Return-Path: <sentto-279987-2240-1001193259-fc=all.net@returns.onelist.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Sat, 22 Sep 2001 14:16:09 -0700 (PDT)
Received: (qmail 6393 invoked by uid 510); 22 Sep 2001 21:15:24 -0000
Received: from n26.groups.yahoo.com (216.115.96.76) by 204.181.12.215 with SMTP; 22 Sep 2001 21:15:24 -0000
X-eGroups-Return: sentto-279987-2240-1001193259-fc=all.net@returns.onelist.com
Received: from [10.1.1.220] by fg.egroups.com with NNFMP; 22 Sep 2001 21:15:00 -0000
X-Sender: fc@big.all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-7_3_2_2); 22 Sep 2001 21:14:19 -0000
Received: (qmail 67009 invoked from network); 22 Sep 2001 21:14:18 -0000
Received: from unknown (10.1.10.142) by 10.1.1.220 with QMQP; 22 Sep 2001 21:14:18 -0000
Received: from unknown (HELO big.all.net) (65.0.156.78) by mta3 with SMTP; 22 Sep 2001 21:14:58 -0000
Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id OAA21571 for iwar@onelist.com; Sat, 22 Sep 2001 14:14:58 -0700
Message-Id: <200109222114.OAA21571@big.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Sat, 22 Sep 2001 14:14:58 -0700 (PDT)
Reply-To: iwar@yahoogroups.com
Subject: [iwar] Critical infrastructure vulnerabilities
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
http://cryptome.org/telecomm-weak.htm
To: M
From: John Young <jya@pipeline.com>
Date: 21 Sept 2001
I've been told that vulnerable points in the telecomm network are the
landfalls of undersea cables (especially latest fiber optic), or
somewhat offshore if the landfall huts are protected. There are only a
relatively small number of these compared to the large number of
national cables and wireless systems that branch from them.
The older cables' locations used to be shown on nautical maps to warn
off ships, but I do not know if the newest fiber optics are.
Satellites now carry a good amount of traffic once carried only by
undersea wire cables but the fiber optics are expected to carry more
than satellites.
(Aside: There has been recent discussion on whether NSA can tap the
fiber optic cables, and if so, how much more difficult is it than
tapping wire cables.)
Another vulnerability are the principal, central operations control
facilities of telecomms which monitor national and international
systems. There are only a few of these for all nations.
Then there are the interfaces between civilian systems and those for the
military. Some military are said to be totally independent of civilian,
but nearly all have some civilian aspect, if not that of providing
services for classified systems then for interfacing classified and
non-classified.
The companies which provide equipment and operational support for highly
classified military telecomm systems could be vulnerable in ways the
military components are not. There are dozens of these, giants which
provide a range of services and smaller specialists. In particular, the
companies which provide products and services for communications
security would be attractive targets for physical attack, product
compromise or personnel subversion.
On vulnerabilities of military systems: the Defense Science Board
published a study in March 2001 called "Defensive Information
Operations:"
http://cryptome.org/dio/dio.htm
This 270 page report outlined vulnerabilities of military and civilian
information systems and what needs to be done to protect them. I would
guess that it had a classified component not made public.
National military command systems, classified intelligence systems,
public emergency communication systems, law enforcement communication
systems, and others for which there is little public information, in
varying degrees interface with and depend upon civilian
telecommunications infrastructure. What I am told is that there are not
a whole lot of people who know how the whole thing works and what its
most vulnerable points are. ATT, Lucent (Bell Labs), MIT and other US
and non-US telecomm research facilities which helped invent, build,
modify, upgrade and operate global governmental, military, intelligence
and civilian systems, have researchers and databanks on the
infrastructure which could be vulnerable to attack, extortion,
kidnapping, bribery, burglary, even theft of information on
vulnerabilities which might not be discovered for years afterwards, as
we have seen in several espionage cases.
Now, you probably know everything I've told you and much more. What do
I have to offer that is not frequently discussed on the Net? Not much.
I guess I would call attention to the vulnerabilities of physical
facilities which house telecomm systems. And in addition to simple
burglary I would highlight the hazard of compromising emanations of
protected data, especially the data that controls operation of national
and global telecomm systems Acquisition of that control data and its use
to disrupt systems, or to corrupt the data with injection of erroneous
commands, is what many national security agencies are surely working
very hard on, for defense and for attack.
------------------------ Yahoo! Groups Sponsor ---------------------~-->
Pinpoint the right security solution for your company- Learn how to add 128- bit encryption and to authenticate your web site with VeriSign's FREE guide!
http://us.click.yahoo.com/JNm9_D/33_CAA/yigFAA/kgFolB/TM
---------------------------------------------------------------------~->
------------------
http://all.net/
Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:48 PDT