If this sort of stuff interets you, I highly recommend the book "Blind Man's Bluff: The Untold Story of American Submarine Espionage". [0] It tells the story of Cold War espionage from the submarine warfare point of view. The book also covers "Operation Ivy Bells" which was a joint Navy/CIA/NSA mission whose objective was to place wire taps on Soviet underwater communication lines during the Cold War. [1] Sub placed a listening and recording devices over Soviet cables and was able to capture their communications. The device was fairly large as can be seen from this picture [2]. I'm sure they're smaller now.
I'm betting not. Ivy Bells was back in the days of copper wires being tapped by external sensors placed atop undersea cables. Today's undersea cables are optical. You'd need to splice in, or at least open up a cable to get at the individual fibers to install similar taps. I cannot see how that would be done in the pressurized world of submarines. Normal procedure for such work involves hauling the cable to a surface ship where it can be picked apart by hand. A sub would have to somehow pull the cable inside its pressure hull, a very dangerous task. Any sub equipped for such an operation would surely be noticed (massive doors, reconfigured interior spaces, special station-keeping thrusters etc).
Maybe they do it in very shallow water, but then you would still need a dry environment. You would have to deal with the current passing through the cable, somehow without detection or cooperation from the cable's operators. There are just too many difficulties to make splicing-by-submarine practical.
Wikipedia even references to multiple sources: "Intelligence experts speculate that the MMP may find use in similar missions as an underwater splicing chamber for Optical fiber cables.[7][8][9][10]"
No doubt people have discussed the concept. If I were a navy looking for funding, or just another use for an existing sub, I would definitely propose it. But I don't see the practicality of going through all that effort for rather limited gain. If this is an enemy cable, it will be encrypted. If it is a privately-owned cable (internet) then it can more easily be tapped on land or via a standard ship. I suspect that even an enemy cable, if it is in public waters, could be spliced far more effectively by a surface ship.
Once the tap is in place, how do you get the information from the tap back to HQ? The sub won't have the manpower and computers needed to gain meaningful intel from such a cable. Getting the data back to shore would require either another cable or an in situ recording device a la ivy bells. Recording devices would both delay any data by weeks/months and limit the ability to insert data, an essential task when attacking encrypted connections.
>Today's undersea cables are optical. You'd need to splice in, or at least open up a cable to get at the individual fibers to install similar taps. I cannot see how that would be done in the pressurized world of submarines.
That's an excellent point but I think they have a way to lift the cable off the seabed and make a splice even though it's hard. NSA are masters of making the impossible work.
What I can't figure out is how they collect the data. These optical cables carry tens of terabits of data per second so how do you store & transmit it back for analysis? I'm guessing they filter some of it but you still end up with lots of bits.
Do you think they lay another cable from the tap to some collection point or do they use radio waves? Or maybe they just record the data and then just collect it by a surface ship or a sub every month...
They do a splitter in datacenters to the NSA so I presume that is similar many fiber optic wires. From what I understand is that the submarine has to stay there to collect the data. So I presume they split it and have a cable they connect to it that routes it right to the sub. However I think Hawaii is a big NSA station because a lot of those international lines right through near there. I wonder if they could split the stream and run a whole cable back to Hawaii with it.
Radios don't work so well underwater. This is why subs have various radio masts that poke above the surface. They stay just below the water with the antennas dry for the most part.
It's be much easier to mess with routing (in secret or not) and capture data at another point.
> so how do you store & transmit it back for analysis?
complete guess, but probably just chop it and quickly install another "repeater" that does everything the existing repeaters do, in addition to copying the information into their own system.
Now, how do they filter out and find what they're looking for ? who knows. probably run a secondary fiber line to an underwater "server room" and/or to a buoy with an antenna for remote control ?
Avoiding detection seems simple - just engineer a plausibly-deniable break in the cable some distance away from the place where you're working on the splice - a fishing trawler dragging the cable would do. Then before the cable operator can fix the break, you splice your tap into the inoperable cable.
It's possible to find the approximate location of a break by looking at its influence on reflections. A double break, as you're suggesting, would eventually be noticed.
(If that wasn't possible, then repairing cable breaks would be insanely expensive.)
As far as spying goes, the game has evolved to the point where it's not really embarrassing any more. Everybody knows that everybody does it, and there's pretty strong resistance to going public. If anything did get discovered it'd probably be used for disinformation or behind-the-scenes political capital if not just destroyed. Finding a box of electronics at the bottom of the sea isn't quite the same as capturing an enemy pilot in a spy plane [1] and it's gotten to the point that embarrassing yourself for being spied on is just as bad as embarrassing an adversary (or friend) for doing the spying. Plus, how are you going to attribute blame anyway?
Well, Russia did eventually exhibit the Ivy Bells one. And Google staff did react to news that NSA was tapping its traffic. I'm not arguing that cables aren't being tapped. It just seems odd that none of the major cable operators have revealed anything. But as you say, there's arguably resistance to going public.
I wonder how many reported cable breaks were in fact screwed up tap installs ;)
I would take with a grain of salt and publicity around espionage acts. Snowden's release is just about the only one I believe was genuine or not part of some back room dealings.
The first assumption is that any such announcement by any entity public or private is either calculated or forced with plenty of forces in the background pulling the stings. It would make the most sense that pieces of Google were in the know, being forced by secret orders, and begging to be able to feign outrage publicly to save face.
A person doesn't have to be a conspiracy nut to have reasonable doubt about any of this. Secret courts, secret orders, and massive NSA data collection are all general public knowledge. It's hard to believe there is any public disclosure that is not planned and carefully negotiated.
I don't doubt the US is capable of splicing - I think a lot of classified research was done to counter the detection of unauthorized taps. However, a huge number of cables pass through friendly countries and it's much easier to negotiate access. Another option is to electronically subvert the network equipment connected to the optic fiber. I imagine cable splicing is done sparingly, or when the easier options are not viable.
That is one way you can also passively tap a fiber without breaking it, I am not sure if it could be done deep undersea, I suppose it is possible with the right set up. Basically how it works is you have to open up all the cladding and get to the bare fiber (not always that easy) but assuming you can do that, then you can take another fiber and put it right next to, parallel with the main one and then apply a little heat, the proximity of the tapping fiber will pick up a small signal. It is called a fused biconical splitter, it is possible to do non-intrusively.
Remember about 10 years ago when a whole bunch of.middle eastern optical links went down, temporarily, a few days apart? Due to a strangely coordinated set of accidents with boat anchors?
Why not just tap at the repeaters? The signal has to be electrical there, and you can probably make it so that maintainance teams don't notice the tap.
Non-invasive fibre optic tap technology has been commercially available since at least the early 1990s. I recall seeing ads for a hand-held device at that time. By carefully bending the fibre over a mandrel, a small amount of light can be made to leak out through the cladding past the angle of total internal reflection. No need to cut and splice the fibre.
The ads implied the device worked on jacketed fibres; I suppose that depends on the transparency of the jacket to 1064nm IR radiation.
There is even a "laser razor" kickstarter that utilizes the effect. When a beard hair goes near the fiber, the light escapes from the fiber, and burns the hair, cutting it.
That one didn't seem like a hoax, just a neat idea that wasn't really possible to make into an actual product. (as in, it kind-of worked but wasn't going to be physically possible to make into a remotely satisfying product)
No, a hoax implies they were deliberately trying to scam people.
It seems like they learned about a neat concept, made a proof of concept that actually worked, but ran into physical reality when they tried to turn it into a reliable product (while being optimistic along the way). It's real hard to stop being optimistic at exactly the right time, and I'd be pretty forgiving if it seemed like everybody was giving an honest effort.
There are high speed SONET/SDH (common transport layer protocol ) encryptors available. I would assume that any undersea cables providers who might expect US tapping would use them. Especially if one endpoint is in Russia or China.
How many networks still run SONET at this point? Most global carriers would run OTN over DWDM at 25GHz or 50GHz spacing, with up to 200Gbps per channel. There is of course OTN encryption though
If I was to build a queryable database, I'd grab something like Lucene, and stick that on top of something like Postgres. The next step would be to build an interface so my non-technical business partners don't have to write SQL or some other query and manually send that to the server, but instead can ask stupid questions like "how long are Trumps fingers" and get results. That last part is PRISM.
A tangential story mentioned in Simon Singh's 'Code' (excellent read) is that a mole was caught sending secrets to the Soviets based on intel from the taps. They didn't want to tip the Russians off though so he was never prosecuted. Instead they fed him with phony documents to keep the taps secret.
Another way the Allies misdirected the D-Day landing sites was to do a lot of reconnaissance flights to the southern coast of Bretagne (northern bit of the west coast of France). Of course, a lot these recce flights also 'just happened' to also overfly the actual location of the D-Day landings...
"...mast-mounted antennas and collection systems atop the conning tower, some of them one-of-a-kind devices made for hard to reach or specific targets, all of them black boxes of future war."
That's a quote in the article from a source who is another pair of journalists writing for Gawker.
RF doesn't propagate well through water - in fact VLF is best and only goes to about 20 meters depth. Subs are most vulnerable when on the surface.
So the idea that we'd be using underwater manned platforms at a cost of $1.7 billion each to monitor enemy radio from the conning tower (without even using a buoy) seems a bit absurd to me.
The NRO has launched 3 spy satellites already this year. They're monitoring signals from within 150 miles using high gain antennas without the constraints of salt water, risk of detection and negative effects of a low altitude antenna and a tiny radio horizon.
I too want to believe we have badass hacker subs, but this feels like laying the groundwork for a budget request.
The UK and US have been using submarines as SIGINT platforms for a long time. Don't discount the ability to sneak into coastal waters a mile offshore from a missile testing facility, pop up an antenna and listen for telemetry, radar or other comms. The book I am currently reading about GCHQ describes such missions, for example: https://books.google.co.uk/books?id=l9i5bt1-7HYC&lpg=PA6&vq=...
Former navy submarine officer here. So SIGINT is absolutely a capability of US submarines, but isn't necessarily a primary purpose. But there are absolutely times and places where the ideal source of intelligence for the US government is a submarine offshore of country X with very small masts sticking out of the water gathering SIGINT. Satellites don't/can't catch everything.
Did you know that the subsea fiber optic cables which the submarines hack are only 17mm thick? [0]. Great companion story at ARS from a while back worth a read.
I was going to reply that this was surely nonsense and I've seen the thick cables the size of a man's leg, but as the article says these images we've seen are only for shallow areas and the majority of the cable really is just the size of a marker pen, shielded with just a few millimetres of plastic.
^undersea cables are typically made up of a central fiber line, which look like human hairs in a small tube, and a shell of insulation and copper. You need power to send the signal across the ocean floor and, as we do not generate electricity underwater, all of the current needs to be sent from one end to the other to power all of the repeaters along the way.
The fiber optic cable is 17mm, but the cable itself can't be because of the power constraint (unless I'm missing something deep; feel free to correct me if so).
> The nearer to the surface you get, the more protection—armour—you need to withstand potential disturbances from shipping. Trenches are dug and cables buried in shallow waters coming up onto shore. At greater depths, though, areas such as the West European Basin, which is almost three miles from the surface, there’s no need for armour, as merchant shipping poses no threat at all to cables on the seabed
Fishing trawlers are more likely to cause damage: By far the most common problems, however—accounting for about 60 percent of cut cable incidents—are dropped anchors and fishing nets.
The cables are on sea charts so this can be avoided, but that won't stop deliberate saboteurs. The strategy for safeguarding undersea cables has been described as “security through obscurity.”
In normal power distribution, much of the cost is in generating the electricity, and the cable is cheap and readily accessible and you can easily take several truckloads of heavy cable to the many sites.
Undersea cable is different, and I suspect that nobody cares if 99.9% of the power is wasted to heat the power wire as long as enough gets to the repeaters.
Kirchhoff's law says that if your wire is insulated, ask the current that goes in one end comes out the other. The only thing is that you need to provide sufficient voltage to push it through the long wire.
They actually used to be thinner, especially at shallow depths, but they had to add some extra sheathing because sharks were attracted. They'd go down to fix a break and find shark teeth embedded in it.
I recommend searching "sharks eating the internet"so it can become part of your Google history. I searched and found some videos of sharks biting, and some people discounting it.
e.g. Operation Barmaid, where a nuclear submarines was equipped with a giant set of cutters to allow it to cut and steal the towed sonar array from a Warsaw Pact vessel:
The Russians also have a long history of "special purpose" submarines, and are currently expanding their fleet of them again. Lots and lots of details eg largish "mini" submarines that dock on the underside of massive subs at http://www.hisutton.com
Which is amusing if you consider that a very long-distance, underwater cable which would be difficult to physically monitor (e.g. with cameras), would make a perfect use case for link encryption (at just above the physical layer).
I do not see why that wouldn't be technically possible, unless someone cares to comment.
There isn't a single 60Tb/sec datastream though so it is quite feasible (and I'd be shocked if people aren't doing it, especially after the post-Snowden rush to MACsec).
Undersea cables are DWDM systems where you have N x 10G,40G,100G waves. 100G MACsec is available in merchant silicon and out of the box on switches from Cisco & Arista (off the top of my head, I'm sure there are others).
You wouldn't even encrypt the undersea cables specifically, you'd encrypt your transport links before they leave your datacenter, that way you don't need to trust your carrier, the cable consortium, or anyone else (aside from your switch vendor...)
Further, the individual traffic streams in a 10 gigabit per second circuit would be encrypted at layers 4 through 7. Assuming that people are using properly implemented public /private key cryptography, of course.
Even so, the metadata of who is talking to who and traffic flow analysis is very valuable to the NSA.
Anecdotally I don't know of a single ISP that buys N x 10 Gbps transpacific or transatlantic waves/transport (ex: one Wilshire to Equinix Tokyo) that uses link layer crypto. In my example the ISPs are customers of the organizations that actually run the DWDM terminals.
Highly redundant core routers like an asr9010 with 2nd/3rd gen line cards, or an mx960 are already expensive enough without making a 24-port 10GbE linecard twice as costly to buy by having crypto features. It is super rare to see such hardware in production for commercial ISPs.
Reading through the comment tree, I'd say general consensus is that, in the case of a long distance underwater cable, link encryption is technically feasible.
However, while technically feasible (so as to protect metadata, who's talking to whom, etc.), due to the political weight & financial heft of certain state actors, tapping at the cable link endpoints would remain a strong possibility. This would obviate the actual need to link encrypt except of course for "optics"/marketing to data center customers.
But don't worry too much. As recent terrorist acts have shown, our intelligence communities retain their efficacy in the face of modern technological advances.
Edward Snowden revealed a long time ago that the NSA also taps the undersea communications cables for mass surveillance (which obviously includes US citizens).
That was hardly a Snowden leak. The Russians have had one of the Ivy Bells listening taps on public display since 1999. The book Blind Man's Bluff details the taps and was published in 1998.
These days, tapping them isn't likely to be particularly useful. Anything sensitive transiting them is gonna be encrypted. Ivy Bells was possible because the Soviets thought it would be impossible to tap the cables - they were within Soviet waters and the tech used to finally do it was quite clever - so they didn't encrypt anything.
>But despite the rising prominence of Russian hackers in this news cycle — and Chinese hackers before that — it's worth pointing out that the United States has grown fairly proficient in cyberspace, too.
How am I not surprised that in an article about US espionage the American s̶t̶a̶t̶e̶ media makes sure to remind yet again us how bad, bad, bad the Russians are.
It reads the exact opposite to me. 'You know how everyone's upset about Russian/Chinese hacking lately? Remember that the US did it first and on a far larger scale than them.'
The context of the article is recent comments by political candidates about Russian cyber warfare. The subs' capabilities were revealed at a conference three weeks ago.
I first learned about this when I read about a patent dispute. Someone (I don't recall the name) invented a coupler that could be used to easily splice a fiber optic cable (e.g. under water) and tap into all it's signal undetected. The inventor was denied patent rights and lost all control of his invention b/c the U.S. government claimed States Secrets, thus no court case on the matter could proceed.
Ooh, this lead to all sorts of interesting reading.
https://en.wikipedia.org/wiki/State_secrets_privilege
"""The privilege was first officially recognized by the Supreme Court of the United States in United States v. Reynolds, 345 U.S. 1 (1953). A military airplane, a B-29 Superfortress bomber, crashed. The widows of three civilian crew members sought accident reports on the crash but were told that to release such details would threaten national security by revealing the bomber's top-secret mission ...
...
In 2000, the accident reports were declassified and released, and it was found that the assertion that they contained secret information was fraudulent. The reports did, however, contain information about the poor condition of the aircraft itself, which would have been very compromising to the Air Force's case."""
So a Supreme Court case established precedence based on false claim of secret privilege from the government. That's pretty awful- if correct, it's a huge abuse of privelege.
Incidentally, I was not surprised to see Lucent mentioned in the Wired article- its predecessor, Bell Labs, had a very strong relationship with national security (The Idea Factory showed that the head of Bell Labs and the head of AT&T both maintained "secret schedules" where they would go to DC and share a lot of AT&T's access with security agencies.
I wouldn't jump to that conclusion. The state of military aircraft is extremely valuable information to an adversary that is trying to size up your forces.
While I agree (and actually support the concept of State Secrets), I want my Supreme Court cases and the precedences they establish to be grounded in cases where the facts actually support the idea that the government is protecting a state secret, rather than covering up its own problems. The secret documents in the Reynolds case were declassified later, and showed that it was unlikely their exposure would have damaged state secrecy (the russians had already cloned the B29, the accident report didn't give any details on the confidential equipment on board), and a fairly strong argument can be made they showed the government was trying to apply the privilege to hide their own failures in maintaining the aircraft, rather than protect critical secrets).
In short: privilege should be applied sparingly and the precedence for it should be unimpeachable. In this case, the precedence is not unimpeachable; the specific case is still considered contentious.
My point though is that a failure to maintain military aircraft is sensitive information that could be used by the enemy. You don't want your enemy to know your weak spots. I'm happy for the courts to give the government broad deference in these cases, especially when constitutional principles are not hanging in the balance.
Don't forget the time period that this happened in. The Soviets had tested their first nuke only a few years prior, Eastern Europe had fallen behind the Iron Curtain, communist movements were on the rise in the rest of Asia and had succeeded in taking China. The prospect of total war was very real. That you're doing a bad job of maintaining a certain class of warplane is very sensitive information in such an environment.
I'm calling BS on this. The stealthiness of a sub, it's only real purpose, is defeated the moment you start transmitting via a big antenna. It wouldn't happen. Subs no doubt are used for surveillance, but the concept of them sitting offshore and actively "hacking" communications is absurd. It would be a suicide mission with a billion-dollar asset.
The OP reads like a funding request. It's a pitch for a world where hackers will live inside submarines close to the action, when we know from experience that even when submarines were used to tap lines that the submarine did nothing other than install the tap and scurry away. (They also retrieved the recorders, but then too scurried away asap.) You don't risk something like a sub, and the lives onboard, on information management that can be done from afar. A drone capable of operating untethered far away from the mother ship might as well be controlled from thousands of miles away. The sub may launch the hacker-drone, but no matter the navy's fantasy, subs won't be at the center of the flowchart.
If it's absurd, please explain p.26 of https://snowdenarchive.cjfe.org/greenstone/collect/snowden1/... where we see the USS Annapolis being used for interactive operations ("Connection via: NEPTUNETHUNDER, BLINDDATE/HAPPYHOUR", "Successful exploits at 4, 6, ad 8 NM with 4 watt access point") and for man-on-the-side operations ("Inject using BLINDDATE/NITESTAND", "Successful inject at 4NM to 100mw client computer").
Or to p.27 with a flowchart of the "Afloat Computer Network Operations", which uses Fleet Comms to connect to the Annapolis, which connects to a set of antennas?
You wrote "subs won't be at the center of the flowchart", but the sub literally is the closest box to the center of that flowchart.
(This is from an April 2012 document which is part of the Snowden leak.)
So that's communication over 8 nautical miles, or 15 km, presumably line-of-sight. Consumer equipment (5 GHz wimax ac) can do that with a 20x20 cm directional antenna. Have a look at a Ubiquiti NanoStation, for instance. Sticking up a pole with a 20x20 cm fiberglass antenna on it won't give a radar return distinguishable from wave noise even at calm seas.
Those are tests, not operations. They were against friendly targets, specifically consumer wifi/bluetooth devices (based on the wattages). Had the target been actively looking for attacks, the sub would have been located within seconds. You wouldn't do this against an attacker with any ability to respond physically. The only time this would be useful would be against an unsophisticated target, but then why bother with the sub?
An airborne drone could do, does, the same job at 0.01% of the cost and 1/0 less lives on the line. The sub is ridiculous overkill.
A parabolic antenna can create a narrow beam. That beam can be aimed at a satellite. It is only necessary for the antenna but not the submarine to be at the surface.
The long usage history of sonobuoys and underwater decoys in submarine warfare seems reason to suppose that the use of similar sacrificial systems within the realm of possible tactics to further avoid detection of a submarine.
(1) A parabolic antenna is a huge radar target for anyone hunting submarines.
(2) A parabolic antenna, or any other very directional antenna, requires a stable platform. Either it's on a huge inflatable raft, or the sub is rigidly attached. Either way, the operation will be noticed.
(3) Sacrificial systems in submarine warfare are rare. They exist but, like aircraft launching flares, they draw attention and are therefor only used once the sub has been somehow detected. Subs don't like anything that draws attention unless things are already hitting the fan.
> (1) A parabolic antenna is a huge radar target for anyone hunting submarines.
I'm not sure if you are suggesting that an antenna would have to be detrimental to the radar cross-section of a submarine or if you are suggesting that you can intercept radio waves from a high directivity antenna.
For the former, directional antennas are on all forms of modern day stealth vehicles without compromising the radar cross-section of the vehicle (eg. modern jet fighters).
For the latter I have already seen successful systems such as MADL [1] which use highly directional radio waves to communicate between stealth fighter jets (something you would hope would go undetected). So I highly doubt that submarines couldn't have a similar system in place.
> (2) A parabolic antenna, or any other very directional antenna, requires a stable platform. Either it's on a huge inflatable raft, or the sub is rigidly attached. Either way, the operation will be noticed.
As shown in [1], directional radio waves can be sent from one jet fighter to another. Both of these are not stable platforms.
>> from one jet fighter to another. Both of these are not stable platforms.
Fighter aircraft as remarkable stable platforms. They spend 95%+ of their time wings-level, say +/- 5*. And most of the motions of an aircraft are commanded by the pilot, allowing electronics a momentary heads up to make decisions re antennas. Compare that to a tiny raft in even moderate seas, constantly moving in every dimension, where the random motion never, ever, stops. Many a fighter jock has suffered sea sickness.
I think you are just misreading the article. Nobody said anything about big antennas on submarines transmitting. The only new information contined is from a speech by the head of submarine operations saying that submarines are important to signals intelligence with very little detail. (Yes this is PR for submarines.) The rest is old news and somewhat confused speculation.
In reality this non-story appears to simply be something convenient for the WP to tack on 2 paragraphs of Trump attacks. Kinda weird.
Before Snowden and Manning there was the more old fashioned Ronald Pelton who was just released from his 30 years in prison last year for revealing information about submarine phone tapping. His motives were different but he was still treated horribly by the US for revealing the truth.
Sure he was more traditional and self interested. But his actions were nonetheless essentially "good" in the same way He informed people that they were having their telecommunications secretly listened to. Just because it was for the benefit of Russians instead of Americans doesn't make it wrong. They're people too.
You've got to be kidding me. The Soviet Union was a totalitarian/authoritarian expansionist empire that carried out pervasive surveillance of all of its people, and used gathered information to identify and silence dissenters by shipping them off to gulags or executing them. And you're here praising a guy who was helping them because you think he was concerned about their privacy.
> These days, some U.S. subs come equipped with sophisticated antennas that can be used to intercept and manipulate other people's communications traffic, particularly on weak or unencrypted networks.
Isn't (most of) the communication over these links encrypted? What is the point of tapping into the information flow? Is it possible that they are able to decrypt it?
There are many people who are saying that the NSA would use radio waves / only store the data. Why not forward the data to another fiber optic connection which is friendly to you to a datacenter.
[0] https://en.wikipedia.org/wiki/Blind_Man%27s_Bluff:_The_Untol...
[1] https://en.wikipedia.org/wiki/Operation_Ivy_Bells
[2] http://www.therebreathersite.nl/11_Closed%20Circuit%20Rebrea...