N.Y. Net Theft Raises Questions

By Shelley Solheim  |  Posted 2004-05-17

N.Y. Net Theft Raises Questions

As of late last week, local and federal investigators were proceeding with their probe into a burglary at a Midtown Manhattan telecommunications office involving the theft of several DS-3 cards that left a handful of corporate customers without Internet service for a full business day.

Although the crime appears minor, it has raised major questions about the security of the nations critical infrastructure, as well as the curious relationships among competing service providers that share space in hundreds of similar facilities across the country.

According to the New York City Police Department, three DS-3 networking cards were stolen May 2 from a New York CO (central office) of Verizon Communications Inc. This CO, also a co-location office housing competing carriers equipment, is one of the many hubs for the countrys voice and data networks and a key component of the nations critical infrastructure.

As such, the burglary automatically brought in FBI terrorism investigators. The ensuing investigation has been shrouded in secrecy. As of late last week, no arrests had been made, and the investigation is continuing, officials said.

"Everybodys overly sensitive, with reason, to the issues of terrorism or terrorists trying to sabotage the infrastructure, whether it be the Brooklyn Bridge or the Internet," Joseph Valiquette, spokesperson for the New York FBI Field Office, said about the involvement of the FBIs Joint Terrorism Task Force in the Verizon burglary.

The online operations for several New York-based businesses were shut down for almost an entire business day as a result of the Verizon theft. Ziff Davis Media Inc., publisher of eWEEK and a customer of Sprint Corp., which lost several DS-3 cards, lost all e-mail and Internet access. Yeshiva University, a customer of Qwest Communications International Inc., also a victim of the theft, lost Internet access across its Manhattan campuses.

But some COs, such as the Verizon Manhattan office, are also at the heart of an ongoing regulatory battle regarding co-location, which began as an attempt to bring competition to local telephone markets. As such, COs are the facilities where RBOC (Regional Bell Operating Company) rivals are entitled to lease space and interconnect their own equipment.

Next Page: Verizons security procedures outdated?

Outdated Procedures


But CLECs (Competitive Local Exchange Carriers), including Qwest and MCI Corp., have argued recently in legal briefs that Verizons security procedures at some COs have been outdated and unevenly administered. During the burglary at the Verizon CO on 38th Street, for example, surveillance cameras were not operating, according to a police detective involved in the case.

But rather than protest publicly, the CLECs affected by the New York theft—Sprint, Qwest, XO Communications Inc. and Looking Glass Networks Inc., according to police—have downplayed the risks and consequences.

Crime Scene Timeline

May 2, about 10:30 p.m.: ISPs co-located at Verizons central office at 240 E. 38th St. experience a network outage when a node carrying 27 DS3 networking cards fails as a result of the theft of DS-3 cards.

May 3, about 6:20 a.m.: The New York Police Department completes its crime site investigation, and ISP technicians are granted access to begin restoring service.

About 3:30 p.m.: Service is restored to ISP customers.

"There are many security issues that we do not comment on," said Sprint spokesperson Charles Fleckenstein in Overland Park, Kan.

The reluctance of CLECs to complain about CO security does not stem from an allegiance to the telcos but rather from a fear that too much criticism could get them ousted from the facilities, said sources familiar with the issue.

Since the terrorist attacks of Sept. 11, 2001, Verizon has argued that existing security measures cannot prevent damage to the infrastructure. The company also has charged that increased foot traffic in the COs as a result of CLEC access increases the risk to national security, but it has not produced any evidence to support the view. In some places, Verizon sought unsuccessfully to limit CLEC access and, in others, to prohibit it altogether.

CLECs, for their part, have said Verizon is merely attempting to stymie competition under the guise of national security.

But documents filed in an ongoing investigation by the Massachusetts Department of Telecommunications and Energy show that the theft in Manhattan was not unique. According to the records, there have been security lapses at some of Verizons other COs. The company has recorded broken locks on doors and co-location cages, destroyed card readers, disabled power systems and vandalism of equipment.

Verizon spokesperson Dan Diaz declined to comment on the theft, citing the ongoing investigation.

Check out eWEEK.coms Server and Networking Center at http://servers.eweek.com for the latest news, views and analysis on servers, switches and networking protocols for the enterprise and small businesses.

Rocket Fuel