Bruce Schneier
Schneier on Security
A blog covering security and security technology.
« Cloud Computing | Main | I'm Being Interviewed in Second Life Today »
June 4, 2009
Secret Government Communications Cables Buried Around Washington, DC
This part happens all the time: A construction crew putting up an office building in the heart of Tysons Corner a few years ago hit a fiber optic cable no one knew was there.This part doesn't: Within moments, three black sport-utility vehicles drove up, a half-dozen men in suits jumped out and one said, "You just hit our line."
Whose line, you may ask? The guys in suits didn't say, recalled Aaron Georgelas, whose company, the Georgelas Group, was developing the Greensboro Corporate Center on Spring Hill Road. But Georgelas assumed that he was dealing with the federal government and that the cable in question was "black" wire -- a secure communications line used for some of the nation's most secretive intelligence-gathering operations.
Black wire is one of the looming perils of the massive construction that has come to Tysons, where miles and miles of secure lines are thought to serve such nearby agencies as the Office of the Director of National Intelligence, the National Counterterrorism Center and, a few miles away in McLean, the Central Intelligence Agency. After decades spent cutting through red tape to begin work on a Metrorail extension and the widening of the Capital Beltway, crews are now stirring up tons of dirt where the black lines are located.
"Yeah, we heard about the black SUVs," said Paul Goguen, the engineer in charge of relocating electric, gas, water, sewer, cable, telephone and other communications lines to make way for Metro through Tysons. "We were warned that if they were hit, the company responsible would show up before you even had a chance to make a phone call."
EDITED TO ADD (6/4): In comments, Angel one gives a great demonstration of the security mindset:
So if I want to stop a construction project in the DC area, all I need to do is drive up in a black SUV, wear a suit and sunglasses, and refuse to identify myself.
Posted on June 4, 2009 at 1:07 PM • 44 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
wiredog • June 4, 2009 1:54 PM
I live in Pimmit Hills, and work in McLean. The issue isn't so much "black" fiber as it is unmarked fiber. Two more snippets:
Even without the presence of sensitive government operations, moving utilities to make way for Metrorail is a tricky and enormous enterprise. The Tysons-Reston corridor is home to part of MAE-East, one of the nation's primary Internet pipelines installed years ago by the government and private companies. Most major telecommunications carriers link to the pipeline, meaning there's a jumble of fiber optic wire under the Dulles rail route.
And they have snapped, accidentally, dozens of those carriers' lines, because even not-so-secret commercial lines sometimes don't show up on utility maps. Goguen, the utility manager, estimates that the rail project has already hit three dozen lines, sometimes doing no damage and other times grinding work to a halt or cutting power to retailers along Route 7. Even after extensively researching land records and maps and digging more than 600 test holes to determine utility locations, it's hard to avoid accidents on a project of such complexity and in such a busy place, he said.
Here's a picture of the tower.
BW • June 4, 2009 1:56 PM
Interesting but not surprising. Can just imagine a couple of spooks in heaven chatting, one saying to another "That was some end of the world wasn't it." and the other looking gloomy "I missed it, some jackass with a backhoe cut our feed."
Beta • June 4, 2009 2:09 PM
I can imagine only one way they could show up so fast: those SUV's were parked just down the road waiting, from the moment the backhoes started up. Now that the Guantanamo gulag is closed, maybe it's safe for a plucky foreman to stroll around the perimeter in the morning with a few cups of coffee: "morning, officers, we're digging over there today, any cables you want to tell me about?..."
BF Skinner • June 4, 2009 2:09 PM
You learn something new every day. We were having a road taken out when the datacenter lost all connectivity. Seems a backhoe cut the sonet. That day we learned we needed two comms paths out the building.
The Baltimore fire of 2005 taught us to have more than one complete service provider (one north east, one south west).
The power blackout of 2003 taught us to make sure our fuel provider delivered to us first AND had a gas powered pump at his facility.
Fifteen hundred years ago everybody knew the Earth was the center of the universe.
Five hundred years ago, everybody knew the Earth was flat, and fifteen minutes ago, I knew that humans were alone on this planet.
Imagine what we'll know tomorrow.
Pat Cahalan • June 4, 2009 2:21 PM
(musing)
I wonder how many of those black lines plug into networks that are connected to the commodity network anyway?
(/musing)
EdFromDC • June 4, 2009 2:23 PM
Maybe all those 'black' cables are what is making my internet so damn slow. Who'da thunk, one block from the White House, I have such crap connection speeds....
Angel one • June 4, 2009 2:27 PM
So if I want to stop a construction project in the DC area, all I need to do is drive up in a black SUV, wear a suit and sunglasses, and refuse to identify myself.
In all seriousness, I've been following the planned Tyson's construction for a while now. (I work in Tyson's and can't wait for the metro to come here to make my commute easier). If I can find the proposed plans on the internet, why can't the agencies who have cable running around here? They should know where their cable is, and they can do something to make sure it's found before bad things happen.
bob • June 4, 2009 2:37 PM
So their cable got cut? Who cares. Stuff Happens. Repair it and move along. If it was marked, you pay for the repair. If was NOT marked; they pay for the repair.
If its not encrypted, and red bits are spraying out into the ditch, then fine/fire the black suits for being dumbasses.
If it was critical infrastructure and had no backup via some other route, then fine/fire the black suits for being dumbasses.
Rach • June 4, 2009 2:38 PM
If they can't be bothered to put the effort in to mark their cables, or even to just let the construction company who would otherwise dig through them know where they are, then the company should just dig straight through the damned things.
It's not like they don't have the resources to keep an eye on such things.
Cassandra • June 4, 2009 2:43 PM
I know the very building MAE-East is in. When I was there (many years ago), MAE-East was completely anonymous from the outside, but I realised anyone who knew the location could 'take it out' with ease. I haven't visited there since the Twin Towers attack, so I don't know if its security has been beefed up. At the time, I thought it was slightly surprising that it was such a single point of failure for the Internet.
The *really secure* networks are the ones with cable runs in airtight pipes run at positive pressure - if the pressure drops, traffic is cut off automatically.
Cassie
Jared Lessl • June 4, 2009 3:02 PM
They wouldn't even show ID? Explain to me why anyone should give them the time of day. Without ID you are, as AngelOne put it, just a guy in a suit and sunglasses and can be treated like so much scenery.
Fuck em. If there's no conceivable way for the construction crews to know about the lines, then there's no reason they should care when they break them. That's the price you pay for having super-secret spy-grade fiber. It means you don't get to cry foul and demand reparations when someone stumbles across the toys you left out in the playground.
Bryan Feir • June 4, 2009 3:17 PM
@Cassandra
I'm reminded of comments from back in the late 80's when I was at University, about the 'Chicago Switch', I believe it was called. (Up front: I'm going by remembered anecdotes, and can't verify any of this.) The issue was that at the time, apparently something on the order of 50% of interbank transactions in the U.S. went through the one building, and taking out that one building would shut down the entire U.S. banking industry for a matter of a few days.
Apparently, not long after that report was published, the security of the building got buffed up to having military guards...
*Three black SUVs, extra polished, drive up to a busy construction site.*
MIB: You cut our line.
Mgr: And you are?
MIB: You don't know and its going to stay that way.
*MIB takes out shiney looking pen and flashes the ENTIRE construction crew*
MIB: Good news guys! Your boss called and said to go home for the day. Its national 'Surprise Your Employees With Time Off Day'. Congratulations. Now go home. No really, go home. Now.
Chris • June 4, 2009 3:46 PM
@Bryan Feir:
That'd be the Hinsdale switch. 1988. I hadn't heard about the interbank angle, but I seem to recall that a ton of the 708 and 312 traffic (Chicago and burbs, at the time) went thru that puppy.
The 1992 flood was another fun one ;^)
PackagedBlue • June 4, 2009 5:38 PM
Implicit assumption is that the real "MIB" know the construction before they start.
While you can fool the construction guys, you can not fool the real MIB who would show up anf gladly have fun with the fake black SUV stunts.
And sometimes they are silver, with expensive shoes...other dept.
Security minds set have many levels.
Leolo • June 4, 2009 5:49 PM
Isn't "black fiber" fiber that isn't being used? Or does TFA misuse the term?
Bryan Feir • June 4, 2009 6:08 PM
@Chris:
Thanks for the extra info.
Oddly, after reading that, I decided to do a Google search for "Hinsdale Switch", and your comment showed up as the third entry in the list, with Google placing the date on the page as '4 hours ago'. They get around quickly, they do...
Jon • June 4, 2009 6:09 PM
IIRC, "dark fibre" is the un-used variety.
black =/= dark, or sumfink. Unless the security is so deep that you can't even see the photons whizzing by. That would be a "dark black fibre". Of course, "dark black fibre" should *never* be confused with "black dark fibre", which is fibre intended for use by the secret sqyuirrels, but isn't being used. Yet. Unless it is. in which case it becomes "black dark black fibre".
And of course, none of this should be confused with "brown fibre", which is fibre used by the sewerage department.
HTH.
Jon
Jon • June 4, 2009 6:09 PM
IIRC, "dark fibre" is the un-used variety.
black =/= dark, or sumfink. Unless the security is so deep that you can't even see the photons whizzing by. That would be a "dark black fibre". Of course, "dark black fibre" should *never* be confused with "black dark fibre", which is fibre intended for use by the secret sqyuirrels, but isn't being used. Yet. Unless it is. In that case it's referred to as "black dark black fibre".
And of course, none of this should be confused with "brown fibre", which is fibre used by the sewerage department.
HTH.
Jon
Jon • June 4, 2009 6:10 PM
Meh, a sexy double, and it's still loaded with typos :rolleyes: Sorry folks.
joedilly • June 4, 2009 6:27 PM
"black" means the contents are unclassified, meaning it could be encrypted classified data or plain text unclassified data. "red" means classified.
Andrew Suffield • June 5, 2009 12:32 AM
Aside from black-suits-as-attackers, it works the other way around too. If you want to identify the lines the government is using for things they think are important, get some workmen to go around cutting lines and record which ones make them show up.
This behaviour is just plain dumb. The safe response would be to shut down the line and covertly observe what is happening, not to charge in and tell everybody in the area that you've got a line here. I can only presume it's about making them feel important and impressed with their "response times".
Peres • June 5, 2009 2:09 AM
I agree with Andrew. Makes me wonder if this really happened at all.
I find it hard understand, what these guys would gain by putting up a spectacle with black suits and SUV's. As they have to repair or re-route the line anyway, wouldn't it better to do it with low profile using some kind of cover company to do the job, that to draw unnecessary attention to the issue?
syberghost • June 5, 2009 7:12 AM
"Now that the Guantanamo gulag is closed"
It's not closed. No work is being done to close it, and tribunals are being resumed. The Senate voted 90-6 to block any use of funds to shut it down.
Kaukomieli • June 5, 2009 8:14 AM
Black SUVs? Sunglasses?
Those guys must be from the movie-threat-department and be watching to much TV lately...
Mark R • June 5, 2009 11:47 AM
They should just put these fiber runs on the utility maps and label them "raw sewage," "biological waste", "live CSPAN feed," or something else that will ensure nobody ever touches them.
Aaron • June 5, 2009 1:22 PM
I'm more confused by the guy's amazement that the AT&T crew showed up to fix it the same day. I work for a global Internet provider, and whenever one of our long haul cables gets cut, our providers usually have a crew on location in hours. He must not have cut 'true' fiber backbone lines before.
Davi Ottenheimer • June 5, 2009 1:24 PM
"So if I want to stop a construction project in the DC area, all I need to do is drive up in a black SUV, wear a suit and sunglasses, and refuse to identify myself."
Not really. You probably would have to time it with a dig that actually hit a line, not just at some random time.
kangaroo • June 5, 2009 4:31 PM
bob: If it was critical infrastructure and had no backup via some other route, then fine/fire the black suits for being dumbasses.
And who fires the guys in the black suits?
That's the problem with secret services -- secrecy is the key to covering stupidity and corruption. It's a particularly entertaining problem with multiple sets of MIBs who ostensibly don't know about each others existence, depending on their MIBiness.
I'm really not sure how often secret services are in the national interest -- I just can't see them doing much of value except fighting other MIBs. That can probably be done better (and more cheaply) by paying other countries to expand their own secret services.
Roger • June 6, 2009 8:10 AM
@kangaroo:
> And who fires the guys in the black suits?
The United States Senate Select Committee on Intelligence.
> I'm really not sure how often secret services are in the national interest --
"Generally, raising an army of a hundred thousand and advancing it a thousand li, the expenses to the people and the nation's resources are one thousand gold pieces a day.
"Those in commotion internally and externally, those exhausted on the roads, and those unable to do their daily work are seven hundred thousand families.
"Two sides remain in standoff for several years in order to do battle for a decisive victory on a single day.
"Yet one refusing to outlay a hundred pieces of gold and thereby does not know the enemy's situation is the height of inhumanity.
"This one is not the general of the people, a help to the ruler, or the master of victory."
-- Sun Tzu, "The Use of Spies"
Kid Anarchy • June 8, 2009 11:42 AM
Well somebody knew the cable was there or it wouldn't be there. This is a good reason to go wireless. Call 811
http://www.call811.com/how-811-works/default.aspx
I bet they didn't call 811 and if they did it is not their problem.
kangaroo • June 8, 2009 1:28 PM
@Roger: The United States Senate Select Committee on Intelligence.
Oh, I'm laughing so hard, I think I may break a rib. Yeah, technically they're in charge -- just like the Kaiser was technically in charge of the German Empire.
Sun-Tzu is referring there to data collection. Most data collection today can be done completely openly, without much need for secrecy. I'd say, it's probably much better done without secrecy, short of infiltrating the Taliban or such tiny edge cases. But we don't have a tiny secret service -- no one does...
Roger • June 11, 2009 7:56 AM
@kangaroo:
I'm guessing you're a little too young to remember the Barry Goldwater / Nicaragua affair. Sure, they sometimes try to wiggle around the rules, but they don't often get away with it. Conspiracy theories abound, and are cool and funky and fun to believe in, but in reality, he who has the gold makes the rules: and Congress has the gold.
> Sun-Tzu is referring there to data collection. Most data collection today can be done completely openly, without much need for secrecy.
Actually, he specifically says that to be effective, it must be clandestine. Collection from open sources is important -- but it is nothing new [1], and it is severely limited. Consider for example what open sources could tell you about current affairs in North Korea (absolutely nothing except their own propaganda.)
More generally, open source collection suffers from the problem of "fragility of sources." If a source of information provides a significant advantage, and its existence becomes known (e.g. through publication), then it is very often quite easy to either stop up the leak, or drown it in misinformation. Some sorts of information flow can't practicably be stopped because it is more valuable to keep them going, for example, trade statistics -- nevertheless there is significant evidence that even today China continues to falsify most of its trade statistics!
Consequently information whose source is concealed from the subject of the information tends to be far more reliable.
> But we don't have a tiny secret service -- no one does...
I'm not sure who "we" is in this case; from your handle I assume you are Australian, as I am. ASIO traditionally had about 700 personnel, down to around 580 in 2001, but boosted to 1400 (and rising) in the last few years. The number of personnel in ASIS is classified, but its total budget is considerably smaller than ASIO's; it could not have more than a few hundred personnel. Don't know if you consider that tiny or not!
____
1. In fact for a short time my father had such a job in the 1960s, as part of an official government clipping service that disseminated open source information (mainly from radio reports, newspapers and trade magazines) throughout the Australian Federal government, cross-referenced against other information on the same topic to help assess reliability.
louie • June 15, 2009 10:43 AM
Re: MAE East - It was a private company that set up the Internet exchange (MFS Datanet, at the time) with very little government involvement, save, perhaps funding R&E networks to have connections to it.
It's also not a huge single-point of failure. The bulk of interconnections between large ISP backbones is done using private, bi-lateral interconnection/peering arrangements, rather than through a public shared exchange. Sure, there would be an impact as many of the smaller carriers interconnect, but east-coast Internet isn't going to go dark.
Steve Simon • June 15, 2009 5:06 PM
A similar one happened to a friend who was living on a disused RAF base in the UK (long story).
One day a man from the GPO came to work on some lines under a man-hole cover, and after a short time lots of soldiers appeared and pointed their guns at the poor engineer.
It transpired he had severed some cables that he thought where disused, but in fact where still part of the UK defense system.
red faces all round.
DwarfFibre • June 18, 2009 4:49 PM
"Dark Fibre" is not only unused fibre, instead it is more often used to refer to fibre which the customer, i.e. you, "lights" and operates, i.e. you rent a "naked" fibre and then provide the optical transceivers. You also have to make sure that your bits get through. On the other hand, "lit fibre" is operated and maintained and transceiver-equipped by the guy you rent from.
Deasington • June 23, 2009 7:28 AM
Wierd ... In the UK for many years the local municipalities have a database with the geo-location of all underground cables, sewers, pipelines etc. Call one number before you start work - you know what's under the ground... Simple eh?!!!
Dakota farm hand • January 1, 2010 5:14 PM
intersting your talking about breaking cables.....years ago we were plowing a new field..tillers were set deep....tractor pulled up something,,,almost knocked me out of my seat,,,went to see what it was...strange...was a thick pipe like cable.Stopped the tractor...backed up to free it...reset the tiller over the direction the cable was going.I up turned miles of this cable before it went onto some fenced area that no one around here knows who owns it.
I cut the cable,,,spooled it up nice and waited for someone to come over.
No one did....
Subscribe to comments on this entry
Post a comment
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.
|
| Subscribe |
Subscribe via Kindle |
| Blog Menu |
SearchPowered by DuckDuckGoBlog Home Page
Archives by Date2013 J F M A M
Tags  |
| Latest Book |
more books by Bruce Schneier |
Comments