Due to the recent global pandemic, more and more consumers are now utilising connectivity inside the home for streaming and working from home purposes. This means that there is a necessity for reliable and unfailing connectivity, that in turn has seen an acceleration in the number of full fibre deployment roll outs. As the world’s traffic travels inside optical fibres, the security of data transfer and secure optical links are of the utmost and paramount importance.
The digitalisation of society, paired with the migration to cloud-based services, has increased the flow of data traffic carried through networks globally. Data breaches are becoming increasingly common in sectors such as education, finance, government and health, as they are now prime targets for hackers looking to steal customer information. This can have a detrimental impact on customer confidence and, in turn, significantly affect company finances. For this reason, as well as the transformation to a more data-centric approach compounded by the pandemic, operators must now seek to protect critical data both in flight (when it is transmitted, and spans access to long-haul networks) and at rest (when the data is onsite).
Data most at risk when in flight
Cyber security progress is definitely being made, as an increasing number of organisations now counter threats by using encryption technology. The most common forms are databases, data centres, storage arrays or hard drives, which can all fully protect data while at rest. However, it is when data leaves the premises to travel across networks that interception of data transmission and exchanges are more likely to occur, due to the threat being commonly misunderstood and harder to quantify. Therefore, maintaining complete end-to-end physical security of the links remains a key challenge for operators and as cables are easily accessible for hackers, they have become strategic targets.
Compromising a fibre network link is not as challenging as widely believed, as hackers can easily purchase software tools to tap a fibre network and remain undetected. This has become a more attractive avenue to explore for hackers, as attacking data on site has become considerably more difficult thanks to the aforementioned powerful protection mechanisms. Through quick online tutorials, hackers can even learn how to steal sensitive data from an optical fibre cable, notably in joints and splicing cassettes where the fibres are individually extracted to be spliced or routed.
Traffic across optical fibres may be travelling a substantial distance, from source to destination, and would be more secure with in flight protection mechanisms for optical systems sending and receiving information to protect the network end-to-end. But surprisingly, only a small percentage of critical data centre interconnect links have an end-to-end encryption scheme applied.
Tapping optical fibres
The vast majority of deployed fibres are single-mode fibres called ‘standard’, which comply with the international ITU-T standard for transmission. These fibres exhibit optimum bandwidth and transmission characteristics to allow the optical systems connected at the extremities to transport an unlimited amount of data capacity. ITU-T G.652.D single-mode fibres are intrinsically sensitive to bending effects, as they were initially developed and introduced for long-distance and straight links.
Fibres leak some light outside of their guide, and by using simple tools, hackers can create a small bend in the fibre to extract the light and redirect it to their computer on a diverted route through a coupler. Consequently, when bent, hackers can exploit this to tap transmitted signals and capitalise on this notable weakness. When optical fibres are not encrypted, this can be conducted freely along the network without a noticeable disturbance to transported traffic or in joints or cabinets, where the fibres are extracted out of the cables to be spliced or routed.
Instead, operators should look to utilise G.657.A2 fibres. Not only do they preserve all the key transmission characteristics of G.652.D, but they also secure all the light within the core network, even when bent. G.657.A2 fibres were initially developed for securing access networks and Fibre-To-The-Home (FTTH) networks, as these are naturally more exposed to bends and corners. This prevents any additional transmission losses created by leakages under bending. The hardened fibres drastically decrease the risk of light escaping when bent and render hacking tools ineffective, as a lack of detected light makes it more difficult to reconstruct incoming signals. The standard has subsequently been extended to all parts of the network, from metropolitan and regional distances to long-hauls.
The power of G.657.A2 fibres
Leveraging a G.657.A2 fibre is of great benefit for global operators, as it achieves the same transmission performance as regular G.652.D telecoms standard single-mode fibre, but with added bend-immunity and intrinsic traffic safety. Some operators are already placing significantly more emphasis on investing in fibre that will protect optical signals from leaking when bent, and others must follow suit. However, for maximum protection operators should implement the fibre that ITU-T classifies under its G.657.A2 category. These fibres leverage an optimised optical core profile technology with a solid single trench concept that preserve all characteristics of G.652.D fibres, and are more bend resistant than the average fibre. With glass composition, G.657.A2 fibre can prevent the optical power leakage that results in loss to the outside of the fibre, and can drastically reduce the risk of exposure to tapping and hacking.
Being able to utilise a fibre that is resilient to micro-bending effects inside the cable will ensure that operators are equipped with quasi-flat dependence on channel wavelength when G.652.D is rather steep. This ensures cable designs for increased density and a smaller footprint for easier installations in both rural and urban environments can be introduced. This resilience can also ensure that all transmission bands are secure, including upper L-bands and U-bands that present the highest exposure to micro-bending effects.
Operators should seek to leverage fibres that are future-proof, yield no compromise on main transmission parameters and have a trench-based glass design with lowered refractive index in the cladding area that prevents the optical field escaping, even under tight bends. It is essential that organisations leverage the most optimum solutions possible to prevent and counter these threats and safely transmit optical signals. In an increasingly connected world, organisations must secure and protect their customers’ data, while both at rest and in flight, and thwart potential hackers at every turn, and bend, along the way.
By Alain Bertaina, Business Development and Product Strategy Director Telecom Business at Prysmian Group.