4 min

How can we protect ourselves against network infrastructure sabotage?

At the end of April, an unprecedented series of malicious acts paralysed Internet traffic in several regions simultaneously. The investigation is ongoing, but industry federations are already calling for tougher sanctions and a major plan to ensure network resilience.

Cybercrime - Xavier Biseul - June 14, 2022

During the night of 26 to 27 April, the French fibre optic network was subjected to unprecedented malicious acts, resulting in slowdowns and access cuts in several cities (Grenoble, Besançon, Reims and Strasbourg, among others) and in the Ile-de-France region. The customers of free saw their connection severely disrupted, like those of SFR, though to a lesser extent.

About 1% of free’s subscribers were affected, according to the operator, which posted photos of cut fibre optic cables on its Twitter feed. For its part, the French Federation of Telecoms (FFTélécoms) indicated in a press release that connections had been quickly restored but that the repair work would be “nonetheless very heavy.”

An investigation was immediately opened by the Paris public prosecutor’s office for, according to AFP, “deterioration of property likely to affect the fundamental interests of the Nation”, “obstruction of an automated data processing system” and “criminal association”. It has been entrusted to the Central Directorate of Judicial Police (DCPJ), the Directorate General of Internal Security (DGSI) and the Anti-Terrorist Sub-Directorate (SDAT).

Although the results of the investigation have not yet been made public, Le Journal du Dimanche states that one lead could point to ultra-left activists. To support this thesis, the newspaper makes a link with Sans Nom, “a new anarchist agitation site”. In a post, the latter does not claim responsibility for the sabotage, but rejoices that during “one fine night, the Internet was cut off in a large part of the country…”.

Willingness to harm and endanger others

While it is (unfortunately) common for street cabinets, fibre-optic distribution boxes, or 4G/5G mobile antennas to be targeted, the scale of the acts of sabotage at the end of April surprised everyone. In a concerted effort, the perpetrators cut long-distance cables in three different regions within minutes of each other. These cables, also known as backbone cables, are used to link different regions over hundreds of kilometres.

Philippe Le Grand, President of InfraNum (the federation representing the digital infrastructure sector), pointed to deliberate harm. “The criminals were perfectly aware of the network’s nerve points, knew how to proceed, and were obviously equipped with professional tools.”

He also emphasised the seriousness of the incident. “Attacking essential networks and cutting off areas from Internet access for several hours is akin to endangerment. This type of action can have dramatic consequences, for example by disrupting emergency services.”

As for Michel Combot, Director General of FFTélécoms, the federation that brings together telecom operators, he wondered about possible coordination and internal complicity. In the face of such offences, he called for a tightening of criminal sanctions. “They are not dissuasive enough. An offender who graffities a bus shelter or cuts a cable is exposed to the same sanction.”

According to FFTélécoms, we should increase the maximum prison sentence from two to five years and the maximum fine from €30,000 to €75,000. To combat these acts of vandalism, the federation has already signed with the Ministry of the Interior a charter that is being implemented at the level of each département. “It is important for an operator to know what to do in the event of such acts,” Michel Combot continued. Can they immediately repair or should they wait for the police?”

This cooperation should, in his view, be extended to the preventive aspect. “If the intelligence services inform the operators that operations are being prepared against their infrastructures, the operators can install surveillance cameras or send security teams.

And since we cannot put a policeman behind every tower or fibre drawer, we also need to strengthen access to such equipment. Considered as operators of vital importance (‘OIVs’), telecom operators have already seen their security level raised since the military programming law voted in 2013.

A comprehensive study on resilience

For its part, InfraNum, in partnership with the Banque des Territoires, is conducting a study on the resilience of digital infrastructures, the results of which will be presented on 22 June to Bruno Le Maire, Minister for the Economy, Finance and Industrial and Digital Sovereignty, and to the future Digital Secretary’s Office.

Among the 30 measures put forward in the context of the presidential elections, InfraNum already proposed to organise “a comprehensive study on the resilience and sovereignty of digital infrastructures in the light of network decentralisation”.

To increase resilience, a few avenues have already been sketched out, such as the burying of infrastructure, or the redundancy of technical nodes to increase the number of emergency routes. “More than half of our lines are overhead,” notes Philippe Le Grand. This is a French tradition, whereas Belgium has more of a cable culture.”

This major resilience plan would also have the merit of giving activity to the sector at a time when the ‘France Très Haut Débit’ plan should end (supposedly, this year).

Send this to a friend