If this sort of stuff interets you, I highly recommend the book "Blind Man's Bluff: The Untold Story of American Submarine Espionage". [0] It tells the story of Cold War espionage from the submarine warfare point of view. The book also covers "Operation Ivy Bells" which was a joint Navy/CIA/NSA mission whose objective was to place wire taps on Soviet underwater communication lines during the Cold War. [1] Sub placed a listening and recording devices over Soviet cables and was able to capture their communications. The device was fairly large as can be seen from this picture [2]. I'm sure they're smaller now.
I'm betting not. Ivy Bells was back in the days of copper wires being tapped by external sensors placed atop undersea cables. Today's undersea cables are optical. You'd need to splice in, or at least open up a cable to get at the individual fibers to install similar taps. I cannot see how that would be done in the pressurized world of submarines. Normal procedure for such work involves hauling the cable to a surface ship where it can be picked apart by hand. A sub would have to somehow pull the cable inside its pressure hull, a very dangerous task. Any sub equipped for such an operation would surely be noticed (massive doors, reconfigured interior spaces, special station-keeping thrusters etc).
Maybe they do it in very shallow water, but then you would still need a dry environment. You would have to deal with the current passing through the cable, somehow without detection or cooperation from the cable's operators. There are just too many difficulties to make splicing-by-submarine practical.
Wikipedia even references to multiple sources: "Intelligence experts speculate that the MMP may find use in similar missions as an underwater splicing chamber for Optical fiber cables.[7][8][9][10]"
No doubt people have discussed the concept. If I were a navy looking for funding, or just another use for an existing sub, I would definitely propose it. But I don't see the practicality of going through all that effort for rather limited gain. If this is an enemy cable, it will be encrypted. If it is a privately-owned cable (internet) then it can more easily be tapped on land or via a standard ship. I suspect that even an enemy cable, if it is in public waters, could be spliced far more effectively by a surface ship.
Once the tap is in place, how do you get the information from the tap back to HQ? The sub won't have the manpower and computers needed to gain meaningful intel from such a cable. Getting the data back to shore would require either another cable or an in situ recording device a la ivy bells. Recording devices would both delay any data by weeks/months and limit the ability to insert data, an essential task when attacking encrypted connections.
>Today's undersea cables are optical. You'd need to splice in, or at least open up a cable to get at the individual fibers to install similar taps. I cannot see how that would be done in the pressurized world of submarines.
That's an excellent point but I think they have a way to lift the cable off the seabed and make a splice even though it's hard. NSA are masters of making the impossible work.
What I can't figure out is how they collect the data. These optical cables carry tens of terabits of data per second so how do you store & transmit it back for analysis? I'm guessing they filter some of it but you still end up with lots of bits.
Do you think they lay another cable from the tap to some collection point or do they use radio waves? Or maybe they just record the data and then just collect it by a surface ship or a sub every month...
They do a splitter in datacenters to the NSA so I presume that is similar many fiber optic wires. From what I understand is that the submarine has to stay there to collect the data. So I presume they split it and have a cable they connect to it that routes it right to the sub. However I think Hawaii is a big NSA station because a lot of those international lines right through near there. I wonder if they could split the stream and run a whole cable back to Hawaii with it.
Radios don't work so well underwater. This is why subs have various radio masts that poke above the surface. They stay just below the water with the antennas dry for the most part.
It's be much easier to mess with routing (in secret or not) and capture data at another point.
> so how do you store & transmit it back for analysis?
complete guess, but probably just chop it and quickly install another "repeater" that does everything the existing repeaters do, in addition to copying the information into their own system.
Now, how do they filter out and find what they're looking for ? who knows. probably run a secondary fiber line to an underwater "server room" and/or to a buoy with an antenna for remote control ?
Avoiding detection seems simple - just engineer a plausibly-deniable break in the cable some distance away from the place where you're working on the splice - a fishing trawler dragging the cable would do. Then before the cable operator can fix the break, you splice your tap into the inoperable cable.
It's possible to find the approximate location of a break by looking at its influence on reflections. A double break, as you're suggesting, would eventually be noticed.
(If that wasn't possible, then repairing cable breaks would be insanely expensive.)
As far as spying goes, the game has evolved to the point where it's not really embarrassing any more. Everybody knows that everybody does it, and there's pretty strong resistance to going public. If anything did get discovered it'd probably be used for disinformation or behind-the-scenes political capital if not just destroyed. Finding a box of electronics at the bottom of the sea isn't quite the same as capturing an enemy pilot in a spy plane [1] and it's gotten to the point that embarrassing yourself for being spied on is just as bad as embarrassing an adversary (or friend) for doing the spying. Plus, how are you going to attribute blame anyway?
Well, Russia did eventually exhibit the Ivy Bells one. And Google staff did react to news that NSA was tapping its traffic. I'm not arguing that cables aren't being tapped. It just seems odd that none of the major cable operators have revealed anything. But as you say, there's arguably resistance to going public.
I wonder how many reported cable breaks were in fact screwed up tap installs ;)
I would take with a grain of salt and publicity around espionage acts. Snowden's release is just about the only one I believe was genuine or not part of some back room dealings.
The first assumption is that any such announcement by any entity public or private is either calculated or forced with plenty of forces in the background pulling the stings. It would make the most sense that pieces of Google were in the know, being forced by secret orders, and begging to be able to feign outrage publicly to save face.
A person doesn't have to be a conspiracy nut to have reasonable doubt about any of this. Secret courts, secret orders, and massive NSA data collection are all general public knowledge. It's hard to believe there is any public disclosure that is not planned and carefully negotiated.
I don't doubt the US is capable of splicing - I think a lot of classified research was done to counter the detection of unauthorized taps. However, a huge number of cables pass through friendly countries and it's much easier to negotiate access. Another option is to electronically subvert the network equipment connected to the optic fiber. I imagine cable splicing is done sparingly, or when the easier options are not viable.
That is one way you can also passively tap a fiber without breaking it, I am not sure if it could be done deep undersea, I suppose it is possible with the right set up. Basically how it works is you have to open up all the cladding and get to the bare fiber (not always that easy) but assuming you can do that, then you can take another fiber and put it right next to, parallel with the main one and then apply a little heat, the proximity of the tapping fiber will pick up a small signal. It is called a fused biconical splitter, it is possible to do non-intrusively.
Remember about 10 years ago when a whole bunch of.middle eastern optical links went down, temporarily, a few days apart? Due to a strangely coordinated set of accidents with boat anchors?
Why not just tap at the repeaters? The signal has to be electrical there, and you can probably make it so that maintainance teams don't notice the tap.
Non-invasive fibre optic tap technology has been commercially available since at least the early 1990s. I recall seeing ads for a hand-held device at that time. By carefully bending the fibre over a mandrel, a small amount of light can be made to leak out through the cladding past the angle of total internal reflection. No need to cut and splice the fibre.
The ads implied the device worked on jacketed fibres; I suppose that depends on the transparency of the jacket to 1064nm IR radiation.
There is even a "laser razor" kickstarter that utilizes the effect. When a beard hair goes near the fiber, the light escapes from the fiber, and burns the hair, cutting it.
That one didn't seem like a hoax, just a neat idea that wasn't really possible to make into an actual product. (as in, it kind-of worked but wasn't going to be physically possible to make into a remotely satisfying product)
No, a hoax implies they were deliberately trying to scam people.
It seems like they learned about a neat concept, made a proof of concept that actually worked, but ran into physical reality when they tried to turn it into a reliable product (while being optimistic along the way). It's real hard to stop being optimistic at exactly the right time, and I'd be pretty forgiving if it seemed like everybody was giving an honest effort.
There are high speed SONET/SDH (common transport layer protocol ) encryptors available. I would assume that any undersea cables providers who might expect US tapping would use them. Especially if one endpoint is in Russia or China.
How many networks still run SONET at this point? Most global carriers would run OTN over DWDM at 25GHz or 50GHz spacing, with up to 200Gbps per channel. There is of course OTN encryption though
If I was to build a queryable database, I'd grab something like Lucene, and stick that on top of something like Postgres. The next step would be to build an interface so my non-technical business partners don't have to write SQL or some other query and manually send that to the server, but instead can ask stupid questions like "how long are Trumps fingers" and get results. That last part is PRISM.
A tangential story mentioned in Simon Singh's 'Code' (excellent read) is that a mole was caught sending secrets to the Soviets based on intel from the taps. They didn't want to tip the Russians off though so he was never prosecuted. Instead they fed him with phony documents to keep the taps secret.
Another way the Allies misdirected the D-Day landing sites was to do a lot of reconnaissance flights to the southern coast of Bretagne (northern bit of the west coast of France). Of course, a lot these recce flights also 'just happened' to also overfly the actual location of the D-Day landings...
[0] https://en.wikipedia.org/wiki/Blind_Man%27s_Bluff:_The_Untol...
[1] https://en.wikipedia.org/wiki/Operation_Ivy_Bells
[2] http://www.therebreathersite.nl/11_Closed%20Circuit%20Rebrea...