By Bernard Everett.
With the ever increasing demand on communication networks, today’s business world would be inconceivable without fibre optics. However, the general perception that this method of data transmission is inherently safe is false. Growing sophistication in both optical tapping technologies as well as the know-how of the cyber-criminal, means that this security risk can no longer be underestimated.
When large volumes of data have to be transmitted, more and more companies and public authorities turn to Gigabit Ethernet to get to grips with the increasing flood of information. Underpinning this transmission technology, fibre optics displays unrivalled advantages when compared to all previously used methods, offering greater bandwidth, speed and reliability.
Optical fibres – the ideal transmission medium
Fibre optic cables are gaining increasing popularity for the transmission of data with estimates putting the length of cable installed around the globe at more than 300 million kilometres. This media offers high data transmission rates and is thus particularly suited for the transmission of data, images and voice. In carrier networks, Gigabit Ethernet, Sonet (SDH) and Fibre Channel are the typical access technologies whilst fibre optics provides the transmission medium allowing these technologies/protocols to communicate with speeds of up to 10Gbps.
In day-to-day businesses, the transfer of information and data has become indispensable, and there is no let up in the volumes being transmitted. Bandwidths of 1 Gbps or higher are the order of the day for connecting both metropolitan area networks (MAN) as well as WANs (wide area networks) and are widely used to provide backup and disaster recovery infrastructures. Even large volumes of data can be mirrored and safeguarded at locations far away from their origins. The significant advantages of fibre optics for networks of this type – speed, capacity, and economy – have led to a situation where the demand has increased dramatically.
State-of-the-art fibre optic networks are employed by many banks, insurance companies, enterprises and public authorities as their communication backbone, supporting critical business activities. If no security precautions are taken to prevent the theft of data, the consequences can be devastating. In a premeditated tapping of an optical network it is extremely unlikely that the victim will even be aware the perpetrator exists; information will not go missing as our data thief will be simply eavesdropping and copying what transpires over the network.
Potential risks of optical networks
The notion that fibre optic cable is particularly secure when compared with traditional copper wire is no longer accurate since there are various so-called ‘Optical Tapping Methods’ which can be used, to extract data from fibre optic networks. The risk of being detected is very slight.
By means of ‘splicing’ - splitting the fibre optic cable, access can be easily obtained to the flow of information without the signal having been noticeably changed when it reaches the recipient, or without disturbing network operations. It is sufficient to bend the fibre keeping the cladding intact, in order to be able to track the exchange of information with little to no chance of being detected. (1)(2) The majority of telecommunication providers fail to draw attention to this growing danger, or are simply ignorant of the facts.
Regardless of size, data is vulnerable
Contrary to widespread thinking, large volumes of data provides no protection. In order to extract specific information from large amounts of data, corresponding IP numbers or key expressions are sufficient. Using the digits, packet ‘sniffer’ programs are able to filter out the information required from the data streams and store it in real time. Very often, solutions of this nature are offered to ISPs as a means of implementing new calculation models for data traffic. It goes without saying that these tools can also be used for analyzing the data content.
The same situation applies to small block sizes. Companies who think that they are safe when transmitting disk data, as this only forms part of a RAID system, or mirrored data as it utilises a proprietary mirroring protocol, should think again. Using readily obtained shareware tools, disk data can be easily read and a standard 512 byte disk sector can reveal a lot of useful information. It should not be forgotten, the hacker has all the time in the world to collate data as no one knows he/she is listening in!
When data is being transmitted over fibre optic networks, sensitive information is almost always involved. If the integrity, confidentiality and authenticity of this information are not 100 percent guaranteed, the user of this technology may be exposed to a risk of immeasurable proportions.
Hacking into fibre-optic communications is not just a theory, but constitutes a real danger that needs to be taken seriously. The only effective response to this threat is the encryption of the data at the point where it leaves the protected internal realm.
1) White Paper ‘Fibre Optic Intrusion Detection Systems’ Network Integrity Systems 2005
2) M. E. Kabay, ‘Tapping fiber optics gets easier’ Strategies Newsletter, Network World, 4th March 2003
Author: Bernard Everett, is regional sales director Western and Southern Europe for InfoGuard advising the Swiss banking sector. Bernard holds B.Sc. Honours in Control Engineering with a major in Computer Engineering. Bernard will be presenting at Automata’s ‘BCM Challenges for 2008’ conference at Old Windsor near, Heathrow This is an abridged version of Bernard’s paper which will form the basis of his presentation. http://www.automataservices.com/conference.htm
•Date: 11th December 2007• Region: UK/World •Type: Article •Topic: ISM
Rate this article or make a comment - click here