French authorities believe the fiber optic cable cuts that disrupted Internet service across large swaths of France in April were likely the work of radical ecologists who oppose the digitalization of society, according to Kave Salamatian, a French academic who specializes in Internet resilience and who said he has been briefed on the investigation by colleagues at the National Cybersecurity Agency of France (ANSSI).
Salamatian, who has worked with French government agencies and companies on telecom issues and who is a fellow at the Centre for Internet and Human Rights, is an academic and engineer specializing in large-scale telecom networks. He said there have been scores of similar attacks on mass communication infrastructure across France in the past few years, including destruction of radio antennae and arsons targeting 5G base stations.
French authorities declined to comment on Salamatian’s assertion or to provide any details on their probe.
“There is an ongoing investigation,” a spokesperson for the Ministry of Interior said in an email. “French law does not allow us to provide you with information about it.” A spokesperson for ANSSI did not respond to an email seeking comment.
The April incident — which French telecom companies called a large-scale coordinated attack — destroyed a large number of fiber optic cables powering the French internet, and is being investigated as a crime.
The newspaper Le Parisien quoted an “operator” at the time saying that the cables were “cut on both sides to complicate the repairs … the urgency is to re-solder everything, this represents tens of thousands of small, fiber-optic cables.”
Salamatian said the April attacks are being treated with such seriousness not because cables were cut — attacks on telecommunications infrastructure have become commonplace in France — but because “they did it in a very surgical way, and they did it in a very, I would say, malicious and professional way.”
A series of attacks destroying telecom equipment
French news outlets have extensively covered other attacks on telecom infrastructure, which in many cases have been committed by ecologists and others who oppose a digital society, according to Salamatian and some of the press coverage. A French ecological news site published an investigation claiming what it said were 140 attacks on digital infrastructure across the past two years. The site featured an interview with saboteurs defending the attacks.
“For two years, acts of sabotage against telecommunications infrastructure and against the deployment of 5G have multiplied,” the ecological site’s article said. “Relay antennas are set on fire, fiber optic cables severed, pylons unbolted. During the night, people burn construction machinery, attack telephone relays with grinders or destroy electrical cabinets with a sledgehammer.”
The site listed specific attacks: “Last November alone, three antennas went up in smoke in Saint-Héand in the Loire department. A few days earlier, in Toulouse, four vans from a fiber optic installation company were on fire. In the Gard, between Salindres and Barjac, thousands of people were deprived of the internet after cables were cut with axes.”
In May 2020, Internet service was disrupted for nearly 100,000 Ile-de-France residents after cables were cut in ten places, Le Monde reported.
“The procedure suggests that the person or persons who sabotaged the cables knew very well how the network worked: the cables were cut with a grinder, and in places where the damage would be significant,” Le Monde revealed. A month earlier a similar attack on a fiber network knocked Internet service out for 20,000 people, the newspaper said.
In September, two monks based at a fundamentalist Catholic convent in the Rhône were criminally charged for setting relay antennas on fire because they opposed the deployment of 5G, according to the French news site La Depeche. They later told a judge they had acted “to protect the population from the harmful effects” of 5G, according to a local prosecutor who spoke to Agence France-Presse (AFP).
AFP reported that a convent spokesperson said the monks believed 5G “waves are very harmful to health and they wanted to act for the well-being of humanity.”
Last May, the French press reported on a wave of sabotages hitting relay antennas. Le Parisien reported at the time that investigators were studying up to twenty separate incidents and believed “the most radical elements of the protest movements radicals” were behind the sabotage. Many radicals and fringe ecologists in France oppose 5G technology and digital society, Salamatian and the French press coverage said.
Salamatian said what sets the April attacks apart is their apparent sophistication.
“It was the first case where the people that attacked your infrastructure…did the work of finding out where cutting will have the highest impact,” he said. “It was not vandalism; it was something that was really thought of and planned.”
Vulnerabilities at home
Environmental protests are familiar to Americans, though attacks targeting telecom equipment are less so. Efforts to deter Keystone Pipeline protestors from attacking the pipeline itself ramped up as protests intensified, said Bob Kolasky who worked on the issue as the then director of the Cybersecurity and Infrastructure Security Agency’s National Risk Management Center. Authorities became concerned, he said, after a few episodes where protestors would “get in the way of it operating and get close to causing harm.”
Kolasky said he worked with the Department of Justice to respond and, seeking a deterrent, DOJ mobilized local US Attorneys to charge protestors who attacked the pipeline.
“It was our view that protests involving critical infrastructure needed to be treated more seriously than normal protests,” he said.
The French attacks should be a wakeup call for American officials, said Trey Herr, director of the Cyber Statecraft Initiative at the Atlantic Council, a Washington think tank.
“We need the pipes, we need the satellites, we need the underwater cables and, unfortunately, because there are so few of them — on the order of several 100 as opposed to the several billion Internet users —there is significant vulnerability there,” Herr said. “It’s interesting to me that given the significance that this infrastructure holds there’s not as much clarity on which entities have responsibility for working to proactively secure it.”
Herr said that Atlantic Council scholar Justin Sherman released a report last year which examined the security of telecommunications infrastructure, including the software that controls the physical cables.
“I would love to see some more attention on this from this administration,” Herr said.
He said it is not an easy problem to tackle because it requires cybersecurity and physical security experts to work together.
“These are two different communities in a lot of cases and this is an area that really requires a holistic understanding of risk rather than a domain specific understanding of risk,” Herr said.