A View from Simson Garfinkel
Verizon's Spring Break-in
Years ago, when I was running my own ISP, I had to visit a rack of equipment we had at a collocation facility in Boston. I went to the front door of the building, knocked, and was shocked to find…
Years ago, when I was running my own ISP, I had to visit a rack of equipment we had at a collocation facility in Boston. I went to the front door of the building, knocked, and was shocked to find that the front door was open. I walked through the facility, opened an inside door, walked up to my equipment, unplugged it, and did the necessary service.
I was astonished at the lack of security at the facility. I sent email to the director and was told that it was a one-time oversight.
Security at many telco-run co-location facilities is really terrible. Case-in-point is the May 2 break-in at a Verizon co-location facility in New York City, which was robbed in the middle of the night. New York City Police estimate that $433,000 of customer equipment was stolen. eWeek has written an in-depth review of the incident—the first that I have seen.
Most disturbing findings: the front door was left open. The security cameras had been removed, awaiting an upgrade. There was no on-premise security. There were no internal locks.
According to the article, “some 51 pieces of networking gear, including DS3 cards, transporters and an array of other types of circuits boards, were stolen from four carriers — enough equipment to fill two diffel bags.“