Read Surveillance or Security?: The Risks Posed by New Wiretapping Technologies Online
Authors: Susan Landau
Cellular networks also experienced problems. While only five sites were
lost when the towers fell, by later in the day damaged phone lines and
power outages caused an additional 155 sites to fail. This constituted 5
percent of Manhattan's capacity.' Meanwhile phone usage was up because of the attacks, and the problems with landline phones caused people to
turn to their cell phones. New York City had a 400 percent increase in the
number of calls that day. The networks could not easily handle this, and
a high percentage of calls did not get through.1°
ISPs also suffered major damage. Although there was the POP loss, and
customers who directly connected to equipment in the Verizon office lost
service," with minor exceptions,12 whatever was not destroyed, functioned.
The Internet routed around trouble just as it had been designed to do.
There was fast response by the service providers to the physical destruction. By the time the New York Stock Exchange opened six days after the
attack, Verizon had rerouted fourteen thousand circuits; all of these had a
working dial tone on that Monday morning. Ten million gallons of water
had flooded into Verizon's Broad Street building, so fiber-optic cables were
routed from the street along the outside of the building and then through
fifth- and eighth-floor windows to connect with the switching fabric. By
mid-October service had been restored to 90 percent of switched voice
circuits served by the West Street building. 13
Other responses were even faster. Except where there was physical
damage to the network, the Internet was up and functioning relatively
normally on September 11.14 Its flexibility of design meant that other
systems could patch into it. This happened repeatedly, and through a
variety of different protocols, including VoIP (still a nascent service at that
time), Instant Messaging to replace voice calls," and wireless links to
working connections.16
The situation with Hurricane Katrina was somewhat different. Katrina
devastated a hundred-mile swath along the Gulf coast of Louisiana, Mississippi, and Alabama, decimating telephone switching offices, transmission lines, and cellular towers. A U.S. House of Representatives report put
it in striking terms: "The entire communications infrastructure on the
Mississippi Gulf coast was destroyed."17
Repairing such devastation did not occur as quickly as repairing the
systems in lower Manhattan. The geographic area was large, and the
destroyed communications systems were not clustered in one location. In
late September 2005, five weeks after the disaster, the director of the FCC's
Office of Homeland Security testified,
More than 250,000 customer lines remain out of service. More than 500 DS-3
equivalent interoffice facilities [standard "low bandwidth" interoffice trunks, typically provisioned between two central offices] remain down. Three public safety
answering points remain out of service. Although many cell sites have been restored,
more than 300 cell sites are still not operational in New Orleans.18
Given the importance of communications in coordinating the relief
efforts, these lingering problems exacerbated an already extremely difficult
situation.
While the BellSouth phone hub in New Orleans remained working
during the storm, most landlines were out, and a backup generator powering the city's emergency-communications radio system broke down after
being punctured by a piece of flying glass. Two forms of communication
worked: the Internet and satellite phones. Even while the phone system
was out, the broadband connection was functioning in the Hyatt Hotel
where New Orleans Mayor Ray Nagin and his staff were lodged. They realized they could use VoIP, and one aide's Vonage account became their
connection to the outside world.19
Satellite phones-mobile phones that connect via satellite instead of
through cellular towers-also functioned during the Katrina crisis. In multiple instances these were the only communication devices working. Satellite systems work when landlines and cell towers-terrestrial systems-are
damaged or destroyed, and satellites cover the world's surface, providing
connectivity in the mountains of Peru and the deserts of Afghanistan. After
the 2010 earthquake in Haiti, the International Telecommunications
Union donated a hundred satellite phones and set up a hundred Wi-Fi
hotspots.20
Satellite communications, however, are not a perfect answer. For one
thing, they are expensive. That often precludes their use, even if local
governments receive some aid to offset costs; a Congressional report noted
that, "In Louisiana, most of the parishes did not have satellite phones
because they chose to discontinue the service after the state stopped paying
the monthly fees."21 In addition, satellite phones do not work without a
line of sight between the phone and the satellite, a problem when there
are clouds, mountains, or buildings in the way.
That is what worked, and did not work, for the general public on September 11 and during Hurricane Katrina. The situation was somewhat
different for first responders: firefighters, police, and emergency medical
technicians (EMTs). One of the most disturbing lessons from September
11 was the lack of interoperable communications systems. The systems
used by the firefighters and police could not communicate. As the New
York Times reported,
Minutes after the south tower collapsed at the World Trade Center, police helicopters hovered near the remaining tower to check its condition. "About 15 floors down
from the top, it looks like it's glowing red," the pilot of one helicopter, Aviation 14,
radioed at 10:07 a.m. "It's inevitable."
Seconds later, another pilot reported: "I don't think this has too much longer to go.
I would evacuate all people within the area of that second building."22
The warnings were clear, and police evacuated; firefighters did not.
Partially the issue was cultural: firefighters were "not going to take an
evacuation order from a cop that morning."" Partially the issue was "fog
of war": the confusion, or uncertainty, surrounding adversary capability
that makes all the incoming data foggy. And partially the problem was
technical.
The firefighters' radio channel was congested. Many communications
overlapped and were impossible to understand.24 After the South Tower
fell, the Fire Department (FDNY) did issue an evacuation order for the
North Tower. Some FDNY radios did not pick it up because radio communications were impeded in the high-rise building. In other cases, the
channel was sufficiently noisy to drown out the order.25 The Times concluded, "No other agency lost communications on Sept. 11 as broadly, or
to such devastating effect, as the Fire Department."26
The issue of interoperability is not new. New York City first responders-police and firefighters-could not communicate with each other
during the 1993 bombing of the World Trade Center. Afterward the two
departments discussed establishing a common radio channel, but nothing
came of it.27 The result of the lack of interoperability was that hundreds
of firefighters died when they might have been able to evacuate the building instead.
In both the World Trade Center attacks and Hurricane Katrina, physical
infrastructure-cables, cell sites, switching offices-was destroyed, but of
course the logical underpinnings remained. Anywhere there was a connection to a network (e.g., the New Orleans Hyatt), it was possible to communicate via the Internet. The other discovery-very well known to
countries without extensive wired networks-is that it was easier to establish wireless infrastructure than wired.28
That, of course, was all true in the aftermath. What first responders use
during crises is radio.
10.2 What Is Needed?
First responders rely on Land Mobile Radio (LMR) systems consisting of
handheld radios, antennas, and a dispatch system. The radios use FCC
assigned dedicated frequencies; the particular technology is trunked mobile
radios, which use channels in a highly efficient manner to enable private
group communication. How communications travel varies with the situation: it may be through the nearest tower, through a repeater, from central
dispatch, or directly radio to radio. "Push-to-talk" functionality is necessary, whether for the firefighter in a burning building or for a SWAT team.29
Achieving interoperability for first-responder communications has been
remarkably slow. This may seem odd since civilian communications
already interoperate (a caller using an Apple iPhone on AT&T's network
can connect with someone using a Motorola Droid on Verizon's network).
Interoperability is more complicated for first responders, whose communication needs are quite different from the general public's.
Some first-responder communication patterns are highly unpredictable:
periods of minimal use punctuated by periods of high traffic. For first
responders, response is time-critical: a busy signal is not an option. Thus
first-responder communications have their own spectrum. This immediately adds one complexity, for it means that first responders are buying
special systems.
Additional complexity comes from the fact that 90 percent of first
responders are in state and local jurisdictions, and it is the individual
jurisdictions that decide what systems to buy. (To further complicate
matters, even within a single jurisdiction, police, firefighters, and emergency medical services may all use different, noninteroperable systems.)
For interoperability to exist, fifty thousand local, tribal, and state governments, and the federal system making the decisions,30 have to be convinced that they receive value for doing so. Right now different agencies
use different frequency bands and technologies, and often they cannot
communicate with one another.
Interoperability is complicated, for interoperable means widely so. Consider, as an example, firefighters, who to do their job day to day, need to
share information in a dozen different ways. When the unit chief says,
"Evacuate NOW," everyone needs to hear it. Firefighters communicate up
and down their chain of command (the incident commander, the unit
chiefs, the individual firefighters); those systems need to be interoperable.
Fire departments provide mutual aid across communities; a large fire in
one district draws firefighters from nearby ones, whose areas in turn are
covered by departments from neighboring localities. In addition, firefighters communicate with police, EMTs, hazardous-material teams, and so on.
All the communications systems need to be interoperable.
Interoperability does not mean that every firefighter should be able
to communicate with every police officer or every EMT on the scene via
radio; there would be too much chatter.31 First responders work within
hierarchical teams. LMR systems have multiple channels and these may be dedicated in various ways: one channel per fire company, one "fire"
channel for command and control for the different fire chiefs to communicate, one channel for EMTs, and so forth.32 That is the solution if the
system has been engineered to be interoperable.
Making change happen is not easy. Currently interoperability may
consist of the police at the scene having a single radio to communicate with
another agency's network.33 Or interoperability may consist of the firefighters' unit commander standing with the police commander and the two share
information they are garnering from their radios.34 "The biggest barrier [to
interoperability] is the human barrier," Chris Essid, director of emergency
communications at DHS, explained. "It's the coordination aspect."" Cost
is also a factor; while there are federal grants to help local communities
update their systems to interoperable ones, funds to do so are limited.36
Following a general pattern, these communications systems are moving
to IP-based devices because of the robustness, flexibility, and lower cost of
packet-based communications. Furthermore, IP-based systems allow the
sharing of data as well as voice.37 There is real value in a firefighter being
able to download the building plans as the fire truck speeds to the site.
The focus on interoperability and functionality is not surprising, but it
might seem as if communications security is not on the list. In fact, it
is-as well it should be. In the federal push for interoperable systems, the
government included encryption in the standards, and most federal firstresponder systems use encryption (AES) to secure their communications.
But while law enforcement naturally embraced secured communications,
other first responders have been less sure of the need. Sometimes when
federal agents operate with state or local first responders, the federal agents
have to shut off the encryption, because the state and local systems are
unencrypted and the systems cannot interoperate. DHS is pressing to have
all first responders use encrypted communications systems.
NSA has been a strong supporter of this effort. In 2005 NSA instituted
Suite B, a full set of public algorithms for the transmission of both unclassified and classified communications (see chapter 3 for a fuller explanation
of Suite B). NSA's Information Assurance Directorate is responsible for
securing national-security communications; Dickie George, IAD's technology director, wants to see secure communications on the civilian side too.
He explained, "We've got Type 1 Suite B product that we can use at the
highest level of communications"-meaning in communications with the
president-"and we've got to have straight commercial Suite B systems that
are available [for purchase] at the mall, at Radio Shack, for first responders.
Everyone buys into the concept," George said.38
If communications systems with end-to-end encryption can be bought
at the mall by first responders, they are also available at the mall for anyone
else. End-to-end encryption may not be in standard use in wired or cellular
phone systems, but it is part of Skype and Gmail, and the Information
Assurance Directorate wants to see it in wireless radio systems available for
sale at the mall. This policy suggests that at least a piece of NSA approves
securing communications within the United States through the use of
end-to-end encryption.