fire and burglar alarms, ATMs, credit card terminals, and monitoring of critical utilities. In addition, resources that should not have failed, like the local hospital's internal computer network, proved to be dependent on external resources, leaving the hospital with a "paper system" for the day.
Commerce was disrupted in a 100-mile swath around the community, from San Jose to Gilroy and Monterey. Cash was king for the day as ATMs and credit card systems were down, and many found they didn't have sufficient cash on hand. Services employees dependent on communication were sent home. The many businesses providing just-in-time operations to agriculture could not communicate.
In technical terms, the area was partitioned from the surrounding internet. What was the attackers goal? Nothing has been revealed. Robbery? With wires cut, silent alarms were useless. Manipulation of the stock market? Companies, brokerages, and investors in the very wealthy community were cut off. Mayhem, murder, terrorism? But nothing like that seems to have happened. Some theorize unhappy communications workers, given the apparent knowledge of the community's infrastructure necessary for this attack. Or did the attackers simply want to teach us a lesson?
Although they are silent on the topic, I hope those responsible for emergency services, be they in business or government, are learning the lessons of Morgan Hill. The first lesson is what stayed up: stand-alone radio systems and not much else. Cell phones failed. Cellular towers can not, in general, connect phone calls on their own, even if both phones are near the same tower. They communicate with a central switching computer to operate, and when that system doesn't respond, they're useless. But police and fire authorities still had internal communications via two-way radio.
Realizing that they'd need more two-way radio, authorities dispatched police to wake up the emergency coordinator of the regional ham radio club, and escort him to the community hospital with his equipment. Area hams dispatched ambulances and doctors, arranged for essential supplies, and relayed emergency communications out of the area to those with working telephones.
That the hospital's local network failed is evidence of over-dependence on centralized services. The development of the internet's communications protocols was sponsored by the U.S. Department of Defense, and they were designed to survive large failures. But it still takes local engineering skill to implement robust networking services. Most companies stop when something works, not considering whether or how it will work in an emergency.
Institutional networks, even those of emergency services providers, are rarely tested for operation while disconnected from the outside world. Many such networks depend on outside services to match host names to network addresses, and thus stop operating the moment they are disconnected from the internet. Even when the internal network stays up, email is often hosted on some outside service, and thus becomes unavailable. Programs that depend on an internet connection for license verification will fail, and this feature is often found in server software. Commercial VoIP telephone systems will stay up for internal use if properly engineered to be independent of outside resources, but consumer VoIP equipment will fail.
This should lead managers of critical services to reconsider their dependence on software-as-a-service rather than local servers. Having your email live at Google means you don't have to manage it, but you can count on it being unavailable if your facility loses its internet connection. The same is true for any web service. And that's not acceptable if you work at a hospital or other emergency services provider, and really shouldn't be accepted at any company that expects to provide services during an infrastructure failure. Email from others in your office should continue to operate.
What to do? Local infrastructure is the key. The services that you depend on, all critical web applications and email, should be based at your site. They need to be able to operate without access to databases elsewhere, and to resynchronize with the rest of your operation when the network comes back up. This takes professional IT engineering to implement, and will cost more to manage, but won't leave you sitting on your hands in an emergency.
Communications will be a problem during any emergency. Two-way radios have, to a great extent, been replaced by cellular "walkie-talkie" services that can not be relied upon to work during an infrastructure failure. Real two-way radios, stand-alone pager systems, and radio repeaters that enable regional communications are still available to the governments and businesses that endure the expense of planning, acquiring, maintaining, and testing them. Corporate disaster planners should look into such facilities. Municipalities, regardless of their size, should not consider abandoning such resources in favor of the less-robust cellular services.
Satellite telephones can be expected to keep operating, although they too depend on a land infrastructure. They are expensive, and they frequently fail in emergency situations simply because their users, administrative officials rather than technical staff, fail to keep them charged and have no back-up power resource once they are discharged.
A big plus for Morgan Hill was that emergency services had an well-practiced partnership with the local hams. Since you can never budget for all of the communications technicians you'll need in an emergency, using these volunteers is a must for any civil authority. They come with their own equipment, they run their own emergency drills and thus are ready to serve, and they are tinkerers able to improvise the communications system needed to meet a particular emergency.
Which brings us to the issue of testing. No disaster system can be expected to work without regular testing, not only of the physical infrastructure provided for an emergency but of the people who are expected to use it, in its disaster mode. But such testing takes much time and work, and tends to trigger any lurking infrastructure problems, creating outages of its own. It's much better to work such things out as a result of testing than to meet them during a real disaster.
We should also consider whether it might be necessary to harden some of the local infrastructure of our communities. The old Bell System used to arrange cables in a ring around a city, so that a cut in any one location could be routed around. It's not clear how much modern telephone companies have continued that practice. It might not have helped in Morgan Hill, as the attackers apparently even disabled an unused cable that could have been used to recover from the broken connections.
Surprisingly, manholes don't usually have locks. They rely on the weight of the cover and general revulsion to keep people out. They are more likely to provide alarms for flooding than intrusion. Utility poles are similarly accessible. Much of our infrastructure isn't protected by anything so tough as a manhole cover. Underground cables are easily accessible in surface posts and "tombstones", boxes often located in residential neighborhoods. These can be wrecked with a screwdriver.
Most buried cable cuts are caused by operating a back-hoe without first using one of the "call before digging" services to mark out the location of all of the buried utilities. What's done accidentally can also be done deliberately, and the same services that help diggers avoid utilities might point them out to an attacker.
The most surprising news from Morgan Hill is that they survived reasonably unscathed. That they did so is a result of emergency planning in place for California's four seasons: fire, floods, earthquakes, and riots. Most communities don't practice disaster plans as intensively.
Will there be another Morgan Hill? Definitely. And the next time it might happen to a denser community that won't be so astonishingly able to sustain the trouble using its two-way radios and hams. The next time, it might be connected with some other event, be it crime or terrorism. Company and government officers take notice: the only way you'll fare well is if you start planning now.
Also I you don’t need a license for CB radio so is available to more people.
In the entire 200-plus page book on emergencies put out by FEMA (Are you ready? http://www.fema.gov/pdf/areyouready/areyouready_full.pdf ) there are two astonishing weaknesses:
It never so much as mentions ham radio,
and it never so much as mentions gun ownership.
ping
everybody should at get at lest a general class licence( covers most ham freq),you no longer need to know morse code and two meter nets can be found in most states
http://www.gordonwestradioschool.com/
I am a ham. Ask away.
The conspiracist in me advocated keeping several CBs both base and mobile for just this type of situation.
And I am investigating a ham license and radio.
You’re a ham huh. (LOL)
Ok, how do i choose one and when i get one, how do I use it?
And do i need a license to just buy one and listen to it? or should i start studying (like i don’t have to study enough already...i’m taking a course in something else already) and get a license.
I’m happy with getting a Yaesu that was recommended, but which one? I’m looking at the V3X so far.
hmm. that’s all for now.
In theory you could buy a scanner (a receiver) and only listen, that requires no license. However it is far better to get a Technician class ham license, the test is $5 and 50 questions that you can study ahead of time. Many kids easily get those. Technician class focuses on how to properly operate a radio, and that is something you need to know anyway. Once you get a license you can buy radios that can transmit, and then you can use them wherever you are. We have a shotgun (clay) range nearby, in the hills, there is no cell phone coverage but my radio can talk to the repeater (and the repeater can talk to everybody else.)
The problem with cb is that by law you are limited to 4 watts. and the FCC will bust you for having a illegal amp.I have legally run 800 watts on hf-(ham radio freq ) and gotten stations in Europe.
Yes, CB is better than nothing. However upper HF bands are dead now, due to quiet Sun, so propagation on these bands is nothing to write home about. I'm also not aware of any CB repeaters. This limits your range to, say, 50 miles circle. On V/UHF you have repeaters, and if they are working (many have batteries) then there is no limit to the covered distance. Modern UHF radios are so small you can carry them with you anywhere, and the antenna needs to be only 10 inches long. UHF radios also use FM which is more immune to noise, and less sensitive to tuning errors (as compared to SSB.) If your CB uses AM then it's not even comparable, so bad AM is. All in all, it is better to have a modern ham radio, and investment into the license is very small, and needs to be done only once, just like driver's license or hunter's safety certificate.
When you want reviews of ham stuff, eham.net is your friend :-)
SFGATE.com - SAN FRANCISCO CHRONICLE: San Jose - "SABOTAGE ATTACKS KNOCK OUT PHONE SERVICE" (SNIPPET: "Vandals cut fiber-optic cable lines belonging to AT&T at two locations early today, knocking out phones and access to 911 emergency services to thousands of residential customers and businesses in southern Santa Clara County, in Santa Cruz and San Benito counties and along the Peninsula, authorities said." SNIPPET: "Landlines, cell phones and the Internet were all affected. The outage knocked out 911 service...") (April 9, 2009, 16:37 PDT)
Note: The following post is a quote:
http://www.freerepublic.com/focus/f-news/2226893/posts
Skip to comments.
$250,000 reward in phone cable vandalism (Union denies involvement)
San Francisco Chronicle ^ | 4-11-09 | John Coté,Michael Taylor, Chronicle Staff Writers
Posted on April 11, 2009 3:52:50 AM PDT by Anti-Bubba182
Authorities hope a quarter-million-dollar reward will shake loose a tipster to lead them to the vandals who severed underground fiber-optic cables, cutting off phone service for tens of thousands of people and disrupting life throughout southern Santa Clara, Santa Cruz and San Benito counties.
Investigators said Friday they are tracking down at least 10 leads and reviewing traffic-camera footage taken near one of four sites where the cables were cut Thursday in hopes of a breakthrough.[snip]
Contract talks
The sabotage in the South Bay came as AT&T was negotiating with the Communications Workers of America for a contract covering more than 80,000 employees, who have been working under their old pact since it expired Sunday.
“We are working under an expired contract and are prepared to strike at any time, which makes the timing of this vandalism difficult for us,” said Libby Sayre, a regional director for the union.
“Neither the union nor its members are involved in this in any way,” she said. “Our members spend their lives keeping up the equipment. We’re confident they didn’t do this.”................”
(Excerpt) Read more at sfgate.com ...
On April 19th at 4 37 am in north western WI. We had a complete black out which covered 2 cities. I was getting ready for work therefore I can without a shadow of a doubt testify to this. I unknowingly learned how to apply make up by candle light. I also unlocked disarmed the alarm at my work place. At 5 15 am I found myself sitting on the floor of my office with a flash light (un armed) counting thousands in petty cash. Believe me when I tell you how unprotected and vulnerable I was. The power 1as not restored until 7 45 am. The consequences of the black out were immense! Every thing crashed! It was 2 days of technical support that finally got us back on line. To this very moment have not inquired about the cause. I already know Xcel Energy will lie. Why bother.
On April 19th at 4 37 am in north western WI. We had a complete black out which covered 2 cities. I was getting ready for work therefore I can without a shadow of a doubt testify to this. I unknowingly learned how to apply make up by candle light. I also unlocked disarmed the alarm at my work place. At 5 15 am I found myself sitting on the floor of my office with a flash light (un armed) counting thousands in petty cash. Believe me when I tell you how unprotected and vulnerable I was. The power 1as not restored until 7 45 am. The consequences of the black out were immense! Every thing crashed! It was 2 days of technical support that finally got us back on line. To this very moment have not inquired about the cause. I already know Xcel Energy will lie. Why bother.
To choose one, you have to decide what you want to do, talk relatively locally or a great distances. The main difference is the frequency of operation.
There are little handheld devices ("Handie-Talkies", HTs) which operate in the VHF-UHF bands, 50 MHz - 1.2 GHz. 144 and 440 MHz are most common. They are useful for local contacts, but their range from one unit to another is considerably increased by "repeaters" which are commonly located on high points like mountains and skyscrapers. Their range might be a few miles or tens of miles in a city, many tens of miles in the plains, and well over a hundred miles mountaintop-plain or mountaintop-mountaintop situations, without repeaters, and many tens to a hundred or more miles with a repeater. But they do not participate in ionospheric (many hundreds to many thousands of miles) propagation except very rarely. They cost a couple hundred bucks or so.
Then, there are the "HF" (High-Frequency, 2-30 MHz) radios, which are typically larger (cereal box sized) and more expensive ($700-1500) but the signals they emit do usually reflect off the ionosphere, in which case contacts out from several hundreds to many thousands of miles are commonplace. (They can also communicate close-in, but if a band is "open" you typically wouldn't use one to talk across town, when stations from all over the world are also audible on the band. But when the band is "dead" it's considered kosher to talk across town.) These radios offer a number of bands and you can choose which one has propagation at any given time, depending on where you want to talk to. You need to know how to make and "tune" an antenna for any given frequency in order to radiate an effective signal.
You need a license to transmit on any of these frequencies, but the tests are not very difficult and Morse code is no longer required. The license is only about $5 and is good for 10 years, but you need to submit your SSN to get one (Thanks, McCain.)
If your purpose is emergency communication, having an HT in the car is a good start, and another at home enables you to "hit" repeaters at any time, and repeaters are good examples of things that keep working even after power outages, storms, and network outages. If you have relatives far away, or if you live in a valley or other highly isolated place (Alaska), an HF radio allows you to contact people across the country, certainly out of your locale. The HF radios often operate on 12 V so you can bring them in cars, although the antennas that you need don't look like cell phone antennas, they look rather bigger (and sometimes advertise that you have an expensive radio in your car). You can also pack field-expedient antenna kits, to set up where you travel, but that are not permanently attached to the car. You could easily go car camping somewhere and keep a "sked" (scheduled contacts) with home or another station, from your own location deep in the forests and away from repeaters.
And do i need a license to just buy one and listen to it?
No, only to transmit, although some places won't sell you one without your showing your "ticket" (license).
or should i start studying (like i don’t have to study enough already...i’m taking a course in something else already) and get a license.
If you want a license, you need to study but it isn't hard. You need to know your allowed frequencies of operation, some requirements of operation and some basic technical stuff. (For example, you have to give your callsign on the air every ten minutes and after your last transmission when you sign off the air.)
I’m happy with getting a Yaesu that was recommended, but which one? I’m looking at the V3X so far. hmm. that’s all for now.
I don't know that one, first decide if you want an HT or an HF radio or both, and whether you want to operate primarily from home, or car, or both.
Here is a link to prove what I stated in an earlier post regarding a black out in WI. The recorded time stated by the reporter on the black out is totally not true. I was awake as I stated in my earlier response.
http://www.wqow.com/Global/story.asp?S=10210352
Climbed down the manholes, eh?
Very interesting.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.