Could this be more CLODO attacks?

"Machines in Flames is an experimental documentary that details the journey Thomas and Andrew underwent in the search for the group CLODO (Committee for Liquidation and Subversion of Computers). CLODO were/are an elusive group who were invested in attacking and burning down computer centres in France in the early 1980s. After a series of attacks in Toulouse, they disappeared and were never discovered."

https://machinesinflames.com/ https://theanarchistlibrary.org/library/le-clodo-clodo-speak... https://landscapesurgery.wordpress.com/2022/05/23/machines-i...

This is a option that shouldn't be discounted. Listened to the excellent Popular Front podcast on CLODO (https://podcasts.apple.com/gb/podcast/the-anti-tech-militant...). These were very sophisticated, probably computer scientists themselves who were horrified at how the tech would be used and sabotaged a lot of the infrastructure. Seemingly just to make a point in the history books that the way things went was not without resistance.

>This is a option that shouldn't be discounted.

Why not? In all of the material that you and GP link to, it is said that CLODO was last active in the 80's and then vanished, never to be heard from again. That's over 30 years of apparent inactivity. There are some coincidences between the target and CLODO's previous targets, but... that's it.

Edit: From Wikipedia...

>Since December, 1983, CLODO has no longer been classified as 'active' by the National Consortium for the Study of Terrorism and Responses to Terrorism.

So, forty years, not thirty.

CLODO is a French slang word for homeless, in my youth (50 years ago) it was used sometimes as a synonym for "hippie".

"One who chooses not to conform to prevailing social norms: especially one who subscribes to values or actions such as acceptance or self-practice of recreational drug use, liberal or radical sexual mores, advocacy of communal living, strong pacifism or anti-war sentiment, etc."

https://en.wiktionary.org/wiki/clodo

You don't need to be a "professional" to find where important internet cables are, lift manhole covers and chop them in two places with some sort of cordless powertool or whatever. You just need to be motivated enough to do a targeted vandalism instead of a random one. This reminds me of computer hacks where the victim describes the attack as "sophisticated" to try and hide their own security incompetence.

Multiple separate locations,

coordinated at the same time partly at night,

using power tools to cut fiber in ways that are hard to repair,

That does scream professional job.

Now I agree that many countries manage their physical network security in a weak/ lousy way.

Interestingly, poorer countries tend to do a better job because they know people will mess with infrastructure.

It's a level of "professionalism" and coordination that can be easily expected of some random Dota player.

I fail to see any sophistication here.

Motivation, on the other hand, is above and beyond.

Coordinating people is hard. Moreso at night. And while breaking the law. That’s the sophisticated part, discipline.

The difference between coordinating in meatspace vs a computer game is being under-valued in this thread.

To a fairly absurd degree!

Hardest part of this is actually knowing where and what. I agree that actual timing part is quite trivial, everyone has clocks.

That actually sounds a lot like Dota, to be fair.

What does night time have to do with it?

Multiple locations, coordinated roughly at the same time: that's boyscout level hard. You need a map and a watch, is all.

You don't need power tools, just a cutter. This is fiberglass coated in something like PVC. A knife will do. This "hard to repair" refers to making two cuts, a bit further apart than whatever slack is in the cable. You do that by taking up the slack, then making cuts where the cables don't touch.

It does not scream professional in the slightest, only motivation and a few like-minded people.

Not speaking about what they need:

That's what they used.

And I guess they did use power tools to go faster for the two cuts required.

I think you underestimate the work needed, especially when doing black bag (IE illegal and covert) operations.

Now maybe some people with actual experience could give us better figures, ... But they tend to stay quiet

Watch is superfluous.

They way it's done is everyone checks in to a group chat when they are in position and then one person in charge (either back at home or even himself in the field) tells the group to go when he judges everything to be ready.

Would you know where to cut in your metro to ensure maximum impact to the target?

Is that the type of thing they teach in the scouts these days?

You walk along major roads, railways, rivers and under bridges checking for manholes. They have the owners' names on them. If it's the name of a telco, there's fiber in there.

A decent high leverage cable cutter costs under $50 and cuts through fibre like butter. A few seconds at each point where fibre is accessible is all that's needed to do damage that costs hundreds to thousands of dollars to fix. Damage a cable in multiple locations and it's pretty easy to create a 24+ hour outage as repair crews won't know the extent of damage until multiple repairs are made. Physical telecom infrastructure is really easy for a determined attacker to take out of service, and if they're wearing an orange vest, nobody will think twice to question them.

Reading between the lines of the previous reports the particular locations chosen to cut seem to suggest some inherent knowledge about major transport networks.

In the sense they knew where to go to take down primary and backup paths etc. Cut the cables twice to prevent easy splicing etc.

Reminds me of the Metcalc power infrastructure attacks [0]. Can't help but feel these are some sort of state level trial runs of some sort.

We're seeing this with Ukraine & starlink to some extent - infra is now a key component of warfare & frankly dry runs make sense in that context. Same with testing your ability to cut undersea cables

[0] https://en.wikipedia.org/wiki/Metcalf_sniper_attack

Was thinking same.

My guess is it was a handful of French former telecom workers and, generally speaking, complete dicks.

There have recently been layoffs at Scopelec, an Orange subcontractor. Some media in France hinted at a link between these layoffs and this sabotage.

That sounds more likely than this weird claim.

> In June, CyberScoop reported claims that “radical ecologists” who oppose digitalization may be behind the attacks.

I wouldn’t rule out a nation state “practice” attack though.

> I wouldn’t rule out a nation state “practice” attack though.

I would...

Backbone routers scattered across the country suddenly go dark, nobody has any idea what happened, and logs are missing? Sure, you can pin that on nation-states if you want. Or APTs, Annoyingly Persistent Teenagers, depending on the style of the attack.

"Physically going into another nation and cutting their infrastructure up" is closer to an act of war than most nations will get for "practice."

Possible, but very similar to theft, it is usually an "inside job".

?

Probably not what happened here but has there ever been a case of a cable getting cut to force all traffic through a compromised node?

With the wide spread use of SSL that is unlikely to be useful for pretty much anything.

Maybe.

2 weeks after mass graves were found outside Kyiv. 2 days after Macron wins the election and is congratulated by Putin. Tensions were heightened in unusual ways. Motive was probably not in short supply.

Disgruntled worker Vandalism? Anti-tech vandalism? Attack on broad flows of traffic by a nation-state?

Or maybe a highly targeted attack against an unidentified victim entity who relied on multiple redundant links for security/comms in a sexy French movie-style heist? Someone should check to see if the Mona Lisa has been replaced with a fake.

I’ve watched too many movies, but this sounds like part of a heist.

I'd put this down to the simple matter of a seriously disgruntled telecoms engineer on bad pay and conditions being fired for some reason.

How to cut a cable is not exactly a secret.

What is the certain way that was used that makes people think it was a professional? A clean cut is easier to fix that a hacksaw cut, but the technician can always cut off an extra piece to have a clean cut to join. A large missing piece is harder to fix, but even non professionals could think of that. Not sure what else was done to those cables.

Professional will remain professional about their tradecrafts.

Non-professionals continue to get their smarts from dubious sources (like street-creds, or in this case, poor journalism).

It is how our civilization remains propped up and properly so, as now the professionals will have additional headaches to deal with today.

Are you serious. It's not a secret that circular saws are effective at cutting things.

it is how they used the circular saw and who taught them?

Its well known that if you cut any given cable in two places and remove a section, fixing it is a real PITA.

And if you make a dogs dinner of it, all the better.

Reminds me of the "received knowledge" at school that gangsters tape two Stanley knives together as two parallel cuts can't be stitched.

Never heard of it outside of kids talking about things to sound like they were tough and didn't actually have a nice house and teddy bears.

A far more effective way to sabotage the infrastructure would be to plant a bomb there, in the hole. It does not even have to be a functional bomb. It's enough to just make the repair technicians fear for their lives. It will take a lot of time for them to call a bomb disposal unit, and so on.

And then you repeat that a couple of times at random places. If you don't want to kill people, the first bombs should be duds, but occasionally some of the later bombs should be real, so they don't let down the guard, but learn to fear the repair jobs.

Then after that, EVERY SINGLE repair job, even when you didn't actually sabotage it yourself, would become super-expensive and take lots-and-lots of time.

After you trained them, you can lower the number of sabotages with mostly duds, and the occasional real bomb, to just once every couple of months. They still need to handle every single repair job as if you had been there. Minimal cost for you, maximized cost for them.

There. I optimized it for you.

It also scales up law enforcement's efforts to catch you, and pushes the criminal act you would perform up to terrorism. There are not many who would be willing to throw away their lives for acts that mostly just cause a bit of economic damage.

I would tend to think that already this case would be considered as terrorism as it is an attack on national critical infrastructure.

Yeah. It's fortunate that we are not psychopaths hellbent on causing mayhem.