- FTTH and enterprise fiber connections are at risk of eavesdropping – and it’s not the internet traffic you need to worry about
- DAS technology analyzes the effects of vibration (or sound) on laser pulses through fiber cables
- Attackers can exploit this by using AI to decipher your conversations
New research covered by Science has revealed that the very fiber optic cables that connect billions of households and commercial premises to the Internet can actually be used as covert listening devices.
We’ve already seen undersea cables being repurposed, or multifunctional, as environmental sensors and data collection tools capable of detecting ships, earthquakes, underwater drones, anchor drags and more, but it’s now been revealed that previously low-risk fiber optic espionage is now a higher risk than ever thanks to AI.
According to the analysis, the attack is most likely on Fibre-to-the-Home (FTTH) and enterprise fiber connections, where cables physically pass close to occupied spaces where conversations are most likely to take place.
AI now makes it possible for cybercriminals to listen in on your conversations
The revelation comes from analysis of a technology called Distributed Acoustic Sensing (DAS), which effectively turns a single fiber-optic cable into thousands of vibration sensors spread along its length.
DAS works by sending laser pulses down a cable and analyzing small changes in light reflections. These changes are caused by sound waves, which cause small deformations of the fiberglass – enough to see measurable differences in the light patterns.
“We show that in almost every case where you use these fibers, this can be a privacy issue,” explained University of Edinburgh geophysicist Jack Lee Smith during a presentation at the European Geosciences Union General Assembly.
The study revealed how an attacker only needs access to one end of the cable and DAS hardware that is generally commercially available to carry out an attack, raising widespread security concerns given the proliferation of fiber optics to deliver high-speed broadband and the fact that fiber had previously been considered far more secure than copper against eavesdropping.
It also serves as an important reminder that attackers can also exploit less-reported side channels – instead of intercepting the Internet traffic itself. Remember, they use the physical cable as a vibration sensor to pick up ambient and environmental sounds.
The researchers demonstrated that under certain conditions and with the help of artificial intelligence nearby conversations, keyboard typing, television sound and other sounds could be reconstructed.
However, real-world limitations threaten its effectiveness as a spying tool. Background noise, signal degradation, cable isolation, and network branching all degrade an attacker’s chances of converting garbled light signals into reliable audio.
As for non-attackers, this technology is already being used in the UK to detect underground water leaks. It’s also used globally for pipeline monitoring, perimeter security, traffic monitoring and more, proving that the humble fiber optic cable’s uses range much, much further than just providing broadband connections.
Smith’s work shows that the real-world threat is still low, and that the best effectiveness comes from intercepting surface-level cables located within five meters of a sound. Burying a cable with even just 20cm of soil is enough to affect the sound quality, as are straight cables (even if they are at surface level).
However, while the practical risks today remain fairly low, the feasibility of the attack, combined with the rapid advances in artificial intelligence, suggest that the infrastructure deployed today may pose a more meaningful security risk in the future.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds.
