BT's Mayfair exchange was burgled last night, leaving thousands of homes and businesses in central London without internet access this morning. The raid cleaned out routers, networking cards and fibre at about 9pm on Wednesday, Reg sources said. According to data at Samknows, the exchange serves about 3,000 residential premises …
Took you guys long enough!
I've been reloading the page all morning waiting for this to appear...
It makes a change.......
.....for BT to be robbed by someone. Re-arrange these words into a popular phrase: of taste medicine own a their....
Yup we have customers down...
and we have been told that service will be restored this morning... I am not convinced!
BT Monopoly !
Go straight to jail, if you pass go do not collect £200...
Mines the one with the tiny metal top hat in the pocket !
So - are we meant to believe this has nothing to do with the date it has happened on then?
I hate September 11th. Only 5 sites down with around 1600 users affected. Ho hum. At least BT are being pretty proactive with their updates.
The Robbers have released a statement....
"We were only borrowing the equipment so that we can advertise to BT better. As soon as we have a look at what types of network equipment they usually buy, we will be in a better position to sell them something they dont want to buy in the first place. Had BT opted out, none of this would have happened. Our opt-out notice is clearly displayed under the left front tyre of Mr Samson's car who lives in Green Oaks drive in lower East West London. Our methods bring better value to our customers - BT - and lots and lots of money to us. This was a legal trial - we asked our mate Joe at the pub, and he reckoned it was a great idea so long as we dont get caught."
Mine's the one that lost its Phorm because it got wet.
Stolen To Order?
Somehow I don't think this stuff will end up on ebay. Or alternatively it's someone who has finally had enough of BT's level of "Service".
What are they going to do with it?
Perhaps upgrade their own local rural exchange?
Coat because: Is that a router in your pocket?
@Took you guys long enough!
If you knew about it why were you waiting for it to appear on this site? Lack of a life?
Been there done that BTTS
Now if they had read my book on Data Centre Security this would have never happened. I suppose I must get round to writing that book one day!
That's the problem with these new fangled routers - they are light enough for a single person to lift. Bring back thermionic valves style electronics I say!
Who on earth nicks that?
Maybe Virgin are finally going to increase the coverage of their cable network.
Although the incident does give a rough indication of BTs fault detection system. Alarms go off in another building, note left for engineers to investigate in the morning. Night shift go back to sleep again.
..what.. the 10th September 2008...?
Mines the one with the Nostrodamus Calendar in the pocket.
You'd think there would BT would have a backup plan for this type of incident? What if a bomb went of near an exchange?
Forget your piddly efforts by hackers et al. A good old fashioned swag bag is how London does it !
The Met is still working on its line.....
The Met doesn't know what to say.. ??
the response we had from BT contained the following line in it...
"At 20:15 GMT on 10th September, the BT IP node site in Mayfair, London experienced a breach of security involving physical break in. This breach resulted in the removal of 38 network cards and caused service failures for our customers using UK VPN platform services. The cards were unlawfully extracted from live equipment racks and removed from site. In the process, extensive damage was also caused to BT fibres, cards and other equipment. "
"The police were alerted and this immediately became the subject of a police investigation and the police team were on site during the night, engaged with BT’s security experts. "
BT security experts.. huh??? experts... if they knew anything about security they wouldnt have let someone break into a datacentre and steel 38 line cards.. I mean how long does it take to remove 38 line cards..??!!??!??
Woo and indeed Hoo!
We're back up and working, hopefully its a permanent fix, rather than a 'get you working and we'll sort it out later' fix.
You can see why they targeted Mayfair
I imagine the equipment in that exchange was of a much higher quality.
None of the shite you would get in an exchange in Peckham
What sort of underground market is there for commercial-grade routers and other exchange equipment? Obviously there's the BOFHs of the world, but really, what end-users would need to build their own exchange for several thousand users?
What about MSN Mesenger?
Is it just my office that's down or is anyone else having problems with it? According to MS it's up: http://messenger.msn.com/Status.aspx
Cheers! That's awesome. I'm just glad that we won't face anything like that over here in the U... what? Oh, never mind.
Paris, getting deep packet inspected in the USA.
PFY or BofH?
Maybe the BofH needs new hardware?
How to get new kit in quickly...
Check eBay and craigslist... they might even find exactly what they need, fibre included!!!
It does beg some questions
So close to the City of London. Where the Police are investigating BT's relationship with one of their suppliers, and their use of routers, network cards and fibre kit to spy on their customers.
Or you might also suppose a supplier with a serious cash flow problem would want to recover the routers, network cards and fibre kit they had gifted to BT... particularly so if BT hadn't kept their part of the bargain.
Crooks with Phorm?
See how BT like it when someone steals THEIR stuff!
"The theft was small scale and technical in nature and as no forensic evidence was left, it would have been difficult to frame any advice to BT about the burglary operation, and obtain any relevant consents for the removal of network equipment, with a wording that would have any resonance at all for theory victim"
Re: Security Experts
It depends on how many people you have pulling the cards. An organised gang of four or five people should be able to pull that number of cards and pack them away in under 5 minutes. That's probably less than the SLA that BT have for a physical security response.
Where was phorm's equipment sited?
Anyone know for sure?
Thats still no fucking excuse, 5 guys bowel up to my data centre with big rain coats, horn rimed glasses, and dodgy looking porn star mustaches and their goign to get told to fuck off.. or did the 80yr old half dead security gard not see them rolling in the sack barrow???
Okay.. so they get into the car park, through all the security barriers and manage to get to the main datacentre door. where there asked to wipe their muddy chav reebok classics. They then manage to get through into the datacentre itsself, and some how also into the racks that contain major routing points for UK VPN platform services and remove 38 cards and In the process, cause extensive damage to BT fibres and other equipment.
Fuck the SLA and any other soposed security procedures.. thats sheer and utter Incompetence.
And I bet..
BT was STILL blaming it on the end users equipment being the cause of the fault.....
... there goes my companies DR link... raises an interesting question - where *is/was* BT's disaster recovery plan. Hmmmm none maybe? Oh the fun....
Those guys were pretty damn fast, could hire them for moving servers and telecomms, they know their stuff.... Damn let get those guys on a payroll...
In other news....
Irish telecom monopoly eircom announces a major upgrade to its dublin exchange......
You have a cotton picking, darn-dastardly, good point there!
We hear about DR this, and DR that, but even the 'big cheese' of British communications didn't have a DR plan or BC policy...
But a damn good point, well highlighted.
@AC RE: Steve Evans"
Poor fella, now get back to work, you! ;o)
Well it took me 3 phone calls this morning to find out about this...
Got told originally that it was a fault with our equipment, then they couldnt find my Company on the system, then they insisted they couldnt help as I didnt have the "S" number...
3rd call was the lucky one, where they actually couldnt of been more helpful... apart from maybe having a Disaster Recovery Plan...!
Still not up and working here.
I'm surpised that Guy Richies Snatch knocked nearly 8000 circuits off. I wonder if thats why there's all those rumours about her Madgesty.
Oh, and a point of note, we've not been advised that Fibre has been stolen, merely damaged (I suspect cut/pulled/broken to quickly release the cards).
They probally wanted all the metal from the racks, well thats if they took the racks hehe..
cant see them sellnig the equipment in this country tho.
Aren't these pics in breach of the OSA 1911 Section 3?
3.Definition of prohibited place.
For the purposes of this Act, the expression "prohibited place" means--
any work of defence, arsenal, naval or air force establishment or station, factory, dockyard, mine, minefield, camp, ship, or aircraft belonging to or occupied by or on behalf of His Majesty, or any telegraph, telephone, wireless or signal station, <snip>
More at http://spyblog.org.uk/2008/06/restrictions-on-photography-in-public-where-are-the-prohibited-places-designated.html
@AC - Theft of Line Cards...
Actually Ive helped dissassemble an Exchange with older equipment,
Give someone 10minutes with the line-card rack and you would be looking
at somewhere between 10 to 20 cards removed,
depending on how quick the person got used to card removal...
so all up maybe 30-40 minutes to strip the equipment into a sack and leg it...
speaking of which I can personally strip down either of my own machines
and rebuild it (including PSU removal from the case with everything else)
in about that time if I am *really* in a hurry or totally wired up on sugar :)
<< Icon is Tux because my systems are all set to something I can use
without needing to deal with a lawyer first :)
Guy Ritchie's birthday bash was going on
DO you think any one was sober enough to notice ??
We're up and running now!
We had six sites down this morning (Oddly one didnt report the lack of connectivity until 13:00 today!!) .
All are back up and running now. I'm relieved.
DR questions aside, BT did a good job getting it all back up and running.
Re: Illegal pics?
No. Your snip removes the key part of the sentence.
"any work of defence, arsenal, naval or air force establishment or station, factory, dockyard, mine, minefield, camp, ship, or aircraft belonging to or occupied by or on behalf of His Majesty, or any telegraph, telephone, wireless or signal station, or office **so belonging or occupied**,"
BT exchanges are neither property of - nor occupied by - the crown.
any Phorm kit gone?
"Stolen To Order?
By Rick LeemingPosted Thursday 11th September 2008 10:26 GMT Somehow I don't think this stuff will end up on ebay. Or alternatively it's someone who has finally had enough of BT's level of "Service".
i dont know about to order but IF therewas any Phorm DPI/layer7 kit taken then THAT WOULD EB WERTH A LOY OF MONEY to some blackhat or criminal gang as it will have all their custom code in it...
as i understand it, it you have access to this then it makes it far simpler to find and exploit any 0day options later....
neologic, I take it you've never done any work in a telephone exchange!
These places are not typically manned out of hours, if manned at all. The last exchange I worked in the physical security consisted of the usual stuff (swipe cards, that sort of thing) and a video camera; the door locks were released remotely after you'd phoned the security people and they'd clocked you on the video cameras.
Telephone exchanges are a long way from being 'data centres', even in this day and age.
Given that your modern high-tech thief's idea of a wiring tool is a set of bolt cutters, I'm quite sure they could be in and out well before plod or anyone else was on the scene.
I dont here about thefts from telco centers in countries like Germany, France, Canada. Just in the UK ???
Embassies, Consulates, etc.
Given the high concentration of foreign diplomatic posts in Mayfair, it wouldn't be surprising if some of the line cards at that particular exchange were in some way "special".
My BT Pass...
... is next to me! I have access to Mayfair but have never been there. Have been told it has the most MDF work in the country!
AC because I work for Big Thingy!
I always thought these kind of premises, you know, vital to communications and the like, were belled up to the max. And also, wasn't the interweb invented (DARPA) so that no single node knocked out could bring about communication breakdown? (Yeah I like Led Zeppelin too).
And WTF are these people doing nicking highly specialised network cards? Is there an abundance of precious metal in them that can be extracted at Peckham Scrap Metal? (I quite liked the comment about the Irish Exchange announcing an 'upgrade' though).
My flabber is truly ghasted.
- iPad? More like iFAD: We reveal why Apple ran off to IBM
- +Analysis Microsoft: We're making ONE TRUE WINDOWS to rule us all
- Climate: 'An excuse for tax hikes', scientists 'don't know what they're talking about'
- Analysis Nadella: Apps must run on ALL WINDOWS – PCs, slabs and mobes
- Apple: We'll unleash OS X Yosemite beta on the MASSES July 24