Article Lead Image

Attacks on fiber-optic Internet cables in California may have been coordinated

Investigators lines have been cut 11 times since last July


Tim Sampson


Posted on Jul 1, 2015   Updated on May 28, 2021, 11:07 am CDT

When most people think about cybersecurity, they think about passwords, encryption, and other virtual weaknesses. But there are physical cybersecurity threats, too, and while cutting a fiber-optic Internet cable is rudimentary compared to cracking a password, it can be even more devastating to the wider Internet. Several recent attacks on cables in San Francisco have prompted an FBI investigation and shined the spotlight on that worrisome phenomenon.

The attacks targeted three cables in Livermore, California, in what one Internet service provider told Reuters looked like a coordinated strike. Wave Broadband, which uses the cables, said they were cut shortly after 4am PT.

The federal government is currently looking into 11 separate physical attacks that have occurred in northern California since July 6, 2014.

FBI agents said that an unknown person or persons broke into an underground vault early Tuesday morning and cut the fiber-optic lines to to Zayo Group Holdings and Level 3 Communications, two Internet backbone providers that link up with carriers like Comcast and AT&T.

The FBI would not disclose specifics about how the vault was breached or how many people were affected. The attack disrupted service mainly for Internet users in Sacramento, the state capital.

FBI Special Agent Greg Wuthrich said that Tuesday’s attack fits a pattern of physical attacks on Internet infrastructure that the bureau has been monitoring for some time now.

“When it affects multiple companies and cities, it does become disturbing,” Wuthrich told UPI. “We definitely need the public’s assistance.”

High-capacity fiber-optic lines are critical to Internet service, operating like highways and distributing data across various ISPs. But because they are physical objects, they are just as vulnerable to sabotage as a railroad track if they can be accessed.

Security experts say that attacks on physical cables expose glaring vulnerabilities in how the real-world architecture of the Internet is configured and protected.

“There are flags and signs indicating to somebody who wants to do damage: ‘This is where it is, folks,'” Richard Doherty, research director at the Envisioneering Group, told USA Today. “You often have fiber from several companies sometimes going down the same street or the same trench. One attacker can dig one hole and wipe out service from three companies.”

California is not alone. Earlier this year, tens of thousands of Arizona residents were reportedly left without Internet service after someone cut through underground fiber-optic cables. The severing of those lines is also believed to have been purposeful.

Photo via 1village/Flickr (CC BY SA 2.0)

Share this article
*First Published: Jul 1, 2015, 11:41 am CDT