
America uses stealthy submarines to hack other countries’ systems - Jerry2
https://www.washingtonpost.com/news/the-switch/wp/2016/07/29/america-is-hacking-other-countries-with-stealthy-submarines/
======
Jerry2
If this sort of stuff interets you, I highly recommend the book "Blind Man's
Bluff: The Untold Story of American Submarine Espionage". [0] It tells the
story of Cold War espionage from the submarine warfare point of view. The book
also covers "Operation Ivy Bells" which was a joint Navy/CIA/NSA mission whose
objective was to place wire taps on Soviet underwater communication lines
during the Cold War. [1] Sub placed a listening and recording devices over
Soviet cables and was able to capture their communications. The device was
fairly large as can be seen from this picture [2]. I'm sure they're smaller
now.

[0]
[https://en.wikipedia.org/wiki/Blind_Man%27s_Bluff:_The_Untol...](https://en.wikipedia.org/wiki/Blind_Man%27s_Bluff:_The_Untold_Story_of_American_Submarine_Espionage)

[1]
[https://en.wikipedia.org/wiki/Operation_Ivy_Bells](https://en.wikipedia.org/wiki/Operation_Ivy_Bells)

[2]
[http://www.therebreathersite.nl/11_Closed%20Circuit%20Rebrea...](http://www.therebreathersite.nl/11_Closed%20Circuit%20Rebreathers/images/GE%20MK10/UnderseaEspionage.jpg)

~~~
sandworm101
>>> I'm sure they're smaller now.

I'm betting not. Ivy Bells was back in the days of copper wires being tapped
by external sensors placed atop undersea cables. Today's undersea cables are
optical. You'd need to splice in, or at least open up a cable to get at the
individual fibers to install similar taps. I cannot see how that would be done
in the pressurized world of submarines. Normal procedure for such work
involves hauling the cable to a surface ship where it can be picked apart by
hand. A sub would have to somehow pull the cable inside its pressure hull, a
very dangerous task. Any sub equipped for such an operation would surely be
noticed (massive doors, reconfigured interior spaces, special station-keeping
thrusters etc).

Maybe they do it in very shallow water, but then you would still need a dry
environment. You would have to deal with the current passing through the
cable, somehow without detection or cooperation from the cable's operators.
There are just too many difficulties to make splicing-by-submarine practical.

~~~
kevin_thibedeau
I wouldn't put it beyond the capabilities of a nation state to tap fiber by
putting a kink in it and processing the light that leaks out.

~~~
jloughry
Non-invasive fibre optic tap technology has been commercially available since
at least the early 1990s. I recall seeing ads for a hand-held device at that
time. By carefully bending the fibre over a mandrel, a small amount of light
can be made to leak out through the cladding past the angle of total internal
reflection. No need to cut and splice the fibre.

The ads implied the device worked on jacketed fibres; I suppose that depends
on the transparency of the jacket to 1064nm IR radiation.

~~~
tomkinstinch
Bending isn't required, and the transparency of the jacket doesn't matter if
it's thin enough. The term to Google is "evanescent wave coupling."

~~~
Gravityloss
There is even a "laser razor" kickstarter that utilizes the effect. When a
beard hair goes near the fiber, the light escapes from the fiber, and burns
the hair, cutting it.

~~~
jacobush
Hoax tho

~~~
colechristensen
That one didn't seem like a hoax, just a neat idea that wasn't really possible
to make into an actual product. (as in, it kind-of worked but wasn't going to
be physically possible to make into a remotely satisfying product)

~~~
nzjrs
So a hoax, no?

~~~
colechristensen
No, a hoax implies they were deliberately trying to scam people.

It seems like they learned about a neat concept, made a proof of concept that
actually worked, but ran into physical reality when they tried to turn it into
a reliable product (while being optimistic along the way). It's real hard to
stop being optimistic at exactly the right time, and I'd be pretty forgiving
if it seemed like everybody was giving an honest effort.

~~~
nzjrs
I've read a lot of /r/shittykickstarters and this smells like all the scams
there.

------
mmaunder
"...mast-mounted antennas and collection systems atop the conning tower, some
of them one-of-a-kind devices made for hard to reach or specific targets, all
of them black boxes of future war."

That's a quote in the article from a source who is another pair of journalists
writing for Gawker.

RF doesn't propagate well through water - in fact VLF is best and only goes to
about 20 meters depth. Subs are most vulnerable when on the surface.

So the idea that we'd be using underwater manned platforms at a cost of $1.7
billion each to monitor enemy radio from the conning tower (without even using
a buoy) seems a bit absurd to me.

The NRO has launched 3 spy satellites already this year. They're monitoring
signals from within 150 miles using high gain antennas without the constraints
of salt water, risk of detection and negative effects of a low altitude
antenna and a tiny radio horizon.

I too want to believe we have badass hacker subs, but this feels like laying
the groundwork for a budget request.

~~~
jedc
Former navy submarine officer here. So SIGINT is absolutely a capability of US
submarines, but isn't necessarily a primary purpose. But there are absolutely
times and places where the ideal source of intelligence for the US government
is a submarine offshore of country X with very small masts sticking out of the
water gathering SIGINT. Satellites don't/can't catch everything.

------
nstj
Did you know that the subsea fiber optic cables which the submarines hack are
only 17mm thick? [0]. Great companion story at ARS from a while back worth a
read.

[0]: [http://arstechnica.com/information-technology/2016/05/how-
th...](http://arstechnica.com/information-technology/2016/05/how-the-internet-
works-submarine-cables-data-centres-last-mile/2/#h2)

~~~
chrisseaton
I was going to reply that this was surely nonsense and I've seen the thick
cables the size of a man's leg, but as the article says these images we've
seen are only for shallow areas and the majority of the cable really is just
the size of a marker pen, shielded with just a few millimetres of plastic.

~~~
josh2600
[http://mikesenese.com/DOIT/wp-
content/uploads/2011/11/Unders...](http://mikesenese.com/DOIT/wp-
content/uploads/2011/11/Undersea-cable-580x553.jpg)

^undersea cables are typically made up of a central fiber line, which look
like human hairs in a small tube, and a shell of insulation and copper. You
need power to send the signal across the ocean floor and, as we do not
generate electricity underwater, all of the current needs to be sent from one
end to the other to power all of the repeaters along the way.

The fiber optic cable is 17mm, but the cable itself can't be because of the
power constraint (unless I'm missing something deep; feel free to correct me
if so).

~~~
nstj
> The nearer to the surface you get, the more protection—armour—you need to
> withstand potential disturbances from shipping. Trenches are dug and cables
> buried in shallow waters coming up onto shore. At greater depths, though,
> areas such as the West European Basin, which is almost three miles from the
> surface, there’s no need for armour, as merchant shipping poses no threat at
> all to cables on the seabed

[http://arstechnica.com/information-technology/2016/05/how-
th...](http://arstechnica.com/information-technology/2016/05/how-the-internet-
works-submarine-cables-data-centres-last-mile/2/#h2)

~~~
ptha
Fishing trawlers are more likely to cause damage: _By far the most common
problems, however—accounting for about 60 percent of cut cable incidents—are
dropped anchors and fishing nets_.

The cables are on sea charts so this can be avoided, but that won't stop
deliberate saboteurs. _The strategy for safeguarding undersea cables has been
described as “security through obscurity.”_

[http://www.wired.com/2015/10/undersea-cable-
maps/](http://www.wired.com/2015/10/undersea-cable-maps/)

~~~
yxhuvud
Not very obscure if you can find them on a sea chart.

------
arethuza
On a related note I can strongly recommend _The Silent Deep_ which goes into a
lot of detail about what Royal navy submarines got up to in the Cold War:

[https://www.amazon.co.uk/dp/B0171SWRGI/ref=dp-kindle-
redirec...](https://www.amazon.co.uk/dp/B0171SWRGI/ref=dp-kindle-
redirect?_encoding=UTF8&btkr=1)

e.g. Operation Barmaid, where a nuclear submarines was equipped with a giant
set of cutters to allow it to cut and steal the towed sonar array from a
Warsaw Pact vessel:

[https://en.wikipedia.org/wiki/HMS_Conqueror_(S48)#Operation_...](https://en.wikipedia.org/wiki/HMS_Conqueror_\(S48\)#Operation_Barmaid)

------
willvarfar
The Russians also have a long history of "special purpose" submarines, and are
currently expanding their fleet of them again. Lots and lots of details eg
largish "mini" submarines that dock on the underside of massive subs at
[http://www.hisutton.com](http://www.hisutton.com)

------
j1vms
Which is amusing if you consider that a very long-distance, underwater cable
which would be difficult to physically monitor (e.g. with cameras), would make
a perfect use case for link encryption (at just above the physical layer).

I do not see why that wouldn't be technically possible, unless someone cares
to comment.

~~~
packetslave
Because encrypting a 60Tb/sec data stream in real-time is computationally
hard?

~~~
jauer
There isn't a single 60Tb/sec datastream though so it is quite feasible (and
I'd be shocked if people aren't doing it, especially after the post-Snowden
rush to MACsec).

Undersea cables are DWDM systems where you have N x 10G,40G,100G waves. 100G
MACsec is available in merchant silicon and out of the box on switches from
Cisco & Arista (off the top of my head, I'm sure there are others).

You wouldn't even encrypt the undersea cables specifically, you'd encrypt your
transport links before they leave your datacenter, that way you don't need to
trust your carrier, the cable consortium, or anyone else (aside from your
switch vendor...)

~~~
walrus01
Further, the individual traffic streams in a 10 gigabit per second circuit
would be encrypted at layers 4 through 7. Assuming that people are using
properly implemented public /private key cryptography, of course.

Even so, the metadata of who is talking to who and traffic flow analysis is
very valuable to the NSA.

~~~
azernik
That's why link-layer encryption adds value over higher-layer encryption - it
also encrypts layer-3+ headers and metadata.

~~~
walrus01
Anecdotally I don't know of a single ISP that buys N x 10 Gbps transpacific or
transatlantic waves/transport (ex: one Wilshire to Equinix Tokyo) that uses
link layer crypto. In my example the ISPs are customers of the organizations
that actually run the DWDM terminals.

Highly redundant core routers like an asr9010 with 2nd/3rd gen line cards, or
an mx960 are already expensive enough without making a 24-port 10GbE linecard
twice as costly to buy by having crypto features. It is super rare to see such
hardware in production for commercial ISPs.

------
chinathrow
Assume all oceanic cables rigged. The CIA has been doing this for decades.

Added: [https://www.amazon.com/Blind-Mans-Bluff-Submarine-
Espionage/...](https://www.amazon.com/Blind-Mans-Bluff-Submarine-
Espionage/dp/006097771X)

~~~
stephengillie
Welcome to the fish bowl.

But don't worry too much. As recent terrorist acts have shown, our
intelligence communities retain their efficacy in the face of modern
technological advances.

~~~
awqrre
They don't use this information for preventing terrorist attacks... it is more
to gain an economic advantage.

------
benevol
Edward Snowden revealed a long time ago that the NSA also taps the undersea
communications cables for mass surveillance (which obviously includes US
citizens).

~~~
ceejayoz
That was hardly a Snowden leak. The Russians have had one of the Ivy Bells
listening taps on public display since 1999. The book Blind Man's Bluff
details the taps and was published in 1998.

These days, tapping them isn't likely to be particularly useful. Anything
sensitive transiting them is gonna be encrypted. Ivy Bells was possible
because the Soviets thought it would be impossible to tap the cables - they
were within Soviet waters and the tech used to finally do it was quite clever
- so they didn't encrypt anything.

------
gormo2
>But despite the rising prominence of Russian hackers in this news cycle — and
Chinese hackers before that — it's worth pointing out that the United States
has grown fairly proficient in cyberspace, too.

How am I not surprised that in an article about US espionage the American
s̶t̶a̶t̶e̶ media makes sure to remind yet again us how bad, bad, bad the
Russians are.

~~~
gwern
It reads the exact opposite to me. 'You know how everyone's upset about
Russian/Chinese hacking lately? Remember that the US did it first and on a far
larger scale than them.'

~~~
finid
But who's going to impose sanctions on us?

------
transfire
I first learned about this when I read about a patent dispute. Someone (I
don't recall the name) invented a coupler that could be used to easily splice
a fiber optic cable (e.g. under water) and tap into all it's signal
undetected. The inventor was denied patent rights and lost all control of his
invention b/c the U.S. government claimed States Secrets, thus no court case
on the matter could proceed.

~~~
Inconel
Based on what you described I found this old Wired article from 2005. It
sounds like this could be the case you're remembering.

[http://archive.wired.com/science/discoveries/news/2005/09/68...](http://archive.wired.com/science/discoveries/news/2005/09/68894?currentPage=all)

~~~
dekhn
Ooh, this lead to all sorts of interesting reading.

[https://en.wikipedia.org/wiki/State_secrets_privilege](https://en.wikipedia.org/wiki/State_secrets_privilege)
"""The privilege was first officially recognized by the Supreme Court of the
United States in United States v. Reynolds, 345 U.S. 1 (1953). A military
airplane, a B-29 Superfortress bomber, crashed. The widows of three civilian
crew members sought accident reports on the crash but were told that to
release such details would threaten national security by revealing the
bomber's top-secret mission ...

...

In 2000, the accident reports were declassified and released, and it was found
that the assertion that they contained secret information was fraudulent. The
reports did, however, contain information about the poor condition of the
aircraft itself, which would have been very compromising to the Air Force's
case."""

So a Supreme Court case established precedence based on false claim of secret
privilege from the government. That's pretty awful- if correct, it's a huge
abuse of privelege.

Incidentally, I was not surprised to see Lucent mentioned in the Wired
article- its predecessor, Bell Labs, had a very strong relationship with
national security (The Idea Factory showed that the head of Bell Labs and the
head of AT&T both maintained "secret schedules" where they would go to DC and
share a lot of AT&T's access with security agencies.

~~~
marcoperaza
I wouldn't jump to that conclusion. The state of military aircraft is
extremely valuable information to an adversary that is trying to size up your
forces.

~~~
dekhn
While I agree (and actually support the concept of State Secrets), I want my
Supreme Court cases and the precedences they establish to be grounded in cases
where the facts actually support the idea that the government is protecting a
state secret, rather than covering up its own problems. The secret documents
in the Reynolds case were declassified later, and showed that it was unlikely
their exposure would have damaged state secrecy (the russians had already
cloned the B29, the accident report didn't give any details on the
confidential equipment on board), and a fairly strong argument can be made
they showed the government was trying to apply the privilege to hide their own
failures in maintaining the aircraft, rather than protect critical secrets).

In short: privilege should be applied sparingly and the precedence for it
should be unimpeachable. In this case, the precedence is not unimpeachable;
the specific case is still considered contentious.

~~~
marcoperaza
My point though is that a failure to maintain military aircraft is sensitive
information that could be used by the enemy. You don't want your enemy to know
your weak spots. I'm happy for the courts to give the government broad
deference in these cases, especially when constitutional principles are not
hanging in the balance.

Don't forget the time period that this happened in. The Soviets had tested
their first nuke only a few years prior, Eastern Europe had fallen behind the
Iron Curtain, communist movements were on the rise in the rest of Asia and had
succeeded in taking China. The prospect of total war was very real. That
you're doing a bad job of maintaining a certain class of warplane is very
sensitive information in such an environment.

------
sandworm101
I'm calling BS on this. The stealthiness of a sub, it's only real purpose, is
defeated the moment you start transmitting via a big antenna. It wouldn't
happen. Subs no doubt are used for surveillance, but the concept of them
sitting offshore and actively "hacking" communications is absurd. It would be
a suicide mission with a billion-dollar asset.

The OP reads like a funding request. It's a pitch for a world where hackers
will live inside submarines close to the action, when we know from experience
that even when submarines were used to tap lines that the submarine did
nothing other than install the tap and scurry away. (They also retrieved the
recorders, but then too scurried away asap.) You don't risk something like a
sub, and the lives onboard, on information management that can be done from
afar. A drone capable of operating untethered far away from the mother ship
might as well be controlled from thousands of miles away. The sub may launch
the hacker-drone, but no matter the navy's fantasy, subs won't be at the
center of the flowchart.

~~~
dalke
If it's absurd, please explain p.26 of
[https://snowdenarchive.cjfe.org/greenstone/collect/snowden1/...](https://snowdenarchive.cjfe.org/greenstone/collect/snowden1/index/assoc/HASH0669.dir/doc.pdf)
where we see the USS Annapolis being used for interactive operations
("Connection via: NEPTUNETHUNDER, BLINDDATE/HAPPYHOUR", "Successful exploits
at 4, 6, ad 8 NM with 4 watt access point") and for man-on-the-side operations
("Inject using BLINDDATE/NITESTAND", "Successful inject at 4NM to 100mw client
computer").

Or to p.27 with a flowchart of the "Afloat Computer Network Operations", which
uses Fleet Comms to connect to the Annapolis, which connects to a set of
antennas?

You wrote "subs won't be at the center of the flowchart", but the sub
literally is the closest box to the center of that flowchart.

(This is from an April 2012 document which is part of the Snowden leak.)

~~~
sandworm101
Those are tests, not operations. They were against friendly targets,
specifically consumer wifi/bluetooth devices (based on the wattages). Had the
target been actively looking for attacks, the sub would have been located
within seconds. You wouldn't do this against an attacker with any ability to
respond physically. The only time this would be useful would be against an
unsophisticated target, but then why bother with the sub?

An airborne drone could do, does, the same job at 0.01% of the cost and 1/0
less lives on the line. The sub is ridiculous overkill.

~~~
dalke
I take your point. I don't think now that it's unreasonable.

------
gravypod
Who would have thought War Driving would turn into War Diving?

------
Hondor
Before Snowden and Manning there was the more old fashioned Ronald Pelton who
was just released from his 30 years in prison last year for revealing
information about submarine phone tapping. His motives were different but he
was still treated horribly by the US for revealing the truth.

[https://en.wikipedia.org/wiki/Ronald_Pelton](https://en.wikipedia.org/wiki/Ronald_Pelton)

~~~
gozur88
Pelton was just your garden variety spy. He wasn't acting out of any concern
for the general welfare.

~~~
Hondor
Sure he was more traditional and self interested. But his actions were
nonetheless essentially "good" in the same way He informed people that they
were having their telecommunications secretly listened to. Just because it was
for the benefit of Russians instead of Americans doesn't make it wrong.
They're people too.

~~~
gozur88
>But his actions were nonetheless essentially "good" in the same way...

No. He gave US security information to the government USSR, not to the Russian
people. By your definition any spy anywhere is "good".

Just because moral distinctions can be difficult to make doesn't mean we throw
up our hands and say all actions are equally moral.

------
theCricketer
> These days, some U.S. subs come equipped with sophisticated antennas that
> can be used to intercept and manipulate other people's communications
> traffic, particularly on weak or unencrypted networks.

Isn't (most of) the communication over these links encrypted? What is the
point of tapping into the information flow? Is it possible that they are able
to decrypt it?

------
intrasight
I would have thought that by now that the interesting stuff would be flowing
through cables using Quantum Key Distribution (QKD)

------
zitterbewegung
There are many people who are saying that the NSA would use radio waves / only
store the data. Why not forward the data to another fiber optic connection
which is friendly to you to a datacenter.

------
ommunist
Because they can, or because Navy do not have access to Shodan?

