Skip to navigation
Latest News

How spies could tap fibre cables

Spying

By Shona Ghosh

Posted on 27 Jun 2013 at 10:46

GCHQ has been accused of installing probes on hundreds of fibre cables running through the UK, scouring communications data to try and foil terrorist plots.

As most of those cables run under the sea, it's difficult but not impossible to tap them, experts have revealed.

Fibre cables carry most of the world’s internet traffic, beaming emails, Facebook messages and tweets around the world at high speeds. According to telecoms consultancy TeleGeography, the UK is the biggest European hub for transatlantic cables relaying data to and from the US, with the country's beaches acting as coastal landing points.

Without interrupting transfer flow, you can read everything going on on an optical network

Bude, Cornwall, is a landing point for seven cables alone, including Apollo, which runs across the Atlantic to New York. That means London receives data a fraction faster than other cities, giving it an advantage in trading, where swiftly relaying information is crucial.

It’s easy tapping fibre

Networking engineers have warned for years that such fibre cables aren’t secure against tapping.

Other infrastructure is also at risk. "They don’t have to tap into them undersea – the best place into cables is at any repeater station," said director at security consultants EM Services, Bernard Everett. "Those are junction boxes where cables would be spliced and these splicing elements are the best place to tap into an optical cable."

The scale of GCHQ’s alleged fibre snooping – more than 200 cables, according to The Guardian – would be "quite an undertaking", but achievable with the right tools, some of which a savvy user can buy cheaply online, said Everett.

One method is to bend the cable and extract enough light to sniff out the data. "You can get these little cylindrical devices off eBay for about $1,000. You run the cable around the cylinder, causing a slight bend in cable. It will emit a certain amount of light, one or two decibels. That goes into the receiver and all that data is stolen in one or two decibels of light. Without interrupting transfer flow, you can read everything going on on an optical network," said Everett.

The loss is so small, said Everett, that anyone who notices it might attribute it to a loose connection somewhere along the line. "They wouldn't even register someone’s tapping into their network," he added.

Reading that data isn't completely straightforward, since communications aren’t transmitted in a single wavelength.

Many cable operators have wavelength division multiplexers in place to boost capacity, meaning data transmits not just in white light, but different colours in the spectrum. Tapping the cable means using a spectrum analyser to make sense of the data – but Everett says that’s only a small barrier. "It’s not trivial, but it’s possible," he said.

Getting operators on board

A more reliable, permanent method to tap communications would be to persuade the cable owner to give access - which happened with AT&T in the US - and then install splicing elements, including an extra wire that goes into monitoring equipment.

"Tapping into the internet is easiest if you have access to the Tier 1 providers' equipment. It is a relatively simple matter to install a hardware packet capture 'box' and feed its output to some network-attached storage somewhere," said Razvan Stoica, a spokesman at Bitdefender.

There's been no suggestion as to which method GCHQ may have used, but The Guardian claimed the agency may have forced providers to co-operate. Publicly, the agency and ministers, have insisted GCHQ’s methods are legal though it won’t admit to cable tapping.

Legal questions

Privacy advocates have called on the government to clarify what methods GCHQ may be using to spy on domestic and international communications, how long it stores that data for, and what its legal basis is.

Legal experts suggest that GCHQ may have manipulated the law, specifically the Regulation of Investigatory Powers Act (RIPA), to allow it to harvest huge amounts of data far beyond what was originally conceived.

James Howarth, a senior associate at Manches LLP, told PC Pro that current legislation around obtaining data through communications is "anachronistic".

"The difficulty arises from the original purpose of the statute, which was intended to provide for interception by wire-tapping, rather than by data-harvesting of electronic documents," he said. "Interception of data on such a large scale as the instant case was a possibility which was simply not envisaged under the provisions of the Act."

It’s thought the government is relying on a particular clause within RIPA that allows the foreign secretary to sign off for the interception of broad types of communications material, as long as one of the parties is abroad. But Howarth said this was "inappropriate" when it came to this level of harvesting.

"This is an area which would benefit from further legislation," he said. "A possible way forward would be to amend RIPA to limit it to certain low tech purposes, for example wire tapping, and draft a new statute which provides objective criteria for the capture and analysis of electronic information."

Subscribe to PC Pro magazine. We'll give you 3 issues for £1 plus a free gift - click here
User comments

It sounds easy to tap the cable but how do they decrypt the data? All my sessions with Google etc use HTTPS. Has it been cracked?

By llcoolj40 on 27 Jun 2013

It sounds easy to tap the cable but how do they decrypt the data? All my sessions with Google etc use HTTPS. Has it been cracked?

By llcoolj40 on 27 Jun 2013

@llcoolj40

I don’t think they cracked encryption. Although data itself is encrypted, metadata is not. I think it’s the metadata they are after. It wouldn't be feasible to save massive amount of traffic flowing over these optical cables anyway.

By aa111 on 27 Jun 2013

but my entire session to GMail is encrypted so all they can see is that my browser has a session to GMail. They need to decrypt it to see who I am sending an email to.

By llcoolj40 on 27 Jun 2013

It sounds easy to tap the cable but how do they decrypt the data? All my sessions with Google etc use HTTPS. Has it been cracked?

By llcoolj40 on 27 Jun 2013

It sounds easy to tap the cable but how do they decrypt the data? All my sessions with Google etc use HTTPS. Has it been cracked?

By llcoolj40 on 27 Jun 2013

If he's an expert I'm a

It would benefit a reputable blog if the alleged expert had a modicum of Experiance in the layout of sub sea cable systems, rather than a theoretical lab based Experiance. When have decibels been the SI for fibre systems. One of the worst experts I've had the misfortune to read on this matter.....

By XYzeeeee on 28 Jun 2013

Decibels

Using the unit of decibels does sound odd to the layman (me included) but apparently true. This from Wikipedia:

The decibel is used for a wide variety of measurements in science and engineering, most prominently in acoustics, electronics, and control theory. In electronics, the gains of amplifiers, attenuation of signals, and signal-to-noise ratios are often expressed in decibels.

Decibels in this case referred to the attenuation of signals.

By Binder on 28 Jun 2013

Spies

PCPro, I now have TEN linked advertising / tracking sites blocked on your pages. This is more than double the number linked to the next worst offender, some use one or two, many none at all.

If NoScript doesn't block them, Ghostery will, followed by Adblock Plus. Maybe you rely on the advertising income, but I feel that the covert tracking element of advertising, on the PC at least, is coming to an end. I'm sure it won't be long before we see a modded Android release that will end it there too. So please, clean up your pages and rid us of much, if not all of these trackers.

By Binder on 28 Jun 2013

Leave a comment

You need to Login or Register to comment.

(optional)

advertisement

Most Commented News Stories
Latest Blog Posts Subscribe to our RSS Feeds
Latest ReviewsSubscribe to our RSS Feeds
Latest Real World Computing

advertisement

Sponsored Links
 
SEARCH
Loading
WEB ID
SIGN UP

Your email:

Your password:

remember me

advertisement


Hitwise Top 10 Website 2010
 
 

PCPro-Computing in the Real World Printed from www.pcpro.co.uk

Register to receive our regular email newsletter at http://www.pcpro.co.uk/registration.

The newsletter contains links to our latest PC news, product reviews, features and how-to guides, plus special offers and competitions.