View
5
Download
0
Category
Preview:
Citation preview
Network Attacks
What is the scale of the task, just how big is the Network?
Openreach looks after the ‘first mile’ of network, from the exchange through to homes and businesses.
Kaizen Change Team 3
What makes up the component parts of the first mile?
In excess of 5600 Telephone Exchanges.
88400 Primary Connection Points (the green cabs by the road side).
37.9 million Exchange side cable pairs.
42.8 million Distribution side cable pairs.
7.5 million Exchange Only cable pairs (cable direct from the exchange).
8 million cable joints.
That’s a massive amount of Copper !!
Kaizen Change Team 4
The Openreach Network would need many “eyes”
to police it!
- -
88.4kPCP
37.9M E Side Pairs
7.5M Direct FedCable Pairs
1.6M OH DP’s2.3M other DP’s
8M EO / D Side Joints
42.8M D Side Pairs
28.96M Exchange Lines
SCP
5600 or so Exchanges
Kaizen Change Team 5
Overview of the problem
Copper prices have more than doubled in the last four years as China is importing huge quantities of the conductive metals,
this is driving a wave of thefts across the globe from South Africa and the US to Italy and the UK.
Over the last 18 months there has been an increased number of attacks on the network involving cuts, arson & theft of live cable.
Thefts of live cable are indiscriminate and pose a threat to community safety, with subsequent risk to BT‘s reputation and revenue.
The price of copper shows no sign of falling and Openreach needs to radically change it’s attitude to security particularly in the network.
Kaizen Change Team 6
What is the size of the Impact?
On average 14,000 End Users experience a loss in service each month.
On average that’s 168,000 End Users a year.How many other crimes have so many victims?
As much as 90,000 total days per month when end-user lines were out of service. [Data from vandalism stats]
Or put another way that’s just over 1 million out of service days a year.
Kaizen Change Team 7
Who are some of these End Users who have lost their service so far ?
Blue Light Services - Eltham
Air Traffic Control - Stansted.
Thurleigh Airfield.
Ministry Of Defence.
Doctor Surgeries.
DVLA.
City Councils.
Borough Councils.
Post Offices.
Business Parks.
Shopping Centres.
Bingo Hall’s.
Taxi firms.
RedCare.
Retail Parks.
Internet Cafes.
Plus many thousands of Homes which have lost Alarm Lines, Care Lines, Broadband Services & Telephone Lines
Kaizen Change Team 8
Any Cable will do!
The perpetrators of these Network Attacks act with no regard to the consequences of their actions and the impact that they have on society, from a wellbeing and economical view point.
At least one instance is recorded where an Internet Café ceased trading due to prolonged and repeat Network Attacks.
Kaizen Change Team 9
Reported Network Attacks
October 2007 – 188 attacks
November 2007 – 197 attacks
December 2007 – 156 attacks
January 2008 – 169 attacks
February 2008 – 164 attacks
Total – 874 attacks
Although since October the attack profile is on a slight downward trend, the actual impact has increased due to larger cables being targeted. These larger cables carry a greater number of circuits due to their increased capacity and the time required to restore service is longer.
150
160
170
180
190
200
Oct-07 Nov-07 Dec-07 Jan-08 Feb-08
Num
ber o
f Atta
cks
Kaizen Change Team 10
When do these attacks take place? (last 5 months data)
0
20
40
60
80
100
120
140
00:00 01:00 02:00 03:00 07:00 08:00 09:00 10:00 11:00 12:00 13:00 14:00 15:00 16:00 17:00 18:00 19:00 21:00 22:00 23:00
Time of Attack (24hrs)
Num
ber
of A
ttack
s
Kaizen Change Team 11
What is the cost of these Network Attacks to Openreach?
The following cost data is based on a sample size of 119 reported Network Attacks between the Period October 07 and February 08.
Average cost per Network Attack - £6.8k
Multiply the average cost by the number of reported attacks between October 07 and February 08 (5 months).
Total average cost for period - £5.9mTotal average cost for 12 months - £14.2m
Potential liability for loss of service.Monthly average liability cost - £360k
Kaizen Change Team 12
Cable theft & copper price trends
020406080
100120140160180200
Apr
-06
May
-06
Jun-
06
Jul-0
6
Aug
-06
Sep
-06
Oct
-06
Nov
-06
Dec
-06
Jan-
07
Feb-
07
Mar
-07
Apr
-07
May
-07
Jun-
07
Jul-0
7
Aug
-07
Sep
-07
Oct
-07
Nov
-07
Dec
-07
Jan-
08
Feb-
08
Loss
£k
Cu Price
TEC cable
Netw ork cable
Total cable
$6.5k/t
$8.5k/t
Network damage and copper price trends
100120140160180200220240
May-06
Jul-0
6Sep-0
6Nov-
06Ja
n-07Mar-0
7May-0
7Ju
l-07
Sep-07
Nov-07
Jan-08
Mar-08
May-08
Jul-0
8
Loss
£k
Netw ork damage
$6.5k/t $8.5k/t
cu price
Trend 2 shows an illustration of the impact of network damage in the access network which is outpacing the commodity price for copper. Whilst less copper overall is being stolen the damage element is greater leading to service impact and customer outages. Evidence suggests that thieves are taking smaller amounts of cable in some areas but that cuts at the duct mouth joints are leading to significant replacement of cable and increased engineering time/effort to resolve
The commodity price of copper metal has increased significantly since May 06. this graph shows that total cable theft has dropped against that trend line mainly with the reduction in theft from TECs as consequence of removal of surplus cable [an attraction for theft]. Furthermore additional security initiatives such as cable containment and containment locking. Plus significant investigative work and a number of arrests and seizure of financial gains from thieves. Despite the decline of theft from TECs theft from the access network has increased significantly
Kaizen Change Team 13
Where do we want to be3 - 6 months– a full understanding of financial and customer impact to define strategic financial
support required to build business case for mitigating action– customer impact data used for ongoing debate with government on taking more
proactive action, to help review both the UK community impact and any judicial reassessments to stem the problem and to review policing priorities with a view to developing pan UK targeting in this area
– additional investigators provided and targeted towards detection/ apprehension working specifically on cable theft
– Use of Crimestoppers to get the message into the public domain and to secure greater public an community interest / intelligence and support
– risk assessment completed for people safety, financial loss /impact, community / customer impact and security standards against horizon scanning of the problem growth
– full rolling log of all events with action taken and storybook of improvements and benefits
Kaizen Change Team 14
Where do we want to be (2)Long term 6-12 months– increased number of arrests with Openreach / BT becoming less attractive as a
target– reduction in successful attacks across the network prioritised on "E" side– a shift in the society view of impact of cable theft driven through the ACPO
[Association of Chief Police Officers] positioning to the Home Office leading to greater government engagement
– Next generation security product both physical and electronic injected into the network through capital funded programme of work. Programme fully imbedded and working to target
– availability of Personal alarming where we believe our engineering workforce will be at risk as perpetrators look for others ways of gaining access to copper cable as we lock down the network
– fully intelligence led trend analysis to enable targeting of perpetrators and prioritisation of protection by geographic location
– security as BAU into network planning process- all replaced/ maintained plant has security added as part of business as usual
Kaizen Change Team 15
Where do we want to be (3)Horizon scanning - 5 years– in high impact areas [HOT spots] replace copper with fibre solution based on
risk assessment, attack trends and intelligence and customer service provision against cost benefits
– all vulnerable high impact areas of the network secured– Higher level of government sentencing through lobbying regarding community
impact– 40% of "D" side access network secured in set geographic locations -
dependant on funding availability– increased people security measures
Kaizen Change Team 16
Kaizen Change Team 17
What we are doing securing the networkReactive security upgrades to the network following an attack
Crime analysis to identify areas with a raised vulnerability
Proactive security upgrades where there is deemed to be a raised vulnerability.
Operational engagement to identify vulnerable areas.
Security patrols mobile/static where appropriate.
Development of new more cost effective security products.
Feedback process for intelligence.
Welding of covers in exceptional circumstances.
Engagement with the community.
Kaizen Change Team 18
Security Products
Current Products
Lockable Carriageway covers
Plates Plant protection
PCP locks
New Products
Lockable footway covers
New lockable carriageway cover
Hinged Footway and Carriageway covers
Adjustable Plates Plant Protection.
Kaizen Change Team 19
Plates Plant Protection (Enhanced Security)
Kaizen Change Team 20
PCP (KABA Cabinet Shield Lock)
PCP (Barnet Cabinet Lock 2A)
Products for protection of above ground plant
Kaizen Change Team 21
Products for protection of underground plant
Lockable Carriageway Covers No 1, 2 & 3
Kaizen Change Team 22
Norenco Hinged Cover
Kaizen Change Team 23
Norenco Hinged Cover
Kaizen Change Team 24
Engaging with the Operations teams
The Kaizen team continue to facilitate the Network Attack workshops, which are all about engagement with the Field Operational teams who are suffering from particularly high levels of Network Attacks.
These events have been supported by the Openreach Business Continuity senior team, BT Security Investigations plus several senior field managers from the field teams effected, along with a number of security leads including the Director of Security, BT Operate.
Feedback shows that both the field and security teams really value these sessions, and the Kaizen team are facilitating some more over the next few weeks.
Kaizen Change Team 25
Engaging with the Operations teams - Communications
The openreach security team have been liaising with local operations managers to provide close-up support and briefing material, where appropriate
Use of SMS text messaging to alert teams to network attacks in their area
Working with regional security champions to help raise awareness
Provision of Impact Template (for attacks involving cables over 300 pair) to ensure true impact of attacks are identified and passed to Group Investigations
Kaizen Change Team 26
Engaging with the experts
The Kaizen team are setting up a meeting of minds workshop to scope the potential for making our cables more resistant to theft or attack by adopting the 3 D’s (Deter, Delay and Detect).
Invited attendees so far:– B3 Cable Solutions– BT Investigations– Optex Europe (manufacture of specialist internal and external
detection technology)– Field Operations
Kaizen Change Team 27
Engaging with Government and Law Enforcement
Security Managers of affected companies lobbied for more action
Government wrote to the Association of Chief Police Officers
Task group set up under the Chairmanship of the British Transport Police
Associated trade bodies, other enforcement agencies and Government departments have come together to obtain a co-ordinated view on
the extent of current legislation and
the effectiveness of enforcement
Kaizen Change Team 28
Initial findings on the current position
Cross Sector Metal Thefts Action Group formed
Metal theft will remain a problem for at least five more years
Copper, lead, aluminium, nickel, zinc, tin, bronze all targeted
Police estimate consequential loss to UK sectors at £180m p.a.
Police concern of secondary entry by children where theft is from a high voltage enclosure
Kaizen Change Team 29
National Metal Theft Taskforce
Cross Sector Metal Thefts Action Group formed
Four regionally based teams
Dedicated command team
Supported by police intelligence resources
Kaizen Change Team 30
Openreach Mitigation
Blackspot Analysis of network attacks
Cabinet Security Uplift Programme (1000 Cabinets Per annum)
Network Security Uplift (£1 m Reactive)
Network Security Uplift (£1 m Proactive)
Development of new security products
Network Attack Workshops & Audio Calls
Security Briefings
Kaizen Change Team 31
When and where security is applied
Following an attack on the network.
When requested and paid for by customers.
When serving a sensitive site (Government, MOD etc).
Exchange Manholes and pinch points in the network.
When attacks/crime in an area indicate that plant is vulnerable,
When the network is thought to be at high risk.
Kaizen Change Team 32
Your Help is needed
• To identify “hotspots” for network security uplift.• To agree the criteria for cabinet security uplift. • Identify suitable Single Points of Contact and resource to plan &
progress security uplift. • To get all Security incidents reported to the Police and BT
Security on 0800 321 999. • Ensure network security locks are refitted.• Ensure missing/broken security locks are reported via A1024
process. (0808 100 1024)
Kaizen Change Team 33
End
Recommended