Wednesday, September 16, 2015

Hacking Deep Sea Cables

There has been an arms race for over a century now between hardened wired systems and encrypted wireless systems. Typically, a closed wired system can be safely assumed to be secure. If your system doesn't connect to the outside network, the outside network cannot connect to you. There is an obvious loss of utility there, but it's not hard to see the upside of that design.

Take the internet for example. It's a big place. Some of it is private and not directly connected to the rest of the internet. For a problem like that the NSA had room 641A. It is a telecommunication interception facility operated by AT&T at  611 Folsom Street, San Francisco. It was exposed in 2006 and the NSA was sued by the EFF. This isn't a conspiracy theory. PBS has covered the story. The EFF has filed two different suits over the obviously illegal operation.

This isn't the first time this has happened.  Decades ago the NSA and CIA began to scheme to tap international telephone lines. They already had access to most of the phone lines that went through the United States. But by the 1970s the planet was criss-crossed with phone cables that didn't route calls through oor two the USA. The U.S. government is just too nosy to leave that alone. Someone might say something about their mom.

So in the Fall of 1971 the U.S. Navy began Operation Ivy Bells. The nuclear submarine, the USS Halibut was piloted into the Sea of Okhotsk, Russian waters. It's mission was to find a marine cable and tap it. The cable was known to connecting a Soviet naval base on the Kamchatka Peninsula with a larger base in Vladivostok. The only problem was that it was under 400 feet of water and they had to overcome that obstacle with 1970s technology.  Undersea cabling had been in use since the 1840, it took over 100 years to learn how to hack it. More here.

But they succeeded. The NSA had developed a waterproof tap, which was 20-feet long . But whether due to limitations or by design the tap didn't transmit data. The NSA had to return monthly to the site to retrieve the recordings and load in new blank tapes. Their fun was ruined in 1981, when NSA employee Ronald Pelton tattled on them to the KGG. Pelton was tried and convicted of espionage in 1986 and sentenced to three concurrent life sentences. The original tap is currently on exhibit at the KGB museum in Moscow. More here.

But the NSA and the CIA weren't done tapping marine cables. In 1979, the USS Parche installed another tap on another  Soviet undersea cable, this time in Barents Sea. That remained undetected until 1992.Other cables were tapped off the coast of Africa and in the Mediterranean. Files leaked by Edward Snowden in 2012 revealed that  intelligence agencies had tapped more than 200 fiber optic cables around the world. There are 277 undersea fiber optic cables in the world today. Obviously they're not done yet. Known projects go by names like Oakstar, Stormbrew, Blanery and Fairview. There are surely others. So the solution isn't isolation, it's encryption.