- Backhoes. Most datacenters are connected to the Internet by just one or two fiber-optic connections. The most common cause of an Internet outage in a datacenter is a backhoe cutting through one or both of these connections. Often the failover to the backup connection is inadequately tested, and cutting one cable results in an outage. Also, all too commonly both connections run in the same underground route, and a single backhoe swipe can sever them both.
- Undersea or buried backhaul connections. That's what this article is all about, focusing on undersea cables. Buried cables on land are, if anything, even more vulnerable – there are hundreds of miles of them running along Interstate highways and railroad right-of-ways that have nobody guarding them. A bad actor with a backhoe could sever one in minutes. A single cable cut wouldn't severely impact the Internet – but cut several carefully chosen cables at once and you could. This sort of attack is within the capability of any but the most feeble American adversaries, and requires minimal cleverness. Detailed information like this is readily available to anyone.
- NAPs and MAEs. Network Access Points and Metropolitan Area Exchanges are a largely American phenomenon. These are the places where major customers connect to the Internet, and where various Internet carriers interconnect with each other. There are a relatively small number of these, and while they have some security they are not secure against a determined military attack – and certainly not against an artillery or rocket attack. If you were a well-funded adversary to America, and you wanted to maximize your impact on American commerce and communications ... these would be obvious targets.
Tuesday, December 12, 2017
Internet vulnerabilities... Over my career I've been responsible for running several Internet-facing datacenters. These all ran businesses that were utterly dependent on the Internet, so we paid a lot of attention to failure modes – ways that things could go wrong that would result in a business interruption. We eventually waded through enough data on actual failures that we could identify three primary concerns. Together these accounted for all but a tiny percentage of outages actually experienced by real datacenters. In order, these were (ten years ago; things may have changed):