California: who is cutting Fiber-optic cable lines and why?

Law enforcement is investigating a series of mysterious attacks on the Fiber-optic cable lines in California. Who is behind these attacks?

The FBI is investigating a series of mysterious physical attacks on internet cables in California. The investigators confirmed that at least eleven cases occurred in San Francisco’s Bay Area in the last year.

The FBI confirmed to USA Today news agency that it is investigating the hacking attacks against the Internet lines belonging to the California’s internet infrastructure.

“The FBI is investigating at least 11 physical attacks on high-capacity Internet cables in California’s San Francisco Bay Area dating back a year, including one early Tuesday morning.” states the USA Today.

The last attack took place this week and caused the interruption of the internet services for businesses and residents in and around the Sacramento city.

Bad actors accessed an underground vault and cut three fiber-optic cables belonging to the service providers Level 3 and Zayo. Both companies confirmed the disruption in their services, but declined to provide further details.

“When it affects multiple companies and cities, it does become disturbing,” said FBI Special Agent Greg Wuthrich. “We definitely need the public’s assistance.”

These incidents are not isolated cases, and other similar events have occurred in the past, in the past “tens of thousands of residents were cut off from internet services after someone sliced through underground fiber-optic cables”.

In April 2009, unknowns cut the underground fiber-optic cables in California at four different locations, knocking out landlines, cell phones and Internet service for tens of thousands in Santa Clara, Santa Cruz and San Benito counties.

These incidents are very concerning, several threat actors with different motivations could be responsible for the attacks. Cyber spies and cyber criminal could be interested to steal sensitive data from the Internet data traffic, hacktivists and cyber terrorists could be more interested in sabotaging Internet connections.

The FBI confirmed that attackers operated in remote areas that are not under surveillance.

Similar attacks raise serious questions about the level of security of critical Internet infrastructure. It is too easy for an attacker to locate Fiber-optic cable lines and cut them. Richard Doherty, research director of The Envisioneering Group, highlighted that in the majority of cases Fiber-optic cable lines are indicated by flags and signs.

“There are flags and signs indicating to somebody who wants to do damage: This is where it is folks,” Doherty said. “You often have fiber from several companies sometimes going down the same street or the same trench. One attacker can dig one hole and wipe out service from three companies.”

Doherty also remarked that attacks on Fiber-optic cable lines are a “terrible social crime that affects thousands and millions of people.”

Pierluigi Paganini

(Security Affairs –Fiber-optic cable lines, crime)