Fourth Undersea Cable Failure in Middle East

The first two affected India, Pakistan, Egypt, Qatar, Saudi Arabia, the United Arab Emirates, Kuwait, and Bahrain. The third one is between the UAE and Oman. The fourth one connected Qatar and the UAE. This one may not have been cut, but taken offline due to power issues.

The first three have been blamed on ships' anchors, but there is some dispute about that. And that's two in the Mediterranean and two in the Persian Gulf.

There have been no official reports of malice to me, but it's an awfully big coincidence. The fact that Iran has lost Internet connectivity only makes this weirder.

EDITED TO ADD (2/5): The International Herald Tribune has more. And a comment below questions whether Iran being offline has anything to do with this.

EDITED TO ADD (2/5): A fifth cut? What the hell is going on out there?

EDITED TO ADD (2/5): More commentary from Steve Bellovin.

EDITED TO ADD (2/5): Just to be clear: Iran is not offline. That was an untrue rumor; it was never true.

Posted on February 5, 2008 at 8:28 PM • 208 Comments

Comments

prodigal sheepFebruary 5, 2008 8:57 PM

Anyone else find it interesting that these cables are being cut right around the time ISP data fingerprinting is being proposed/introduced?

When will the people's free internet be introduced?

Something will have to change when our right to express ourselves is cut just as it is with big media radio/FCC bedroom behavior vs. individuals who cannot own their own radio station.

Snip snip, tick tock!

Freedom dies a little every day.

AnonymousFebruary 5, 2008 9:13 PM

The internettrafficreport always reports that one Iranian router as being offline lately... Don't use one metric to make accusations!

Portland GuyFebruary 5, 2008 11:37 PM

What's the weather like there? If it's been rough and a lot of ships have been throwing down anchors, it could just be that. I don't know. Although it is improbable that dropped anchors would cut so many cables in such a short amount of time, this doesn't mean that it is impossible.

Or maybe it's some seals trained by the navy (the animals, not the elite navy forces) who are sneaking in and cutting the cables under directive of the CIA as a precursor to a US assault on Iran.

EVERYBODY PANIC!!!SHIFTONE!

Kadin2048February 6, 2008 12:26 AM

I love a good conspiracy theory as much as the next guy, but I'm just not sure about this one. At the very least, it doesn't seem like anything the U.S. or any Western nation would have a lot of interest or benefit in doing. (As has been widely pointed out, the U.S. has a nuclear submarine, the USS Jimmy Carter, specifically configured for tapping underwater fiber-optic cables, and cutting them is not how you install a tap.)

Plus, since the Internet is a major source of Western cultural influence in the Middle East, it would be self-defeating for a Western nation to go and cut the cables. (Not that the West isn't often self-defeating, but this is a little too blunt.)

The only workable malicious theory I've heard involves the cutting being the work of a group or groups who are in some way opposed to Western influences in the Middle East, or to the most Western-friendly groups, such as the Al Maktoum family. Since it doesn't take much in the way of resources to break a cable, it's not out of the realm of possibility for a fringe group.

That said, I think the possibility that it really is/was some sort of geologic phenomenon should be carefully investigated before anyone jumps to conclusions about what are effectively acts of war.

NostromoFebruary 6, 2008 1:00 AM

"At the very least, it doesn't seem like anything the U.S. or any Western nation would have a lot of interest or benefit in doing."
That doesn't mean the current regime in Washington won't do it. The US didn't really have any interest or benefit in invading Iraq in 2003, for example.
As several people pointed out, losing one cable is probably accidental, and even losing 2 in a short space of time might be accidental. But five? Wake up, folks.

NotUsuallyAConspiracyTheoristFebruary 6, 2008 1:01 AM

Yes, it could be the weather but 5 undersea cables down in less than a week is likely to be a coordinated attack. According to (http://personalpages.manchester.ac.uk/staff/m.dodge/cybergeography//atlas/alcatel_large.gif) this looks like maybe half of all the cables in this area.

I'm not saying a war is imminent or remotely close. More likely it is Israel and/or the US testing if their sims are accurate (note that Israel is not effected by these outages since they use different cables).

GiacomoFebruary 6, 2008 1:15 AM

Well, it's an awful coincidence that the long-postponed launch of the (euro-denominated) Iranian Oil Bourse was due this week. They postponed it so many times already, the entire project would lose the last shred of credibility if it was postponed again, or maybe just appear sluggish on the launch day.

I'm not saying somebody is doing this to Iran, for what we know they might be doing it to themselves in order to cover their own failures by accusing a third party of sabotage. But it certainly is "funny" to have so many outages in one week which happens to be a very delicate week for the oil markets.

@Portland guy: people worry because we're in that period of the year (feb-apr) when you're supposed to start a military campaign in the ME if you really want to. Can't do it in the summer (untolerably hot), can't do it in winter (untolerably cold in desert areas); if you start in autumn, you risk not being done when the winter comes, so you have to do it in early spring.
This said, I don't see how the currently-overstretched US military could invade a country larger than Panama these days...

jsFebruary 6, 2008 2:17 AM

The funny thing about the metric you quoted is that the web server of the Iran University of Science & Technology ( http://www.iust.ac.ir/ ) in the same IP block as the router that's supposedly unreachable (router1.iust.ac.ir) works, although somewhat slowly.

j0hnner_caFebruary 6, 2008 2:21 AM

Do you commentators even read the articles or even the first few comments?

Iran is not offline - that page monitors one router. It's disaffected sure, but not cut off.

It's been repeated across these pages that the first major cut was not on-site sabotage; they say it was most likely power failures(could also just as well be natural occurrences - mother nature's TOTM perhaps...). These cables depend on direct current to operate, so the question is... why's the power failing? What sites power these cables and what the hell happened there?

For my money the only conspiracy that might be here is that whatever supplies power to these lovely Harry Potter subway tunnels might have been manipulated? Not the first we've heard of malicious hackers playing with power plants.

But that's a Mr. Fantastic stretch...

sortkattFebruary 6, 2008 3:01 AM

"As has been widely pointed out, the U.S. has a nuclear submarine, the USS Jimmy Carter, specifically configured for tapping underwater fiber-optic cables, and cutting them is not how you install a tap."

Uhm, I realize my knowledge about this is extremely limited, but it was my understanding that fiber optic couldn't be tapped? If you intercept the information, it won't be going where it's supposed to go?

I guess it might be conceivable to read the signal and then resend it, but how would this be done in practice? Anyone have any insights?

As for the cables, I think someone's up to something.

j0hnner_caFebruary 6, 2008 3:35 AM

I know you can tap normal consumer fiber optic cables if you have coils of them laying around(as is often the case. makes cutting and reworking easier). You attach on a little device called a bend coupler and it works because some stray photons actually escape through the insulation; enough to get the signal. But these things are thick as all hell aren't they? And I'd imagine when stringing them across the globe you're not going to be wasting any length

MarcFebruary 6, 2008 3:59 AM

"Once is happenstance, twice is coincidence, three times is enemy action." Auric Goldfinger in the James Bond movie "Goldfinger"

IngvarFebruary 6, 2008 4:13 AM

The ITR seems to be a very unreliable source of info. According to them, Germany and Florida are offline too. (And South Africa is part of Europe).

PeterFebruary 6, 2008 4:16 AM

Re: NotUsuallyAConspiracyTheorist:

That's what it looks like to me too. There's no way in hell this is accidental (sorry Portland Guy, these cables are relatively small, you don't stand a chance of hitting so many of them with anchors even if you cover the see with ships from shore to shore; point in case: how frequently does this happen with single cable only no matter what weather?). And it didn't actually knock any country off the Internet entirely, which suggests a test to me -- what's the point otherwise?

averrosFebruary 6, 2008 4:24 AM

1. Cut the cable in a way which makes it look like an accident.

2. While the repair team is busy traveling to the place of the cut, splice in the wiretap pod nearby (nobody would notice, the cable is cut, and any small change in cable parameters will be written off as side effect of repair).

3. Wait for the repair team to bring the cable back to life.

4. Spend the rest of your life sifting through the babble.

GeoffFebruary 6, 2008 6:22 AM

The history of submarine cables is littered with breaks out of the range of anchors, usually attributed to geologic phenomena (what do you call those really big mud flows in the Gulf of Mexico?). All of these breaks are around a geologically active area, the rift that runs through Israel and down to Ethiopia. The Internet traffic flows around the breaks, albeit more slowly, so consipirators would have to be naive, well-financed, and capable of executing over a large area. Can you hear the odds hitting the floor?

RCFebruary 6, 2008 6:57 AM

@averros

Good theory; if it is a set of deliberate cuts, this is one likely explanation.

Maybe they are using these cuts to track down terrorists. They are known to use the internet as a significant means of communication within their groups.

AnonymousFebruary 6, 2008 7:11 AM

@sortkatt - I've knon about at least two ways to tap fibre since the mid 80's. It wasn't common knowledge but not a tightly bottled secret either.

About the coincidence. In WWII during the battle of the Atlantic the Brits wanted to go after the refuelling U-boats. There were 5 as I recall. They decided to take out 2 using intel from their Nava enigma intercepts. A US warship stumbled on a third and sank it. The Germans almost changed their codes as a result.

Of course if it is just power, that makes a whole lot more sense.

sooth_sayerFebruary 6, 2008 7:21 AM

It could be Jihadis trying to disrupt NSA's ability to monitor traffic.

Though the cables can be repaired at sea, it all depends on the kind of damage. If done professionally the damage could be fatal needing a new "system".

As currently most internet traffic is routed "through" US, ripping up cables will potentially give the cable operators the chance of "new routing" away from US.
@josh - don't blame pentagon whenever you wet your pants.

BrianFebruary 6, 2008 7:39 AM

A blogger in the financial industry speculated that the submarine cable outages could be a shot across the bow from 'the powers that be'; that moving away from using the dollar as a market standard carries some risk; the information needed to run those markets traverses submarine cable and guess who owns a navy able to interdict that information?

Shrug. Seems like a rather clumsy way to send a message; an intelligent operator already knows this.

Sometimes things just happen. The likely explanation seems to be this is not enemy action but a maintenance issue.

Trichinosis USAFebruary 6, 2008 8:21 AM

Even if these were accidental, which I highly doubt, I think Averros is right on the money. This is a prime opportunity to introduce a packet vaccuum cleaner on every cable that needs repair. The other alternative is to force people to go to satellite, which can have it's own illicit surveillance charms.

Incidentally, the US Army is currently heavily involved in "helping" Afghanistan to build it's own Internet architecture. I know someone who's directly involved.

Abdul Abdullah Akbar Usuq M'diqFebruary 6, 2008 8:49 AM

Its actually our new business plan.

1. Cut undersea Internet cables
2. ???
3. Profit!

The PeachFebruary 6, 2008 9:09 AM

Can someone confirm these cable cuts independently, please?

one off of Marseille, France
two off of Alexandria, Egypt
one off of Dubai, in the Persian Gulf
one off of Bandar Abbas, Iran in the Persian Gulf
one between Qatar and the UAE, in the Persian Gulf
one in the Suez, Egypt
one near Penang, Malaysia
initially unreported cable cut on 23 January 2008 (Persian Gulf?)

AlexFebruary 6, 2008 9:14 AM

Marseille: no dice (hint - it's the other end of the cable from Alexandria).
"Suez" - probably same as the two off Alexandria.

"off Bandar Abbas"; functionally equivalent to off Dubai.

Mark HarrisonFebruary 6, 2008 9:19 AM

Sortkatt,

There have been fibre-optic "sniffers" available for over 10 years. They rely on the fact that you can lose a reasonable percentage of the photons in any bit without corrupting the signal, and chop part-way through the cable to take a feed.

OK, I've never seen one big enough (or waterproof) enough to chop an under-sea cable, but I've never had an application for such a thing :-)

CassandraFebruary 6, 2008 9:23 AM

Averros paints a very interesting scenario, and I don't want to say he or she is wrong, but just point out a couple of things.

The submarine environment is pretty unforgiving, so installing a 'data vacuum cleaner' underwater is tough - even with the USS Jimmy Carter. You have two problems (a) how do you power your vacuum cleaner and (b) how do you get data off it?

The cable systems in question are not owned by US companies. FLAG is ultimately owned by Reliance (Indian), and SEA-ME-WE 4 is owned by a consortium. FALCON is owned by Reliance as well. This make covert operations much more difficult. Obviously there's more detail behind this, but I don't want to clutter up Bruce's blog.

Multiple cable failures are not that unusual. FLAG and SEA-ME-WE 3 were both cut by an earthquake off Algeria. The Taiwan earthquake cut many cables in the sea off Taiwan. Large companies who use and rely on submarine cables tend to specify multiple paths taking geographic dissimilar routes (where possible) - for example, using one of FLAG, SEA-ME-WE3 or SEA-ME-WE4 and specifying the use of SAT3/SAFE as backup (and taking the hit on latency). Alternatively, one can use satellite backup.

The place to install a 'data vacuum cleaner' is at the cable landing station. There you have power and a convenient data network to send the 'interesting' filtered data off to a government facility.

Cassie

Dave SchroederFebruary 6, 2008 9:32 AM

Iran is NOT offline.

One router in Iran -- the one that happens to be used by Internet Traffic Report -- is unreachable. As are dozens of single points on the internet in many states in the region.

A quick perusal of, e.g., newspaper web sites in Iran finds every one I have tried working fine, including all state-run media:

http://www.onlinenewspapers.com/iran.htm

As is the web site of the Government of Iran:

http://www.iran.ir

...and numerous other government and press web sites physically located in Iran. See for yourself:

http://www.google.com/search?q=site:.ir

(And yes, I am aware that simply ending in .ir does not mean the site is necessarily physically in Iran, but you can easily verify via ARIN that nearly all of them are.)

So the premise that Iran is "offline" and its implication are inaccurate.

JoshFebruary 6, 2008 9:33 AM

I was talking about this with a friend last week. We decided that sharks were finding optical cables to be a light snack.

SueFebruary 6, 2008 9:47 AM

"Once is a freak occurence. Twice is a coincidence. Three times is enemy action." We're on five at the moment.

TooDopeyFebruary 6, 2008 9:49 AM

It could be that someone does not want the world to know what's going on in those areas for awhile. The information coming out of those areas has stopped also. US invasion of Iran, maybe.

waldoFebruary 6, 2008 9:53 AM

Earlier last month there was an article about how terrorists were more effective at using the internet for propaganda then the US was. Perhaps some think tank decided that it would be best to prevent them from using the internet in an effort to level the playing field.

chongFebruary 6, 2008 9:58 AM

A quick perusal of, e.g., newspaper web sites in Iran finds every one I have tried working fine, including all state-run media:

Those are all faked by the CIA and cops man, pretty soon George Bush will be flying airplanes into buildings and causing natural disasters again...

Conspiracy theorist need a dose of realityFebruary 6, 2008 9:59 AM

Seriously people. Try and be a little bit rational and use common sense. Cutting an undersea cable would most likely not 'harm' a government due to redundant connections, such as through satellite. In addition, the internet is only one way of sending and receiving information. Also, why tap an undersea cable when it would be hundreds of times easier and less expensive to intercept information on the other side of the ocean.

An imminent invasion of Iran? Not likely. I and the 'bad guys' know that large scale secret invasions are a thing of the past. For that, we can thank cnn, foxnews, etc.

Elvis GumpFebruary 6, 2008 10:00 AM

"Once is happenstance, twice is coincidence, three times is enemy action." -- Ian Fleming

Five times? Prelude to war.
Perhaps as little going-away present from our Fearless Leader? I don't believe in coincidence...

tekelFebruary 6, 2008 10:02 AM

The fifth cut in Bruce's update is near Penang. That's only about six thousand miles from the other cuts, and has NO

repeat, NO

connectivity to Iran.

All you "OMFG teh Iranz is kick the plug out!!!" guys might want to change your theories a bit- are we adding Vietnam to the Axis of Evil?

GeekoidFebruary 6, 2008 10:04 AM

As previously said, Iran is not offline and it is irresponsible fear mongering to state it.

The only 'group' that would see an advantage from this would be Middle east groups that want to be isolated. Nothing scares people who make a living off superstition woo-hoo than open information.

We, westerners, are looking at this as "they are being cut off from us, which one of us could it be?" When it could also be looked at as "we are being cut off from them".

gangslangFebruary 6, 2008 10:04 AM

You would have to compare the usual number of cables needing maintenance to the current state to reach a meaning full conclusion.

NickFebruary 6, 2008 10:07 AM

cui bono? who benefits?

1) anti-globalization groups? if the recently-outsourced call center is down half the time, business might re-think outsourcing...
2) military operations? i doubt it. it isn't politically likely for the US to start a new war, and even if they did, no sane military relies on the internet.
3) competing telecom businesses? are satellite or land-based cable owners raising prices right now?
4) nessie? i agree that the loch ness monster is the most likely source. grainy photos are one thing, but digital surveillance could end the mystique this monster thrives upon.

bruce, your spam filter is a piece of junk, by the way.

TopherFebruary 6, 2008 10:10 AM

Considering the locations, traffic from the EM-ME is now flowing west to east to reroute around the breaks.

This means traffic going from the ME to to points west needs to pass through the US and thru the NSA's Narus STA's (semantic traffic analyzers).

I love global security conspiracy theories as much as the next guy. Maybe, if it were cut intentionally, it was a specific, targeted intelligence operation, and they expect to be finished by the time proper traffic flow is restored.

QuercusFebruary 6, 2008 10:10 AM

I agree that we should be careful about excessive paranoia, and it does seem easier to tap cables at the ends rather than mid-ocean. But then this comment:

>The cable systems in question are not owned by US companies...This make covert > operations much more difficult.

Assuming it's the NSA doing the tapping, I think instead of "difficult" it should have said "necessary".

TopherFebruary 6, 2008 10:14 AM

Ahh, but they don't need to physically tap the cables, just break them so traffic goes in a more.. ahem... "orderly" direction.

Sean TierneyFebruary 6, 2008 10:15 AM

Feb 8th is the next new moon - the optimal time to conduct a stealth attack...

i don't take credit for that observation - i saw it mentioned in a comment on this story on news.ycombinator.com

sean

JasonFebruary 6, 2008 10:16 AM

What if they are all related to undersea geological activity and a massive earthquake is looming?

MarkitectFebruary 6, 2008 10:21 AM

You're all missing the best crackpot theory.

Atlantians have started a major subsurface construction project and the cables happen to lay in areas of expansion. They probably didn't even notice as then bulldozed the cables for the new luxury housing and commercial development.

This is probably as likely as some of the other theories suggested.

NutterFebruary 6, 2008 10:22 AM

Averros is onto something, but I would venture it's easily as likely US or UN taps were already in place somewhere along these particular cables, and that they were cut deliberately to cease all intercepted communique.

They are far too Mid-east specific, and too well timed (not simultaneous, more like tactfully uncoordinated) to be coincidence IMHO, but I'm no conspiracy nutter... although it *IS* interesting that this comes just moments before an online live webcast of Brittany Does Dubai was to begin... which I find also to be more than simply coincidence.

PeterFebruary 6, 2008 10:23 AM

This is my favorite wired article:
http://www.wired.com/wired/archive/4.12/...

Yes. 56 pages about undersea cables. That's about what it occupied in the dead tree edition as well. With lots of exquisite photos.

One segment is:
>When a trawler snags a cable, it will pull it up off the seafloor. How far it gets pulled depends on the weight of the cable, the amount of slack, and the size and horsepower of the ship. Even if the cable is not pulled all the way to the surface, it may get kinked - its minimum bending radius may be violated. If the trawler does succeed in hauling the cable all the way up out of the water, the only way out of the situation, or at least the simplest, is to cut the cable. Dave Handley once did a study of a cable that had been suddenly and mysteriously severed. Hauling up the cut end, he discovered that someone had sliced through it with a cutting torch.


>There is also the obvious threat of sabotage by a hostile government, but, surprisingly, this almost never happens. When cypherpunk Doug Barnes was researching his Caribbean project, he spent some time looking into this, because it was exactly the kind of threat he was worried about in the case of a data haven. Somewhat to his own surprise and relief, he concluded that it simply wasn't going to happen. "Cutting a submarine cable," Barnes says, "is like starting a nuclear war. It's easy to do, the results are devastating, and as soon as one country does it, all of the others will retaliate.

ElizaFebruary 6, 2008 10:24 AM

As several people here have pointed out, Iran is not disconnected from the Internet. Users in Iran have been able to connect to the internet without any atypical problem... this rumor has been swirling about for a few days. I manage a Persian-language website with many readers in Iran, so I have both the motivation and the resources to check into this... we've seen no decrease in traffic from within Iran. I've also been able to find no source for this that doesn't trace back to the Internet Traffic Report, which as other has pointed out does not provide enough data to conclusively state anything other than some particular servers in Iran are down.

A NameFebruary 6, 2008 10:32 AM

I blame it on the New World Order. Bush and his minions are setting the final wheels in motion...

TsarinFebruary 6, 2008 10:35 AM

I see people arguing over the phrase "Iran offline". What does the phrase "Iran offline" mean - I expect there may be different interpretations.

First, .ir Internet domains vs. physical geography in that country may not be 1-1.

Second, some might think that the phrase means every single Internet connection in the region/country is not connected to the outside world, others may interpret the phrase to mean just a significant fraction.

To add one data point, taking a traceroute to iran.ir produces a series of IP addresses that go through Turkey, specifically Bursa and Istanbul accoring to te obviously innacurate ip2location.com site.


All the best.

rjschwarzFebruary 6, 2008 10:36 AM

Some decent analysis among the posters. My own guess is that it psyops against Iran. The Iranian people have been less than thrilled with their government lately, if they felt the government cut access to the world it would only turn up the heat.

If this is US action it is designed to promote an internal revolution. Probably not the only thing but one factor.

rjschwarzFebruary 6, 2008 10:38 AM

This also seems like the kind of thing that might happen as a giant radioactive lizard moved around looking for a city to attack. That's probably not it of course, I'm just saying if a few fishing boats start to come up missing...

Jethro BodineFebruary 6, 2008 10:41 AM

Ah confess. Uncle Jed said Ah couldn't use the cee-ment pond fer tryin' out mah new double-nought spy de-vices, 'specially that new underwater sled Ah made from a dozen weed-whackers.

sunshinexFebruary 6, 2008 10:46 AM

What about the TIME the cables were cut? Two were cut with military-like precision, 0800h and 0559h if memory serves. There are reports of them being cut with torches!

Let's suppose it wasn't a human attack. The two theories are anchors and earthquakes/plate movement. Was that the most perfectly timed series of earthquakes ever? Do ships drop anchor timed precisely so they reach sea bottom and snap cables within seconds of the hour?

5 cables, within days of each other, on the hour marks, and we think it could be a natural event or anchor coincidence? Great Occam's razor!

bobFebruary 6, 2008 10:46 AM

If something bad happens...

... once it is bad luck.

... twice it is coincidence.

... three times is enemy action.

thomas lacknerFebruary 6, 2008 10:46 AM

Mr. Schneier, as a respected individual who stands against FUD and the spread of fear mongering, I urge you to revise your original post: Iran is not offline.

Anonymous CowardFebruary 6, 2008 10:48 AM

Okay, here's a thought that could support the "war on terror" theory...

We know that the "enemy" is internet savvy and uses anonomizing tech to obscure their tracks and make themselves harder to find. Cutting the cables reduces the number of paths available for packets to connect the middle east to the rest of the world, thus creating a more linear connection path that is easier to back track. Also, by forcing traffic through fewer and fewer routers, the chances that it will pass through a friendly (aka tapped) router increase dramatically.

By severing all of the west bound data pipes from the Middle East, isn't westbound data then forced eastbound through friendly countries like Japan, Australia and ultimately the US?

Food for conspiracy oriented thought...

sunshinexFebruary 6, 2008 10:51 AM

Forgot to mention - re: tapping the cables. Perhaps they ARE being tapped. I'd go after the routers personally, but.. The cuts may be done as a diversion. As others have mentioned, when tapping (by bending) fibre, there is signal loss which may be noticed. Cutting them in a different location at the same time as tapping them provides an excellent explanation for any post-tapping signal loss. The repair process likely reduces signal strength, and would hide the degradation caused by bending/tapping.

AnonymousFebruary 6, 2008 10:52 AM

There's an easy solution to all of this: shareware trial period for some piece of software in the submarine tapping pods ran out. Or it's 2^32-1 milliseconds since the last maintenance of these things. Some sub is probably scrambling out to reboot...

yurpFebruary 6, 2008 10:55 AM

Could someone please post the "Three times is enemy action" thing again? But this time, get it right and cite Ian Fleming.

I had three people clsoe to me die within weeks of each otehr a few months ago. Enemy action, I have to assume.

Cpt NemoFebruary 6, 2008 10:56 AM

I was told by a reliable source that Cpt Nemo is cutting the lines around the world. In his Nautilus Sub, he plans on cutting all the lines around the world and then sinking all ships he finds. Then he plans to retire in his offshore mansion at 20,000 leagues under the sea.

ChelloveckFebruary 6, 2008 10:58 AM

I don't want to alarm anyone, but I think the giant squid are trying to hack net access for themselves...

UebberFebruary 6, 2008 11:01 AM

I think the issue can be cleared up to a high degree of probability by simple analysis. Let's start with what it is not:

1. US cyber attack against Iran: 5 cables is by far not enough. Iran is going to be back online (maybe with slightly higher latency) within days. With regard to actual US capabilities a real attack would have been much more devastating.

2. Geological phenomena: There haven't been any reports by geologists or other scientists recently about increased activity within the affected areas. So 5 cuts within this short time frame are hardly explainable.

3. Installments of eavesdropping equipment: If you need to cut a cable at all to install your devices you don't do this on 5 cables within such a short time frame. Too much noise.

So what's likely?

1. Think about entities responsible for researching cyber attacks from a viewpoint of national security. Their main endeavors are mapping and monitoring global infrastructure and simulating possible scenarios. As with every simulation (e.g. development of nuclear warheads) you need real world data to make your simulation behave like the real world would do.

These entities do likely own warehouses full of real world netflow data, but only for more or less regular operation of the global network. To be really sure, that their virtual attack scenarios can be trusted, they need real world feedback for their own "interactions" with those networks. Now think about the interesting load of data you can collect when cutting undersea cables: number of nodes immediately offline, congestion on alternative routes, average response times of responsible institutions, measures taken by those institutions, unexpected backlash, general short, mid, and long term effects, on and on... Endless highly interesting parameters.

You don't need to be a conspiracy theorist to see that this would make a LOT of sense.

2. All was plain coincidence. Stuff like this happens. Just remember, every week people win the lottery against all odds.

UebberFebruary 6, 2008 11:03 AM

I think the issue can be cleared up to a high degree of probability by simple analysis. Let's start with what it is not:

1. US cyber attack against Iran: 5 cables is by far not enough. Iran is going to be back online (maybe with slightly higher latency) within days. With regard to actual US capabilities a real attack would have been much more devastating.

2. Geological phenomena: There haven't been any reports by geologists or other scientists recently about increased activity within the affected areas. So 5 cuts within this short time frame are hardly explainable.

3. Installments of eavesdropping equipment: If you need to cut a cable at all to install your devices you don't do this on 5 cables within such a short time frame. Too much noise.

So what's likely?

1. Think about entities responsible for researching cyber attacks from a viewpoint of national security. Their main endeavors are mapping and monitoring global infrastructure and simulating possible scenarios. As with every simulation (e.g. development of nuclear warheads) you need real world data to make your simulation behave like the real world would do.

These entities do likely own warehouses full of real world netflow data, but only for more or less regular operation of the global network. To be really sure, that their virtual attack scenarios can be trusted, they need real world feedback for their own "interactions" with those networks. Now think about the interesting load of data you can collect when cutting undersea cables: number of nodes immediately offline, congestion on alternative routes, average response times of responsible institutions, measures taken by those institutions, unexpected backlash, general short, mid, and long term effects, on and on... Endless highly interesting parameters.

You don't need to be a conspiracy theorist to see that this would make a LOT of sense.

2. All was plain coincidence. Stuff like this happens. Just remember, every week people win the lottery against all odds.

MovadoFebruary 6, 2008 11:06 AM

The issue is that some of the countries affected are allies of the USA and others aren't but we should of seen this happening a while ago and taken measures to fix it!

tuxFebruary 6, 2008 11:09 AM

Folks,

Keep your panties on. War is not coming, at least not any war with Iran. All of these submarine cables lost connectivity the same day they upgraded to Vista. Coincidence? I think not!

Echo4MikeFebruary 6, 2008 11:11 AM

BUT...

Either way, for geeks this is all terribly exciting.
- How are they fixed?
- How were they broken in the first place?
- Are they "cut," "Broken," or just "sick?"
- If they are cut, who investigates, and how?
- And, as a previous poster said "cui bono?"

My bet's on Murphy, because that dude ALWAYS comes through, but this is the most fun news I've seen in a while...

OR IBM - they want to host the Internet on one system these days...

ICFebruary 6, 2008 11:12 AM

It seems plausible to me that Iran is doing this, since the internet is a source of evil and western influence in the middle east.

In any case, it seems too much of a coincidence to be random.

.HighPingDrifter.February 6, 2008 11:14 AM

I bet Iran themselves cut the cables. Those nutjobs tend to view the Internet as the devil's playground, and they just happen to own 3 of the world's quietest submarines, the Russian-built Kilo-class diesel boats...so they find the cables, send out some frogmen/divers and cut the cables...win/win situation for them, because they're cut off from the internet, AND they can blame the USA for it.

.H*P*D.

"When in doubt, I whip it out!"

CarnivoreFebruary 6, 2008 11:18 AM

Step 1. Cut cable in location A.
Step 2. Splice "Carnivore" packet spy into down line at location B.
Step 3. Wait for cable to be fixed in location A
Step 4. Intercept all traffic over cable.
Step 5. ????
Step 6. Profit!

GloFebruary 6, 2008 11:19 AM

Once is excusable.
Twice is coincidence.
Thrice is Hostile Action.

I love my country.
I fear my government.

FearmongerFebruary 6, 2008 11:24 AM

Wow, shame on Bruce for falling victim to the hysteria. I trust a clarification ("Iran is not offline, sorry for overreacting") will be forthcoming.

ChipFebruary 6, 2008 11:24 AM

Never attribute to malice that which you can attribute to incompetence (or coincidence).

Huw BowenFebruary 6, 2008 11:25 AM

Um, does nobody read H.P. Lovecraft any more? It's CLEARLY the work of Deep Ones, in the service of Great Cthulhu.

It couldn't be Nessie, you see, because she is a freshwater beastie.

LaBargeFebruary 6, 2008 11:27 AM

My guess is it's either Israel or some sort of Islamic Fundamentalists.

Israel doesn't seem to be effected by these at all. Coincidence? I think not?

Islamic Fundamentalists could be trying to stop the freedom of information. If you limit these countries from taking part in the international economy (call centers, e-commerce, etc...), then you will limit the number of McDonalds and StarBucks opening up there.

Guillaume CastelFebruary 6, 2008 11:34 AM

Uebber said: "All was plain coincidence. Stuff like this happens. Just remember, every week people win the lottery against all odds."

That argument is a fallacy. The odds for any one individual of winning the lottery are very slim indeed, but the odds of *somebody* winning the lottery are fairly good, given the number of people who take their chances every week.

AlbertFebruary 6, 2008 11:42 AM

Actually, this is the latest leftist obsession.

Voting machines are no fun anymore.

Gotta "move on" to something else!

AnonymousFebruary 6, 2008 11:44 AM

Has anyone checked to see if SKYNET is self-aware yet? Or maybe the Forbin project just went online.

darthbertFebruary 6, 2008 11:45 AM

its not western, its Iran. put this together... a nuclear weapons program, atmospheric launch vehicles (space rockets, ICBM's) launch, then communications are disrupted to the middle east... Iran is gearing up to start (or escalate) a war and is trying to prevent any means of warning reaching outside its borders... my 2 cent conspiracy theory anyway.

JavierFebruary 6, 2008 11:47 AM


I guess:

Each cable have two cuts. One near the coast (reported) and another deeper. While cable operators are fixing the first one (the only one they know) someone is putting a sniffier in between second cut.

darthbertFebruary 6, 2008 11:49 AM

ah, crap! i posted before i saw the cthulu response! THATS what i meant to say! >:)

ZephyrosFebruary 6, 2008 11:56 AM

Just a small note to people arguing that there is no benefit to the West in cutting off Iran prior to attacking it. Though I do not know whether Iran has really lost connectivity or not, I would like to point out that part of what made Israel's relatively recent war on Lebanon unpopular was the ability for people in Lebanon to communicate with people out of country and send messages and images showing the damage done to civilian infrastructure and homes.
It is not difficult to imagine in my opinion any attack on Iran taking the form of a bombing campaign. Bombing campaigns cause collateral damage which a country being attacked wants to present as proof of the other side being "unjust". The internet gives everyone the ability to reach a large audience. In this hypothetical scenario Iranians would send pictures and videos of the damage to and death of civilians in order to argue their own position.

Terry ClothFebruary 6, 2008 12:03 PM

@Peter: There's no way in hell this is accidental

I agree that this /can't/ be a coincidence. Let's try to put some numbers to our gut feelings:

Consider how long we usually go with no, or occasionally one, cable loss. Some time, no? Using that as a baseline, calculate the probability of a cable outage: as a SWAG, take 1/year, say 1/52 = roughly 0.02 per week. (Yes, this assumption is hopelessly naive. See @Cassandra's comments on multiple failures.)

Taking the absolutely simplest instance (discrete values each observation, as in flipping a coin), the odds of this within one week are 0.02**5 ~= 3e-9, or three in a billion.

I'd be delighted if someone would use a better model and a better calculation, but I bet this is within a couple of orders of magnitude of the best answer. Heck, give it three orders of magnitude; you still end up with one chance in 300,000.

Good enough for me: someone's up to something. As to what their point is....?

Terry ClothFebruary 6, 2008 12:11 PM

@Carnivore:

On the cut once, splice twice theory: I don't know about fiber, but with metal conductors you can ``ping'' the end of the cable. That's how they figure where to go to do the repairs. In fact, I bet fiber cables include a few copper conductors for exactly that reason.

Thus, if their pings from both ends give numbers != total length of cable, you'll find someone mucking about at one of the breaks. Unless, of course, the attackers cut in two places, then install the tap between these two cuts, in the disconnected portion, which is invisible until one of the (visible to repair crews) cuts is spliced.

FritzFebruary 6, 2008 12:19 PM

If the U.S. wanted to severe internet access to a country, it doesn't need to touch the cables. Simply knocking down the power grid would be enough...which they did to Iraq almost immediately during the first Gulf War with a series of calculated air strikes. All communications become problematical without power.

I'm more inclined to think either espionage or terrorism.

old guyFebruary 6, 2008 12:23 PM

Sounds like your normal run-of-the-mill cable service to me. I'm surprised there's any uptime at all.

AndyFebruary 6, 2008 12:27 PM

Did you notice how new reports started coming out after the first two? How often are such defects? Almost no-one knows and it's not reported. It reminded me of the anecdote that airplane accidents happen in clusters: once there is one big accident media focuses and reports on front page even minor ones

CassandraFebruary 6, 2008 12:37 PM

@Terry Cloth

Yes, it it called optical time domain reflectometry - doesn't need copper. Do an Internet search on OTDR.

Cassie

AndyFebruary 6, 2008 12:42 PM

From http://abcnews.go.com/Technology/story?...

Undersea cable damage is hardly rare--indeed, more than 50 repair operations were mounted in the Atlantic alone last year, according to marine cable repair company Global Marine Systems. But last week's breaks came at one of the world's bottlenecks, where Net traffic for whole regions is funneled along a single route.

This kind of damage is rarely such a deep concern in the United States and Europe. The Atlantic and Pacific Oceans are crisscrossed so completely with fast fiber networks that a break in one area typically has no significant effect. Net traffic simply uses one of many possible alternate destinations to reach its goal.

So it's bottleneck in Middle East! The increased traffic of recent years causes such a defect to be noticeable.

PeterFebruary 6, 2008 12:47 PM

If the US wanted to severe internet access cutting the cables is a better option than taking out the power grid.

You take out the power grid then you have to rebuild it. Which costs more money than splicing a few undersea cables.

AnonymousFebruary 6, 2008 12:51 PM

Terry: you can ping fiber, too. A good part of the laser pulse will reflect back from the break. But if cuts are supposed to be a cover for installing taps, they'd cut once, wait until the location was pnged and the repair scheduled, then splice into the line elsewhere while it's inactive waiting for the repair.

However, how hard is it to locate cables on the sea bottom? I'd think that you'd usually be looking for each one for days, so taking out 5 (or was it 4 or just 3 that actually affect Iran?) in such a short time would probably involve several submarines in an operation that would be hard to keep secret - but there may be tricks that I haven't heard of. A geological disturbance would be more likely to break multiple cables in the same area in a short time. OTOH, usually geological disturbances show up in other ways, and I haven't heard of anything like that.

hydertechFebruary 6, 2008 12:56 PM

Iran is NOT offline. Ping or traceroute 217.218.174.198 which is a bank located in IRAN. It is not offline.

AnonymousFebruary 6, 2008 1:07 PM

Ding..conspiracy time.
As pointed out earlier, the West has little incentive to cut the cables. My crackpot theory is that agents from Iran are about to unleash a devastating computer virus on the world and the blackout is designed to keep their systems from getting infected.

SavikFebruary 6, 2008 1:13 PM

@Carnivore

"Step 1. Cut cable in location A.
Step 2. Splice "Carnivore" packet spy into down line at location B.
Step 3. Wait for cable to be fixed in location A"

You apparently are not very smart. When a cable is cut how do you think they know where the cut is? Using some sort of OTDM...so if it is cut again they would know it almost right away and could go fix it there too. If the cable was cut in two places, the middle cable could be hacked into then -- but I think if it was cut in two places at one time then the owner of the cable would want to look at the middle segment to see if such shenanigans are indeed going on.

SnickersFebruary 6, 2008 1:25 PM

@hydertech - careful with all of Bruce's readers you might be calling for a DDoS!

Terry ClothFebruary 6, 2008 1:26 PM

OK, actually reading the reports shows the cable problems were spread over two weeks, and one of them may be due to power problems rather than a break. My ``analysis'' now is:

1/26 = 0.038/two weeks
0.038**4 = 2.2e-6 = roughly two in a million.
Using the same 3 orders of magnitude slop factor, it still leaves us with one chance in 500.

Maybe it /is/ coincidence, but you'll need to give me more info before I sign on for that.

Samantha AtkinsFebruary 6, 2008 1:27 PM

Where are the facts? Cables don't just go down for no reason. Why are important conduits going down while we are being told nothing but speculation about why they are going down? What does it take to find exactly where the broken cables are broken and do reasonable forensics? What is being done to insure a much higher degree of dependable network connectivity? It is really troublesome to me that the "global brain" can have these sorts of "strokes" and everyone seems to be just saying "well I'll be darned". Surely we can do better and should demand much better news coverage and explanations of anomalous events.

JSFebruary 6, 2008 1:27 PM

@HPD --

Please don't confuse the Iranian people with Ahmadinejad. The average Iranian that would be capable of or think about something like this also likes the Internet and the ability to access information from overseas.

And as noted, Iran's still online, and not only that, they can still ping us. So if it's an attempt to turn off the lights by either party, the operation was pretty bungled.

So let's all just go back to hacking Counterstrike servers, or whatever it is conspiracy theorists do when there's nothing unusual going on.

emergency blowFebruary 6, 2008 1:28 PM

Thoughts...

1. Submarine recon of cable locations would be done well in advance. Secrecy of such an operation is beyond trivial, it is the rule. If the US wants to know where the cables are, it knows, with great accuracy and precision.


2. cut once/ splic twice: relatively lossless taps could be placed without leaving signficant OTDR signatures; the cut would assure that any signal analysis of the system would be sufficiently muddied to cover the tap emplacement.

3. Any operation that does not violate the laws of physics is simply an engineering problem and can be $olved with the application of money. Lots of money, the amount available to a nation-state like the US, can buy/build LOTS of capability.

4. It is unlikely that 5 (or whatever) taps are being emplaced at once, as even the US would be hard pressed to pull off a stunt like that. This suggests that some breaks are either normal or distractions

4a. However, JIMMY CARTER is NOT the only US sub capable of the kind of operation imagined here.

5. Perhaps the "tap" is not merely a listening station but a man-in-the-middle.

6. Perhaps the purpose of all this is not to tap anything but to shunt traffic to systems that are already tapped.

7. To call this sort of speculation as mere conspiracy theory is to ignore documented US and Soviet Naval history.

Dan Van RiperFebruary 6, 2008 1:28 PM

Assume there's a conspiracy unless proven otherwise.

Seriously. It's a great rule of thumb for our modern world. And I think it applies very well in this particular case.

St. JoanFebruary 6, 2008 1:34 PM

Another conspiracy theory for the brew. A lot of factions in the area are very unhappy about cultural contamination. If they are savvy enough to see the internet as the main conduit and essential to Western valuse and interest expansion then it may be seen as in their interest to sabotage it.

RAKFebruary 6, 2008 2:04 PM

Imminent attack? Not likely, you don't telegraph your move like this. And as mentioned earlier, it would be simpler to hit the communication centers as the first phase of the attack.

Espionage? Not likely the US knows that if you want to get good information you don't let anyone know you did it. Considering the US was able to successfully able to tap Soviet Navy underwater cables, my guess is they could tap these cables without this much interruption. Lastly if you are using the internet to transfer any sensitive data you can't protect, you kinda were asking for it. Remember you should assume any data on the internet is being viewed by others. It's also naive to believe that the US needs data to come through the US to tap it.

emsaidsoFebruary 6, 2008 2:18 PM

"Pentagon: The internet needs to be dealt with as if it were an enemy "weapons system"."
by Brent Jessop
Global Research, February 2, 2008
(http://www.globalresearch.ca/index.php?context=viewArticle&code=JES20080202&articleId=7980)

Pentagon: "The Pentagon's Information Operations Roadmap is blunt about the fact that an internet, with the potential for free speech, is in direct opposition to their goals. The internet needs to be dealt with as if it were an enemy "weapons system"."

AnonymousFebruary 6, 2008 2:19 PM

Interesting time for all this. A perfect storm of why? Good to hide under. Order has no priority.
1. Government, USA, wants to monitor the internet more.
2. Extortion attempts with computers and electrical power. Why not cables?
3. New fact not seen here: USS San Jacinto, in Haifa, Israel, for ''anti-missile' training', however sure has serious advanced *underwater* surveillance systems.
4. Iran issue seems weak, but thrown in here for whatever.
5. Got to be something else, time will tell. Copycat well, we don't have x, so lets do y, for cable cutting, tapping or ?
6. Internet and 404's and filtering has suddenly been the vogue thing in power.
7. Time sure seems ripe for stuff to go down.
8. Time to lay some pipe...fiber, with underwater features for whatever, why not?
9. World is going back to cold war creepy things going on.

Jack C LiptonFebruary 6, 2008 2:49 PM

About conspiracy theories and the like...

Follow the money. If someone-- or even multiple someones-- were behind even *some* of these cuts, who profits the most?

Yeah, yeah, it _could_ be politics... but that'd imply that we'll eventually hear about it 'cuz the people carrying out the real work won't get paid enough to stay silent.

GabrielFebruary 6, 2008 2:57 PM

Ok let's not be paranoid here people, and apply a bit of the critical thinking class everyone took in college. Five Separate locations, with one reporting power problems. A bit of detective work using the following data will lead to the most simple and likely conclusion for geological activity.

Map of affected areas:
http://www.ilovebonnie.net/cablecuts.jpg

Map of undersea cables:
http://image.guardian.co.uk/sys-images/...

Seismic activity report for the past 30 days from the IRIS Consortium:
http://www.iris.edu/seismon/last30.html

Seismic activity report from the USGS NEIC (Shared with IRIS):
http://earthquake.usgs.gov/eqcenter/recenteqsww/

Add a little third party analysis and study from when the first effects were seen:
https://confluence.slac.stanford.edu/display/IEPM/Effects+of+Fibre+Outage+through+Mediterranean
"Bear in mind that the fact the outage did not start until around 6:00am, and re-routing traffic before the end of the day will both dilute the effect. Also the effects were not uniform on all hosts in a country."

Statement denying ship anchor involvements:
http://ukpress.google.com/article/...
"'A marine transport committee investigated the traffic of ships in the area, 12 hours before and after the malfunction, where the cables are located to figure out the possibility of being cut by a passing vessel and found out there were no passing ships at that time,' said the statement. The ministry added that the location, 5 miles from the port of Alexandria, was in a restricted area so ships would not have been allowed there to begin with."

Correlating the affected locations, dates and above analysis dates we can find the following.

For the January 30th time frame cuts, the following seismic activity was in the region on the following dates:
DATE LAT LON MAG DEPTH REGION
31-JAN-2008 00:01:23 39.97 33.27 4.8 10.0 TURKEY
29-JAN-2008 15:16:55 37.63 23.39 4.3 42.0 SOUTHERN GREECE
04-FEB-2008 22:15:41 38.13 21.95 4.9 30.8 GREECE

For the February 1st and (1st) 5th cut, the following seismic activity was in the region on the following dates:
DATE LAT LON MAG DEPTH REGION
02-FEB-2008 05:33:21 26.42 52.96 4.8 10.0 PERSIAN GULF

For the (2nd) February 5th cut, the following seismic activity was in the region on the following dates:
DATE LAT LON MAG DEPTH REGION
04-FEB-2008 08:26:54 -8.83 107.99 4.9 35.0 JAWA, INDONESIA
30-JAN-2008 11:03:20 -9.80 108.06 4.8 10.0 SOUTH OF JAWA, INDONESIA
30-JAN-2008 10:31:59 4.27 96.60 4.5 39.3 NORTHERN SUMATERA, INDONESIA
27-JAN-2008 12:48:00 -8.65 110.69 4.6 35.0 JAWA, INDONESIA
26-JAN-2008 06:08:02 1.08 97.23 4.5 35.0 NORTHERN SUMATERA, INDONESIA
24-JAN-2008 12:03:39 -3.95 101.63 5.3 35.0 SOUTHERN SUMATERA, INDONESIA
23-JAN-2008 19:23:34 -2.89 101.12 5.1 50.0 SOUTHERN SUMATERA, INDONESIA
23-JAN-2008 13:03:21 1.37 97.22 4.8 29.0 NORTHERN SUMATERA, INDONESIA


We can look at this data and conclude the simplest explanations is likely to be undersea damage associated with seismic activity. Rock slides and underwater stresses aren't limited to the specific time frame for an earth quake either. There are aftershocks, dislodged seabed and other hazards that can be triggered prior to and after an Earthquake, so it is safe to assume that when an earthquake occurs it causes problems before and after for the surrounding area and time frames.

It's also well documented that undersea earthquakes can cause land slides, generate tears and subject cable to various temperatures and stresses. This is in fact what happened in 2006 to Taiwan when an under-ocean landslide cut nine cables between Taiwan and the Philippines for 9 weeks.

So what's more plausible here, a conspiracy theory, or seismic activity that coincides very closely with the dates and regions of the affected cuts?

ADifferentTheoryFebruary 6, 2008 3:01 PM

Suppose you're a government with the desire to impress (threaten, intimidate) your neighbors. If you have a submarine, this could be a way. I find it interesting that all of the mid-east cable breaks affect western-leaning oil-producing regimes. I think this would be quite effective in sending a message.

Johhny SprocketFebruary 6, 2008 3:45 PM

I dont quite know if this is correct but something that I have read a little about and its what I fear may be 'in play'.

From my limited understanding of international politics, I have developed this opinion.

The reason the cables are being cut is to isolate Iran and its data communications not for the purpose of war, but for the purpose of saving and securing the US dollar. Iran is stated to be 'opening' their internationational Oil Bourse on Feb 11, 2008. This 'may' have a drastic impact on the US dollar; I believe the primary reason the US dollar is valued as high as it is, is because ALL world wide trade in Oil is done in the US Dollar. Once the new Iranian Oil Bourse (Oil market) goes live they will be trading in Euro. Thus allowing trillions of dollars worth of oil to be 'de-coupled' from the US dollar. I believe this would send the already weak US economy into a collapse like never imagined.

I also cant say for certain, but I believe the last country to try and de-couple their Oil from the US dollar was Iraq.

perpetualFebruary 6, 2008 3:54 PM

Gabriel - nice analysis. However, my biggest question would be that why has there never been any severence before in the long history of seismic activity? And then for 5 cables to go down in the same timespan sounds a little too fishy (no pun).

Everyone else who thinks this is some targeting of/from Iran to prevent internet access - IRAN IS STILL ONLINE!

I am surprised at how little coverage this incident is getting in mainstream press in the UK (e.g. BBC, ITN, Sky) - but then maybe they don't think its a big deal. The papers tomorrow might hold a different story.

b0fhFebruary 6, 2008 3:57 PM

"Once is happenstance, twice is coincidence, three times is enemy action." Auric Goldfinger in the James Bond movie "Goldfinger"

What's four and five times? Wait, isn't the fifth time where Bond was tied to a table with a laser gunning for his groin?

Or is that the wrong movie?

PerpetualFebruary 6, 2008 4:05 PM

It all makes sense now. A fish has chewed through the cables.

James Pond. Licence to gill.

RealMoneyFebruary 6, 2008 4:07 PM

The US Dollar will not collapse because of Iran shifting away from the US Dollar.

AnonymousFebruary 6, 2008 4:07 PM

Hey! We've got agency staff posting. Hello Gabriel! Impressive post. The listed magnitudes normally don't cause any damage, though. There are about 30,000 of them each year, not even affecting mud huts.

TinfoilHatFebruary 6, 2008 4:07 PM

@Nick at February 6, 2008 10:07 AM

qui bono? who benefits?

The people who already have the surveillance taps on the cables that are already left, of course.

By cutting the other cables, you force all the data to flow through the links that are left.

AminorexFebruary 6, 2008 4:15 PM

It is entirely reasonable to say that Iran is offline when the only readily available reliable datapoint has Iran in the red state. That is simply the state of our knowledge. When a more systematic and deeper survey of link states with respectable provenace emerges, then our state of knowledge will be different. Until then, the carping by "fearmonger" and his kin is just troll noise. If they really wanted to shed light rather than heat, they could provide better information.

It's ludicrous to claim the 5 breaks are coincidental and there are only 2 actors who have motive means and opportunity to engage in this: The US and the Israeli governments.

Taps would be powered by thermionic batteries, electrothermal generators, or tidal generators. They would offer both data access (tap and injection) and emergency flow control. They would be accompanied by radio controls and secondary cable data flow links, as well as data storage units for submarine retrieval.

pfsrFebruary 6, 2008 4:16 PM

Question:
What happens when the lines are cut?
Answer:
The data is re-routed through a different route to reach its destination per the way tcpip was designed.

That sure could come in handy if there's several pipes to a country and you have a tap on one or two of them, just break the rest of the connections that you have NOT tapped and now everything is going through the ones you DO have tapped.

The problem with a submarine is that the data it could intercept is pretty much limited to stay within that submarine, but if the traffic were forced to be re-routed through a land based tap, you could access that data remotely from anywhere.

divealexFebruary 6, 2008 4:22 PM

Having dived around Alexandria, a common site is a bunch of locals in a 10m boat throwing a grappling hook over the side over known or suspected wrecks in an attempt to snag some scrap metal and haul it up. Several times we had to abort to alternate dive sites to avoid locals who were tearing up wrecks like this. As for the egyptian military being able to contain a restricted area ... their training makes mcdonalds workers seem well trained.

RealMoneyFebruary 6, 2008 4:31 PM

Aminorex, the US and Israel are not the only 2 actors of cutting cables. Now who is fear mongering?

dezentFebruary 6, 2008 4:49 PM

tekla:~ dezent$ ping 194.225.150.2
PING 194.225.150.2 (194.225.150.2): 56 data bytes
64 bytes from 194.225.150.2: icmp_seq=0 ttl=239 time=568.234 ms
^C
--- 194.225.150.2 ping statistics ---
52 packets transmitted, 51 packets received, 1% packet loss
round-trip min/avg/max/stddev = 562.058/567.581/582.311/2.912 ms


Seems like Iran is still online

Element 5February 6, 2008 4:53 PM

Neither earthquakes or dragging anchors have caused the cutting of 5-9 (depending on your count) buried, undersea cables that are fairly widely disbursed. To assert this is to cling to the notion of a chain of coincidences that increase in mathematical improbibility with each new cut.

It should be obvious that virtually all of these cuts are in cables leading to Muslim countries. It should also be obvious that the U.S. and israel have been attempting to interest the rest of the world in a war against Iran, with no success. The Iranian bourse was to have come online this week, now postponed (by the cuts) till 2/19/08, this while American banks have *negative* 8.7 Billion dollars in their reserves when by law (and up until a few days ago) they are supposed to have +40 billion in reserve (curious how this story isn't in the news, eh?). The American economy isn't on the verge of melting down, it IS melting down and the Iranian bourse will make that obvious to one and all. The Bush administration solution to this problem? Nuke Iran!

The cutting of these cables is meant to limit person to person communication in the Middle East, in the hopes that "official" news about the event will suffice (thus tamping down outrage somewhat). Of course, this is asinine thinking (just what we've come to expect from these people) and not only won't this plan fail to stop the economic slide, it'll accelerate it. The images of the cynical glassing of Iran will get out, one way or another and will turn the U.S. into a pariah state unprecidented in human history. The rest of world's nations will destroy the dollar within days of the attack and the U.S. will find itself without a funtioning currency, a vaporized economy, a FEMA that will be more useless than it was in New Orleans, an oil-based transportation system that will be dry as a bone in less than a week, a military unable to help at home (Russia and China won't let a nuked Iran go without response) and the formerly fat and rich Americans will be dying of waterborne diseases within weeks. Many will try to "head for the hills" and will end up putrifying in rural gridlock, entombed in their now-fuel-less SUV's. All of the "just in time" deliveries of food and basic merchandise will be frozen, not that a dollar (or a hundred thousand of them) would buy anything at that point anyway.

Do the first really sensible thing you've ever done in your life: listen to that fear in your gut. Get your ass to Costco and load up those wholesale carts with a years worth of food for your family. Don't wait until you see everyone else trying to do it (because you're afraid of looking foolish), just do what that inner voice is telling you to do, it's the only thing that is going to give you and your loved ones a chance to survive this rapidly approaching s**tstorm.

Go. NOW, YOU IDIOT!!

ElizaFebruary 6, 2008 5:01 PM

Aminorex: The problem is that the datapoint in question does not provide adequate information to draw the conclusions that have been draw from it (namely that all internet in Iran is down). Several users on this board have provided other data-points (links to sites hosted within Iran that are active), as well as logical critique of the original report methodology, indicating that the report of internet outages in Iran are exaggerated. Pointing out that there is data indicating the message is incorrect and requesting a clarification should not be considered trolling.

Again, the Internet in Iran is not completely down as was stated in this post. Users from inside Iran have been visiting my site normally for the past week, with no noticeable interruption in service.

CulpritFebruary 6, 2008 5:07 PM

Ok, the NSA is on to me, so I might as well come clean here. The reality is that some friends and I were so pissed at AOL for upping the price on our 56k modem connection that we decided to take the Internet into our own hands.

We donned our snorkel gear, dove to about 900m and tried to splice the cables with some RF transmitters.

Unfortunately, a Megamouth Shark ate one friend, an Israeli special ops sniper shot another friend with a spear and one friend ran out of breath after 45 minutes under water. I, the lone survivor, completed the task on the sixth attempt.

Alas, the RF transmitter wasn't strong enough to get the signal back to Arkansas.

Oh well, I guess I'll pay the extra $.75/mo to AOL afterall.

Feeling guilty for denying the Middle East of their porn,

"The Culprit"

RealMoneyFebruary 6, 2008 5:10 PM

element5, stop regurgitating silly claims about the Iranian Bourse and US Dollar. Why exactly would this hurt the dollar?

Furthermore, your statement about "Virtually all" cuts leading to Muslim countries completely ignores the fact that France is supposedly one of the cuts. The US and Israel love Sarko, why would they cut his country off?

Stop being a simplistic US/Israel hater.

My two centsFebruary 6, 2008 5:17 PM

Here is my attempt at a theory to explain this anomally.

Could it be that some group has decided to try and teach a sort of lesson to these somewhat unprogressive countries about the value of western influance?

Over simplistic in a lot of ways I know but im not saying its a good plan.

xd0sFebruary 6, 2008 5:18 PM

@Gabriel

"We can look at this data and conclude the simplest explanations is likely to be undersea damage associated with seismic activity. Rock slides and underwater stresses aren't limited to the specific time frame for an earth quake either. There are aftershocks, dislodged seabed and other hazards that can be triggered prior to and after an Earthquake, so it is safe to assume that when an earthquake occurs it causes problems before and after for the surrounding area and time frames."

So... the NSA controls earthquakes now to stop the economic collapse of the US while shielding friendly Arab states from cultural contamination all thw while blaming Iran or Jihadists thereby continuing the status quo of things?

To quote the Simpsons Comicbook Guy:

"Best Conspiracy Theory.... EVER!"

:)

Ok just kidding, but seriously that is a nice analysis.

knutmFebruary 6, 2008 5:21 PM

I don't believe in any seismic actvivity causing this, they are to widely disbursed, as mentioned upthread.
Still, we don't know yet. It can be much ado about nothing or something sinister.
The fact that so many cables has gone bust at the same time should at least make us aware of the fragility of the undersea network (if not of the net as a total).

There are two things that are not mentioned here: the fact that this simply can be a terrorist action. If indeed terrorists realy exist. And also (more likely in case of a 'conspirational' explanation) the goal of this may not be at all to cut off traffic, but to redirect traffic to other, more convenient routers available for surveillance by the three letter agencies.

Just some days before these events, Dubya expanded the powers of the NSA, giving them new muscle to fight attacks supposedly coming from Chinese hackers:

"President Bush signed a directive this month that expands the intelligence community's role in monitoring Internet traffic to protect against a rising number of attacks on federal agencies' computer systems.

The directive, whose content is classified, authorizes the intelligence agencies, in particular the National Security Agency, to monitor the computer networks of all federal agencies -- including ones they have not previously monitored.

Until now, the government's efforts to protect itself from cyber-attacks -- which run the gamut from hackers to organized crime to foreign governments trying to steal sensitive data -- have been piecemeal. Under the new initiative, a task force headed by the Office of the Director of National Intelligence (ODNI) will coordinate efforts to identify the source of cyber-attacks against government computer systems. As part of that effort, the Department of Homeland Security will work to protect the systems and the Pentagon will devise strategies for counterattacks against the intruders."

http://www.washingtonpost.com/wp-dyn/content/...

1. This can be the NSA diverting traffic into routes more easy to monitor.
2. This can be the rogue CIA's response to the NSA's new rights to monitor them.

Or it can have a perfectly natural explanation, although I think that's not likely with the number of cables cut.
I don't remember hearing about any cables cut during the tsunami in Dec. 2004, caused by a 8.0 Richter earthquake.

SkailFebruary 6, 2008 7:22 PM

@Chris

The squids are taking down "teh intarwebs" cos they don't like Bruce's unauthorized news coverage of their private lives.

SkorjFebruary 6, 2008 7:41 PM

The amount of fear mongering and conspiracy mongering in this discussion is mind boggling.

Are people really this scared of the world? I hope I'm just being trolled and falling for it.

Really, the Cthulhu theory makes the most sense of any of this. No nation would announce their intent to go to war by cutting undersea cables - that's the most ridiculous thing I've heard in a long time. Nations disrupt enemy nations' C3I with bombs and cruise missiles, not with subtle means.

Almost as ridiculous is the idea that we would somehow need to cut a cable in order to attach a tap. Of course we don't! We had effectively unlimited funds to develop a means to secretly attach a cable tap during the cold war. At the very least the research budget available was the cost of several nuclear submarines, and the problem really isn't that hard.

What a load of rubbish.

lokiFebruary 6, 2008 8:37 PM

unless i am mistaken, the cables are not continuous, but in fact are several kilometer lengths with joints, and i imagine one can put these inside an enclosure, disconnect, add some hardware between the joints, and let it go. as for how to tap the information? just send it up the line with it. i am of the opinion that this is actually an operation aimed at installing hidden man-in-the-middle attack nodes for sniffing encrypted traffic between certain known addresses on the network suspected of being involved in organising terrorist activity and also, more than likely, and probably more importantly, from several angles, dissidents and informants, as well as general strategic military communications. because they are all happening so close together the implication is that it's one group organising this activity, and that they probably are damaging the cables to deflect attention from the site of the sniffer installations, presumably closer to the cable landing points than the sniffers.

it is more concealable way of installing mitm attack points than any terrestrial one, the cables carry so much data also, that they are prime targets for intercepting traffic going across the middle east from both sides, via europe, and through asia, which is a major avenue used by certain groups for organising actions. I imagine that would give access to communications from countries like china and north korea and afghanistan, as well as the obvious persian gulf and nearby areas. if any of the cross pacific cables get damaged i'd become very suspicious of who's doing it and what they aim to achieve.

tapping the lines is a precursor to war also, it allows them to have some scope to intercepting communications of the enemy to anticipate their responses. it may not be the usa, it may be israel, it may be a group, but i'd say they are allied to each other. neither side will admit if they suspect it is intelligence related action on their part nor on their enemies.

it can be conveniently explained away as being weather related or caused by faults... according to the statistic given before that only 10% of faults are hardware failure, so far at most one of them is likely a simple fault, and the rest are physical damage. this many all at once along a major route passing through the middle east between europe and asia is definitely suspicious. i think it is likely at least one of the cable failures was to install a hidden man in the middle attack system to tap specific known communication links. i wouldn't say all of them were. some may have been deliberate damage just to diffuse the efforts to determine anything about it on the part of the cable operators.

to say that it is unlikely there was military interest in this somewhere is very naive. and even if no sniffers were installed, it still makes people worry at the sheer amount of these events all happening at once. this in itself is a potent psychological warfare technique. if someone cut the phone line to your house it would make you nervous... or lets say a mobile phone jammer, either or - there is a faint possibility that it is malicious and the fear itself is a powerful tool to control an enemy.

j0hnner_caFebruary 6, 2008 8:48 PM

> This advertising for Cloverfield has gotten out of hand...
Posted by: Dan at February 6, 2008

lol.

This is my favourite schneier.com blog post so far for comments.

Some of these conspiracy theories are really good... but also many contradict eachother. I like the theories that the cuts are being done to reroute the traffic through the US so it can be monitored. And the one about the destabilization of the US dollar is good too. But seriously why would they install taps when they can just cut and have it rerouted through their networks where they can listen easier? Makes much more sense. There are no taps. Also, this happens all the time. I saw a documentary on the Discovery channel in 2006 about these damn things. They are getting damaged through natural occurrences (sharks eating them, sea floor activity) all the time; so much so that there are special boats and teams designed to repair them. And these damn things are costly. It costs a lot to repair them each time they take a hit (imagine the cost of on on-site tap). It strikes me as completely infeasible to install a tap on these things when they can cut and reroute. And besides that there are easier ways to monitor traffic without the cables altogether. And also think of the havoc they are wreaking on these economies just to listen on some communications. Also think of HOW MUCH DATA flows through these things and how much is just useless consumer data. Needle in a haystack eavesdropping - doesn't sound smart. If it's longterm data-mining, there are much cheaper ways.

As a few people have said so far this involves a major bottleneck. That's why it's being felt. Se-Me-We4 is a big cable responsible for a lot of traffic. It goes down and suddenly developing places like the Middle East are fudged because there aren't many tubes in the series for places like that. And also as people have pointed out - the "fifth" happened before the rest. Timeline is important.

And also - why is power failure not attracting attention? Maybe there was an upgrade somewhere and something went wrong so a bunch of cables went down.

But anyway I'm jumping on the bandwagon...

I, for another, welcome our new undersea cable cutting overlords... be they industrialist Atlanteans, raiding Deep Ones, bored dolphins, angry whales, crazy viral marketers, Nessie, GOJJIIRRRAAAA, HAL 9000, SKYNET virus, or (most likely IMHO) frustrated deep sea giant squid who are angry over the disgusting disrespect of their dead with graphic pictures posted on sites like this one.

best post evar.

lotta FUD though.

JoeFebruary 6, 2008 10:00 PM

how about this?

from: http://earthquake.usgs.gov/eqcenter/recenteqsww/...

don't know about the others, or what time the outage occured

Earthquake Details
Magnitude 4.9
Date-Time

* Monday, February 04, 2008 at 22:15:41 UTC
* Tuesday, February 05, 2008 at 12:15:41 AM at epicenter

Time of Earthquake in other Time Zones
Location 38.126°N, 21.950°E
Depth 30.8 km (19.1 miles)
Region GREECE
Distances 20 km (15 miles) ESE of Patras, Greece
125 km (75 miles) N of Kalamata, Greece
155 km (100 miles) W of ATHENS, Greece
170 km (105 miles) SSW of Larisa, Greece
Location Uncertainty horizontal +/- 15.7 km (9.8 miles); depth +/- 6.2 km (3.9 miles)
Parameters Nst= 50, Nph= 50, Dmin=467 km, Rmss=0.72 sec, Gp=133°,
M-type=body magnitude (Mb), Version=6
Source

USGS NEIC (WDCS-D)

Event ID us2008nabl

Magnitude 4.8 - PERSIAN GULF
2008 February 02 05:33:21 UTC

Versión en Español

* Details
* Summary
* Maps
* Scientific & Technical
* Additional Info

Where can I find...?
Earthquake Details
Magnitude 4.8
Date-Time

* Saturday, February 02, 2008 at 05:33:21 UTC
* Saturday, February 02, 2008 at 09:33:21 AM at epicenter

Time of Earthquake in other Time Zones
Location 26.423°N, 52.956°E
Depth 10 km (6.2 miles) set by location program
Region PERSIAN GULF
Distances 190 km (120 miles) NE of DOHA, Qatar
240 km (150 miles) E of MANAMA, Bahrain
260 km (160 miles) NNW of ABU DHABI, United Arab Emirates
265 km (165 miles) WNW of Dubai, United Arab Emirates
Location Uncertainty horizontal +/- 6.7 km (4.2 miles); depth fixed by location program
Parameters Nst= 52, Nph= 52, Dmin=206.4 km, Rmss=0.94 sec, Gp= 94°,
M-type=body magnitude (Mb), Version=R
Source

USGS NEIC (WDCS-D)

Event ID us2008myae

* This event has been reviewed by a seismologist.
*
Did you feel it?
Report shaking and damage at your locatio

InformerTronFebruary 6, 2008 11:27 PM

1) I agree we would not tap all 5 cables, but the logic could easily be stated if you cut multiple cables what is the likelihood of someone checking all 5 for taps? IE We tap one, break 5, they check 2 and think they are all OK.
2) I beleive it is truly the work of Oceaniades, the nymphs of the Ocean. They are from Greek mythology. Clearly the greek gods are returning on their spaceship(all aliens after all), and searching for their pet lizard, nessie.

Jacob AppelbaumFebruary 6, 2008 11:27 PM

If this is deliberate, I suspect that it's a probe.

If I was interested in knocking out access for a country, I'd probe it for uplinks. I'd search for all of the announced AS paths behind each uplink. Once I knew say, the top five fiber drops, cutting a few may fill the rest to capacity. Assuming that one is watching BGP, you'll see some changes. If they have emergency fiber or VSAT uplinks, they're probably going to route over them. This would be a useful method of observing a target. This doesn't mean that it requires a later attack, it could simply be an information gathering exercise...

BusFebruary 6, 2008 11:44 PM

If it was deliberate and it is a probe, there wouldn't be any pattern to it. Too many cables cut in too short of a time to not be deliberate. Someone is testing their theory to see how easy it is to cripple middle eastern communications...just running at reduced capacity during a crisis is a MAJOR problem.

averrosFebruary 6, 2008 11:54 PM

> Averros paints a very interesting scenario, and
> I don't want to say he or she is wrong

I'm "he" and I used to run international backbone networks *and* consult a cable laying company specifically on data security/reliability aspects of their operation.

The undersea wiretapping pods do exist, and their use during cold war is well documented.

AnoukFebruary 7, 2008 12:38 AM

The Iran Oil Bourse was scheduled to open between 1 and 11 February. This Bourse would trade Oil in non $USD, and hence potentially influence the underwriting of $USD as de facto reserve currency by oil instead of gold. Noting what both of these commodities are worth v $USD lately, and the latest budget exacerbating the policies which have diluted the value by oversupplying $USD, further destabilising factors are desirable to avoid.

Iran must have cut their cables to avoid embarrassing the owners of fleets of French and US warships patrolling the area.

unaryFebruary 7, 2008 1:06 AM

wow....paranoia, racism, uninformed and unverified claims. this i did not expect from normally, seemingly, intelligent commentators.

really, makes me sick to the core to read much of this trash.

so long and thanks for all the fish.

emergency blowFebruary 7, 2008 2:11 AM

> Almost as ridiculous is the idea that we would
> somehow need to cut a cable in order to attach a
> tap. Of course we don't! We had effectively
> unlimited funds to develop a means to secretly
> attach a cable tap during the cold war

While that is true, the crucial distinction is that the cables tapped during the cold war were copper and the taps were inductive pickups.

Such technology is utterly useless against fiber.

I would imagine attacking an armored submarine fiber bundle is orders of magnitude more difficult than simply laying a Soviet cable in slot in a cannister. Several orders more difficult and i would ba amazed if it were even possible without indavertently breaking fibers.

Whether or not individual fibers need to be broken to be tapped (they don't) tapping the fibers absolutely requires cutting the cable open.
I would imagine it would be quite difficult to tease enough clearance between individual fibers to do anything useful without clearing away a significant amount of armor...yaddayadda breakage risk. bottom line, cutting a cable makes sense to me based simply on the mechanical requirements of tapping a fiber.

That said, four or five seems to be an awful lot of cables.

Someone suggested that the cablecos might not bother to check for taps ... not a credible position to take if you're planning an op. I would expect a clever concement plan and thought of a few this evening.

k2rFebruary 7, 2008 2:24 AM

@RealMoney
> element5, stop regurgitating silly claims about the Iranian Bourse
> and US Dollar. Why exactly would this hurt the dollar?
Simplyfied version:
Countrys are sitting on huge piles of $$ because they need it to buy oil/gas. They are loosing trust in US fiscal policy.
If they started buy oil/gas in €€ instead, what would they do with the $$?

MikeFebruary 7, 2008 2:58 AM

This is one of the most idiot threads I've seen for the comments of posts on Bruce's blog.

Any OneFebruary 7, 2008 3:33 AM

I haven't read everyone's post but has anyone suspected Israel is behind this? Mossad/CIA are well capable of executing this type of operation, with perhaps the benefit of routing traffic through a well sniffed satellite network. Of course, maybe its just pure coincidence ;)

sortkattFebruary 7, 2008 4:25 AM

Thanks for making the (im)possibility of tapping optical fibres a bit clearer. As I've understood your comments, tapping undersea cables would be extremely expensive and difficult, but theoretically possible.


As for all the fun conspiracy theories:

If there were a huge evil conspiracy getting ready to invade the middle east and stealing all their data, it would be a smal thing for them to get on this thread and try to calm us all down by telling us how silly the conspiracy theories were. Thus, everyone who claims this is "nothing to be afraid of", "fear mongering", "conspiracy nut-foolishness and such are automatically suspect.

But that's the fun part of conspiracy theories, isn't it? If someone tries to disprove them, they must be part of the conspiracy, and thus their arguments can be ignored.

I for one, choose to believe that some unknown entity are doing something unknown to these cables for unknown (but nefarious) purposes. But probably not tapping.

NisseFebruary 7, 2008 6:47 AM

What first hit me was that there may be some intelligence organization cutting the cables to install taps?

Does anyone have any comment on this?

AnonymousFebruary 7, 2008 7:25 AM

I have a friend in the navy and he just informed me that he is up to go to fiber optic cable repairing school, and he just spent a month in Dubai. Coincidence? Why would the Navy be interested in cables? (that is a retorical question)

AnonymouserFebruary 7, 2008 7:59 AM

Well, as far as I can tell, Iran is effectively isolated as of now, since their land lines go through Turkey. I'd say those are going to be cut last, either as the effect of another "freak earthquake" - Turkey is well known for quakes - or openly, depending on how plucky the Turkish gov't feels on the day. However the chips may fall, though, the cables *will* be cut if the US says so, because Turkey needs continuing support for their military operations in Kurdistan.

Johnny MnemonicFebruary 7, 2008 8:36 AM

"I haven't read everyone's post but has anyone suspected Israel is behind this?"

That's more like it. It's not a proper conspiracy theory unless it's got Jews in it. Now, let's move on... why would the 666 rabbis who control the world want to cut off Qatar's porn supply? I know! It's to make the angry young men in the Moslem world even more frustrated so they er... umm... no, wait a minute, it's to put false versions on the Koran on western web sites before anyone in the Middle East notices... blah blah... giant extraterrestrial lizards... JFK...

PaDumBumPshFebruary 7, 2008 9:26 AM

Maybe somebody ordered Comcast and the cable guy is trying to find the hookup point.

Nicholas JordanFebruary 7, 2008 9:43 AM

It is noted for the reader that the casual intruder will examine only the first and last few bytes of a keystring when browsing for casual reasons.

This nexus is appealing.

First, we have a trained and experienced security op hosting the site. ( this discussion group ) Second, we have a low probabilty event ( time-clustering of failures ) in a tension-driven decade that has already recorded enough "never happend before" catastrophics of unprecedented magnitude that scoping the failure-series pegs somewhere from same-stuff/different-day down to lost in the wall street tera-byte traffic.

Okay, for what it is worth - I will pick the speculative theory over the KISS theory just because it is in my nature to do 'instincts' approach if basis can be found. I revert to common sense and mundane approaches if entertaining solutions such as "Satellite owners elminate competition." are not available. To that end, we are in a decade of this type of tangible, reality based catastrophic event, starting around the time of the nine tailed one one's ( that's just to avoid attracting some well-known internet filters, please do not edit out ~ the readers can figure it out ) The simple analysis is that only America, which derives from a latin base of 'friendly', has the resources to simultaneously cut these cables. Thus, we would have to assume that sat-global's have also been cut. Those channels would be controlled by "investments", which could be grouped loosely by Nation, Culture, Belief, Industry and Alliance. If someone with the tools and skills to do a statistical ping flood over such channels could show a drop in responsiveness, then that speculation could be moved into the theorization.

Whether such an act is friendly or not, I leave as a waste of time for the reader.

A second and more plausible speculation if the above is baseless would be that extemists have acted in concert, this is the most alarmist add-up of the cluster-failure: Such groups are known to be ineffective at reasonable discourse leading to peaceful operation of insubordinate species. Such groups also have shown an innate knack for controlled boid-like flocking that did not exist before the internet. Thus, the cutting of the wires - with or without satcom correlation - is a self-destructive act with the potential to block further socieatal opening with their own idea of opening. Beliefs are remarkable for their unprovability and such an entrail of thought with tangible is a world proven marketing concept for propogation on information and belief, though generally enforcement by writ is applicable to United States law only.

The third analysis, though more speculative than the above two is that world-wide global domination of all thought and traffic by 'user-is-a-twit' forces is at work busily cutting off all communication channels. This is my preferred speculation. Yesterday I got a piece of paper mail from an established belief system that I have been away from for over a decade. They used my legal name. The only sane explaination led me this morning to open the googler and expect to find something just such as this cluster-failure. Such a global dominion has Neutron Drag Retarders in Lightwave Tunnel capability and can and up two and two with BB84 Type Schema at near-RealTime rates. ( here using the term real time as physical reality ) The clearly elucidated goal of U.I.T. - ( User Is a Twit ) is S.A.N.A ( Snowflakes Are Never Alike / Sanity Attacked Now and Always ) to reduce us all to Glass Eyed Morons.

To this end, I caution all readers that popular commercially available operating systems are noteworthy for their weak kernel routines that expose complete system hangs to just about every commercial site that has any sort of monetary motivation. If you find this an injustice as I do, note that I have already figured out that most any School of Business would find this approach commendable.

This morning, I will be reading "Java Cryptography Extensions" ( Morgan-Kaufman ). I suggest you do also.

Miles BaskaFebruary 7, 2008 10:31 AM

Read this report:
Connecting The Many Undersea Cut Cable Dots
http://www.cyberspaceorbit.com/...

Eight cable cuts, video shows now ships or storms. Evidence screams sabotage.

BUT. The report is by a Richard Sauder. Is it _this_ Richard Sauder?
"Richard Sauder is a popular researcher who frequently appears on national radio shows like Coast to Coast, Dreamland and Sightings. He lives in Austin, Texas."

Jim LippardFebruary 7, 2008 12:04 PM

perpetual: "Gabriel - nice analysis. However, my biggest question would be that why has there never been any severence before in the long history of seismic activity? And then for 5 cables to go down in the same timespan sounds a little too fishy (no pun)."

In December 2006 there were *nine* cable breaks between Taiwan and Japan as a result of earthquakes.

FredWFebruary 7, 2008 12:07 PM

Two ideas:

1. It's a same-software-in-common bug, like the timer running out as somebody said. The cables may be fine, in fact. The terminals or the repeaters may need to be rebooted have their clocks set. Remember the problems with clock drift in Patriot batteries in the First Gulf War?

2. It's the paranoids. They're all in it together and they're out to get the rest of us!

onlyIknowFebruary 7, 2008 12:09 PM

I wish someone would cut cables from China and Russia. That way we could avoid (or lesson) spam, spyware, trojans, phising, and a slew of other nasties that those two countries partake in.

Jim LippardFebruary 7, 2008 12:09 PM

Sauder's list is double-counting. His #1, #6, and #7 are misidentifications of the others. He also misses that there are two reported faults on the Kuwait-Iran segment of FLAG FALCON (segment 7a and 7b).

I count one fault on VSNL's SeaMeWe-4, one on Qtel's Qatar-UAE cable, and five on FLAG cables.

RAKFebruary 7, 2008 1:21 PM

Fibre isn't immune to tapping without cutting the line. There are alot of amplifier repeaters on each of these lines. I am fairly confident that most advanced nations could come up with something like a custom logic probe that you would attach to the repeater.

MikeFebruary 7, 2008 1:52 PM

I think its a bunch of sharks (or sea bass) with fricking laser beams on their heads.

BMurrayFebruary 7, 2008 2:31 PM

The real question, of course, is "what idiot went and invented an undersea backhoe"?

SavikFebruary 7, 2008 4:04 PM

Everybody is overlooking the most obvious cause:

Drunken Divers out to have a few laughs...it happens all the time.

emergency blowFebruary 7, 2008 7:34 PM

rak: While i agree that repeaters present a good vulnerability, I tend to doubt they could be undetectably compromised unless one first halted traffic through them. I think any technique that didn't interrupt traffic flow would be fairly easy to detect either by an ROV inspection or by pulling the repeater up from the seafloor and taking a look inside.

I.e, to conceal tampering with a repeater would require replacing components in the repeater with apparently-identical parts.

(Unless i missed it) I don't think i saw this...
Related to the idea that traffic has been shunted to other systems, now all of the cables broken in this putative op should be considered compromised. This is sort of the same as shunting traffic, but more longitudinal in scope.

RogerFebruary 8, 2008 1:52 AM

The pro-conspiracy posters have, by-and-large, been so eager to post their theories that they obviously haven't read what has been posted before. Thus, this will probably be a waste of time. But one has to try. Here goes:

1. There is nothing exceptional about this "event". Cable "cuts" occur once every 3 days on average (not once a year, as a previous poster *speculated*) and clusters of several over a short period are not particularly rare, because they often have a common cause (storms, or seismic activity.)

2. It does not take a particularly powerful earthquake to "cut" a cable. In fact most "cuts" are actually just leaks in the insulation caused by vibration against a jagged piece of rock.

3. Of the "five cuts", only two were significant events that severely reduced Internet traffic in some countries. Two caused only minor losses and one affected only one small island. The country that was worst affected was not Iran, but India. No countries were taken completely off the air.

4. Of these "five cuts", three had innocent causes that were ALREADY KNOWN at the time the panic started. People just couldn't be arsed to check when there was a good panic in the offing! The two most serious cuts were caused by ships -- known ships -- dragging their anchors in a storm (the *same* storm, which is why they were close together in time.) The "cut" to the island was actually a power failure on its land station; it was a cut only in industry jargon, and easily repaired.

5. Since then, one of the remaining mystery "cuts" has already been confirmed as anchor damage by the repair crew.

6. The cuts did NOT all occur exactly on the hour. That rumour is sheer bull, possibly started because some net monitors only report rounded-off data.

7. Quoting a *novel* to "prove" theories about the real world, is verging on madness. But for the record, Fleming's aphorism makes sense statistically given two pre-conditions:
a. The events must be independent unless coordinated by an intelligent being; and
b. The probability per unit time is so low that multiple instances in a short period should be rare.
Neither condition holds in this case: cable cuts occur every 3 days on average, and far from being independent they do tend to cluster together in time.

PeteyFebruary 8, 2008 3:14 AM

Roger:
1. Citation desperately needed.

2. Citation needed (the "well, there was an earthquake a few days before" theory is neat, but how about a mechanism whereby an earthquake causes damages several days after it ends?)

3. Red herring. You do not need to "take countries off the air" to impact them.

4. Citation needed. There are as many articles out there saying "it was ships dragging their anchors in a storm" as ones saying "authorities confirm there were no ships in the area."

5. Citation needed.

6. Who brought this up and why would it be relevant?

7. Fleming's quote doesn't have to make sense statistically. The character who spoke it was Up To No Good, and knew his adversaries were gunning for him; ergo, any "coincidences" took on special significance. Likewise, the protests of "It's just an earthquake!" only take priority when there is no conceivable reason for anyone to go after the cables for some nefarious purpose.

Security geeks are just really good at coming up with "nefarious purposes," which is itself the only necessary reason to be skeptical of the conspiracy theories. I call it "explain away the panic by explaining human nature" vs. "explain the cuts by citing nature." Or, simply put, "Consider your audience."

That said, you are all of you wrong: I have it on the highest authority that the culprit is a school of sharks with frickin' laser beams attached to their heads.

fz5pxsFebruary 8, 2008 9:15 AM

With all of the new information coming out about these cable cuts, I'm relieved that the causes appear to be fairly ordinary and frequent.

That being said, I make no apology about considering possible conspiracies either. With all of the false statements made by Bush & Co., first with Iraq, and now with Iran, I think I have good reason to be wary and skeptical, maybe a bit jumpy. Call me a tin-foil hatter if you wish, I don't care.

For anyone who poo-poos conspiracy theories "in toto", let me point out that the White House and Pentagon have done the same thing regarding other "regular incidents" occuring in the Gulf region.

Anyone remember this one from a few weeks back?

http://ipsnews.net/news.asp?idnews=40801

Here's an excerpt:
----------------------------
"As an official at 5th Fleet headquarters in Bahrain told IPS, it is common knowledge among officers there that hecklers -- often referred to as "Filipino Monkey" -- frequently intervene on the VHF ship-to-ship channel to make threats or rude comments."

"One of the popular threats made by such hecklers, according to British journalist Lewis Page, who had transited the Strait with the Royal Navy is, "Look out, I am going to hit [collide with] you."

"The decision to treat the Jan. 6 incident as evidence of an Iranian threat reveals a chasm between the interests of political officials in Washington and Navy officials in the Gulf. Asked whether the Navy's reporting of the episode was distorted by Pentagon officials, Cmdr Robertson of 5th Fleet Public Affairs would not comment directly. But she said, "There is a different perspective over there."
----------------------------

Best regards

xd0sFebruary 8, 2008 12:20 PM

I wish I remebered to take down the source of this statement, but I didn't or can't find it. However...

"One of the reasons I dislike the Bush Administration, is becuase they consistently make me feel like a tinfoil hat, conspiracy theorist."

RogerFebruary 8, 2008 3:05 PM

@Petey:

All of the items for which you request citations (1, 2, 4 & 5), have already been given previously in this thread -- several of them more than once. As I stated in my first line, I was just re-iterating them in the vague hope people would notice, and stop repeating the same disinformation.

Point 3 is not irrelevant; people (in this thread, repeatedly) are using the "coincidence" of 5 cuts to prove that this must be a malicious plan at work. But only two of these cuts were major events that might conceivably have some impact in a great conspiracy. The other three were very minor events that have only made the news because people are now looking for patterns in the clouds.

Point 6 was brought up by poster "sunshinex" as "proof" that the cuts must have been artificial.

As for point 7, I understand what you are saying, but my point stands. The "coincidence" events must still have certain properties to be relevant, the circumstances only affect the thresholds of probability at which you pay attention. If you see a black Peugeot E7 three times in one day in LA, you're entitled to wonder what's going on, whether you have deadly enemies or not. If you see the same thing in London, it's meaningless even if someone is gunning for you.

SkorjFebruary 8, 2008 5:04 PM

Here's how you undetectably tap a fiber-optic cable: you bend it. Yup. Bend.

The trickey bit is doing this underwater, which is why you use nuclear submarines.

Does *anyone* honestly think that undetectably tapping a cable is a hard problem for a nation with billions to spend? There is off-the-shelf equipment available to tap fiber networks undetectably, no need to cut a cable or fake an outage.

warhorseFebruary 9, 2008 6:20 PM

I seriously want to thank everyone for their tinfoil hate conspiracies...
no, really
Working nights, I peruse the net looking for entertaining threads..
this one ranks 99/100


On a more serious note, the internet outage only lasted a few hours and only affected the connectivity to EU and US websites. I hate to say it but being the Internet... The US Doesn't have the end-all Beat all websites. So I couldn't talk to the wife for a few hours on MSN Messenger.....

and for everyone screaming that there is no coincidence.. last August I was home on leave... Wife and I were at the Casino, she hit a Jackpot on a slot machine. I told her to move to another machine after she was paid... because everyone knows lightning doesn't strike the same place twice, right? I'll be damned if on her next pull on that very same machine... she hit it again...
The Casino had to check their videos before they paid her the second time.
So much for "The Odds"

As far as the conspiracies go... I am honestly surprised that no one has mentioned space aliens yet ;)

averrosFebruary 9, 2008 11:42 PM

@Skorj: "Here's how you undetectably tap a fiber-optic cable: you bend it. Yup. Bend."

Sure thing... first of all, you cannot easily bend the underwater cable. It is armored. Secondly, the fibers are buried behind several layers, including the power conductor layer which has some few kilovolts on it when the cable is live.

Winston SmithFebruary 12, 2008 9:50 PM

With all the recent outages, and then today I see BlackBerry was totally out... It can make one question why so many outages are happening.

Why now?
Dots to connect?
Or does this all deserve to go down the memory hole?

2/12/2008 "RIM says system upgrade snafu led to BlackBerry e-mail outage"
http://tinyurl.com/2wnyyw

2/11/2008 "The FBI Deputizes Business... The members of this rapidly growing group, called InfraGard, receive secret warnings of terrorist threats before the public does—and, at least on one occasion, before elected officials. In return, they provide information to the government, which alarms the ACLU. But there may be more to it than that. One business executive, who showed me his InfraGard card, told me they have permission to “shoot to kill��? in the event of martial law."
http://www.progressive.org/mag_rothschild0308

1/29/2008 "Bush Urges Congress to Grant Immunity to Major Telecom Corporations & Permanently OK Warrantless Domestic Surveillance"
http://tinyurl.com/2pzdxh

1/26/2008 "Bush Order Expands Network Monitoring"
http://tinyurl.com/2gd4yf

Winston SmithFebruary 12, 2008 11:16 PM

As I wrote the last post, this news just came through:

2/13/2008 "Senate Votes for Expansion of Spy Powers... WASHINGTON — After more than a year of wrangling, the Senate handed the White House a major victory on Tuesday by voting to broaden the government’s spy powers and to give legal protection to phone companies that cooperated in President Bush’s program of eavesdropping without warrants."
http://tinyurl.com/2mvo39

Democracy grows dimmer by the day...

If only Obama stumped for the EFF and energized action, "we are the ones we've been waiting for"-- help stop this now!
http://tinyurl.com/327jyr

Scott "SFITCS" FergusonJune 30, 2013 10:48 PM

@Giacomo

Well, it's an awful coincidence that the long-postponed launch of the (euro-denominated) Iranian Oil Bourse was due this week.

Bingo! PRISM won't stop the Bourse, and once trading in EU's start other countries will follow leading to a major run on the $US. Cutting the cables solves that.

The last time a country tried to trade oil for anything other then US dollars - they were invaded (Iraq). Defending the US dollar is defending the US.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..