- FTTH and enterprise fiber connections are at risk of being intercepted, and it’s not internet traffic you should be worried about.
- DAS technology analyzes the effects of vibrations (or sound) on laser pulses through fiber cables
- Attackers can take advantage of this with the help of AI to decrypt your conversations.
New research covered in Science has revealed that the very fiber optic cables that connect billions of homes and business premises to the Internet could be used as covert listening devices.
We’ve already seen undersea cables repurposed, or multipurpose, as environmental sensors and data collection tools capable of detecting ships, earthquakes, underwater drones, anchor trawling, and more, but it has now been revealed that previously low-risk fiber optic spying is now a higher risk than ever thanks to AI.
According to the analysis, the attack is most likely on fiber-to-the-home (FTTH) and enterprise fiber connections, where cables run physically close to occupied spaces, where conversations are more likely to occur.
AI now allows cybercriminals to listen to your conversations
The revelation comes from analysis of a technology called Distributed Acoustic Sensing (DAS), which effectively turns a single fiber optic cable into thousands of vibration sensors distributed along its length.
DAS works by sending laser pulses through a cable and analyzing minor changes in light reflections. Those changes are caused by sound waves, which cause small deformations in the fiberglass, enough to see measurable differences in light patterns.
“We showed that in almost all cases where these fibers are used, this could be a privacy issue,” explained University of Edinburgh geophysicist Jack Lee Smith during a presentation at the European Geosciences Union general assembly.
The investigation revealed how an attacker only needs access to one end of the cable and the DAS hardware that is typically commercially available to carry out an attack, raising widespread security concerns given the proliferation of fiber optics to provide higher speed broadband and the fact that fiber had previously been considered much more secure than copper against interception.
It also serves as an important reminder that attackers can also exploit less-reported side channels, rather than intercepting Internet traffic itself. Remember, they are using the physical cable as a vibration sensor to pick up ambient and ambient sounds.
The researchers showed that, under certain conditions and with the help of artificial intelligence, nearby conversations, keyboard typing, television audio and other sounds could be reconstructed.
However, real-world limitations threaten its effectiveness as a spy tool. Background noise, signal degradation, cable isolation, and network branching degrade an attacker’s chances of converting distorted light signals into reliable audio.
As for non-attackers, this technology is already being used in the UK to detect groundwater leaks. It is also used globally for pipeline monitoring, perimeter security, traffic monitoring and more, proving that the uses for the humble fiber optic cable span much, much more than simply providing broadband connections.
Smith’s work shows that the real-world threat remains low, and that the best effectiveness comes from intercepting surface-level coiled cables placed five meters from a sound. Burying a cable even just 20cm above the ground is enough to affect sound quality, as are straight cables (even if they are at surface level).
However, while the practical risks today remain fairly low, the sheer feasibility of the attack combined with the rapid pace of advances in AI suggests that infrastructure deployed today could present a more significant security risk in the future.
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds.
