back to article BT's Mayfair exchange downed by burglary

BT's Mayfair exchange was burgled last night, leaving thousands of homes and businesses in central London without internet access this morning. The raid cleaned out routers, networking cards and fibre at about 9pm on Wednesday, Reg sources said. According to data at Samknows, the exchange serves about 3,000 residential …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    Took you guys long enough!

    I've been reloading the page all morning waiting for this to appear...

  2. Jay Castle
    Happy

    It makes a change.......

    .....for BT to be robbed by someone. Re-arrange these words into a popular phrase: of taste medicine own a their....

  3. Ben King
    Pirate

    Yup we have customers down...

    and we have been told that service will be restored this morning... I am not convinced!

  4. Riscyrich
    Coat

    BT Monopoly !

    Go straight to jail, if you pass go do not collect £200...

    Mines the one with the tiny metal top hat in the pocket !

  5. Anonymous Coward
    Anonymous Coward

    Economic sabotage

    So - are we meant to believe this has nothing to do with the date it has happened on then?

  6. Nick
    Thumb Up

    Great!

    I hate September 11th. Only 5 sites down with around 1600 users affected. Ho hum. At least BT are being pretty proactive with their updates.

  7. Jonathan
    Coat

    The Robbers have released a statement....

    "We were only borrowing the equipment so that we can advertise to BT better. As soon as we have a look at what types of network equipment they usually buy, we will be in a better position to sell them something they dont want to buy in the first place. Had BT opted out, none of this would have happened. Our opt-out notice is clearly displayed under the left front tyre of Mr Samson's car who lives in Green Oaks drive in lower East West London. Our methods bring better value to our customers - BT - and lots and lots of money to us. This was a legal trial - we asked our mate Joe at the pub, and he reckoned it was a great idea so long as we dont get caught."

    Mine's the one that lost its Phorm because it got wet.

  8. Rick Leeming

    Stolen To Order?

    Somehow I don't think this stuff will end up on ebay. Or alternatively it's someone who has finally had enough of BT's level of "Service".

  9. Frostbite
    Coat

    Upgrade time?

    What are they going to do with it?

    Perhaps upgrade their own local rural exchange?

    LOL

    Coat because: Is that a router in your pocket?

  10. Anonymous Coward
    Anonymous Coward

    @Took you guys long enough!

    If you knew about it why were you waiting for it to appear on this site? Lack of a life?

  11. Charles Smith
    Alien

    Been there done that BTTS

    Now if they had read my book on Data Centre Security this would have never happened. I suppose I must get round to writing that book one day!

    That's the problem with these new fangled routers - they are light enough for a single person to lift. Bring back thermionic valves style electronics I say!

  12. Steve Evans

    Fibre?

    Who on earth nicks that?

    Maybe Virgin are finally going to increase the coverage of their cable network.

    Although the incident does give a rough indication of BTs fault detection system. Alarms go off in another building, note left for engineers to investigate in the morning. Night shift go back to sleep again.

  13. Alex
    Coat

    @Economic sabotage

    ..what.. the 10th September 2008...?

    Mines the one with the Nostrodamus Calendar in the pocket.

  14. Scott Millar

    Not backup?

    You'd think there would BT would have a backup plan for this type of incident? What if a bomb went of near an exchange?

  15. Daniel Roper

    DOS Attacks

    Forget your piddly efforts by hackers et al. A good old fashioned swag bag is how London does it !

  16. Anonymous Coward
    Anonymous Coward

    The Met is still working on its line.....

    The Met doesn't know what to say.. ??

  17. Anonymous Coward
    Anonymous Coward

    Security Experts..?!?!?

    http://stores.ebay.com/SwitchXchange_Cisco-MGX-8000_W0QQcolZ4QQdirZ1QQfsubZ2QQftidZ2QQtZkm

    the response we had from BT contained the following line in it...

    "At 20:15 GMT on 10th September, the BT IP node site in Mayfair, London experienced a breach of security involving physical break in. This breach resulted in the removal of 38 network cards and caused service failures for our customers using UK VPN platform services. The cards were unlawfully extracted from live equipment racks and removed from site. In the process, extensive damage was also caused to BT fibres, cards and other equipment. "

    "The police were alerted and this immediately became the subject of a police investigation and the police team were on site during the night, engaged with BT’s security experts. "

    BT security experts.. huh??? experts... if they knew anything about security they wouldnt have let someone break into a datacentre and steel 38 line cards.. I mean how long does it take to remove 38 line cards..??!!??!??

  18. Nick

    Woo and indeed Hoo!

    We're back up and working, hopefully its a permanent fix, rather than a 'get you working and we'll sort it out later' fix.

  19. John Bayly
    Coat

    You can see why they targeted Mayfair

    I imagine the equipment in that exchange was of a much higher quality.

    None of the shite you would get in an exchange in Peckham

  20. Tim Spence

    Buyers

    What sort of underground market is there for commercial-grade routers and other exchange equipment? Obviously there's the BOFHs of the world, but really, what end-users would need to build their own exchange for several thousand users?

  21. Lloyd
    Pirate

    What about MSN Mesenger?

    Is it just my office that's down or is anyone else having problems with it? According to MS it's up: http://messenger.msn.com/Status.aspx

  22. This post has been deleted by a moderator

  23. Alan W. Rateliff, II
    Paris Hilton

    @Jonathan

    Cheers! That's awesome. I'm just glad that we won't face anything like that over here in the U... what? Oh, never mind.

    Paris, getting deep packet inspected in the USA.

  24. Robert Biebricher
    Dead Vulture

    PFY or BofH?

    Maybe the BofH needs new hardware?

  25. Gulfie
    Happy

    How to get new kit in quickly...

    Check eBay and craigslist... they might even find exactly what they need, fibre included!!!

  26. Anonymous Coward
    Anonymous Coward

    It does beg some questions

    So close to the City of London. Where the Police are investigating BT's relationship with one of their suppliers, and their use of routers, network cards and fibre kit to spy on their customers.

    Or you might also suppose a supplier with a serious cash flow problem would want to recover the routers, network cards and fibre kit they had gifted to BT... particularly so if BT hadn't kept their part of the bargain.

    :o)

  27. Anonymous Coward
    Happy

    Crooks with Phorm?

    See how BT like it when someone steals THEIR stuff!

  28. Anonymous Coward
    Joke

    ICO said...

    "The theft was small scale and technical in nature and as no forensic evidence was left, it would have been difficult to frame any advice to BT about the burglary operation, and obtain any relevant consents for the removal of network equipment, with a wording that would have any resonance at all for theory victim"

  29. Mick Sheppard

    Re: Security Experts

    It depends on how many people you have pulling the cards. An organised gang of four or five people should be able to pull that number of cards and pack them away in under 5 minutes. That's probably less than the SLA that BT have for a physical security response.

  30. Sam

    One question

    Where was phorm's equipment sited?

    Anyone know for sure?

  31. neologic2k

    No Excuse

    Thats still no fucking excuse, 5 guys bowel up to my data centre with big rain coats, horn rimed glasses, and dodgy looking porn star mustaches and their goign to get told to fuck off.. or did the 80yr old half dead security gard not see them rolling in the sack barrow???

    Okay.. so they get into the car park, through all the security barriers and manage to get to the main datacentre door. where there asked to wipe their muddy chav reebok classics. They then manage to get through into the datacentre itsself, and some how also into the racks that contain major routing points for UK VPN platform services and remove 38 cards and In the process, cause extensive damage to BT fibres and other equipment.

    Fuck the SLA and any other soposed security procedures.. thats sheer and utter Incompetence.

  32. Anonymous Coward
    Thumb Down

    And I bet..

    BT was STILL blaming it on the end users equipment being the cause of the fault.....

  33. Simon
    Stop

    Oh well..

    ... there goes my companies DR link... raises an interesting question - where *is/was* BT's disaster recovery plan. Hmmmm none maybe? Oh the fun....

  34. la pierre
    Flame

    Handy workers

    Those guys were pretty damn fast, could hire them for moving servers and telecomms, they know their stuff.... Damn let get those guys on a payroll...

  35. Anonymous Coward
    Anonymous Coward

    In other news....

    Irish telecom monopoly eircom announces a major upgrade to its dublin exchange......

  36. Alex
    Thumb Up

    Actually.. @Simon

    You have a cotton picking, darn-dastardly, good point there!

    We hear about DR this, and DR that, but even the 'big cheese' of British communications didn't have a DR plan or BC policy...

    Shocking!

    But a damn good point, well highlighted.

    @AC RE: Steve Evans"

    Poor fella, now get back to work, you! ;o)

  37. Nigel W
    Alert

    Hmmmm...

    Well it took me 3 phone calls this morning to find out about this...

    Got told originally that it was a fault with our equipment, then they couldnt find my Company on the system, then they insisted they couldnt help as I didnt have the "S" number...

    3rd call was the lucky one, where they actually couldnt of been more helpful... apart from maybe having a Disaster Recovery Plan...!

    Still not up and working here.

  38. Nick

    Mmm Fibre.

    I'm surpised that Guy Richies Snatch knocked nearly 8000 circuits off. I wonder if thats why there's all those rumours about her Madgesty.

    Oh, and a point of note, we've not been advised that Fibre has been stolen, merely damaged (I suspect cut/pulled/broken to quickly release the cards).

  39. Michael

    nice

    They probally wanted all the metal from the racks, well thats if they took the racks hehe..

    cant see them sellnig the equipment in this country tho.

  40. David Mery

    Illegal pics?

    Aren't these pics in breach of the OSA 1911 Section 3?

    ==

    3.Definition of prohibited place.

    For the purposes of this Act, the expression "prohibited place" means--

    [F1 (a)

    any work of defence, arsenal, naval or air force establishment or station, factory, dockyard, mine, minefield, camp, ship, or aircraft belonging to or occupied by or on behalf of His Majesty, or any telegraph, telephone, wireless or signal station, <snip>

    ==

    More at http://spyblog.org.uk/2008/06/restrictions-on-photography-in-public-where-are-the-prohibited-places-designated.html

    br -d

  41. Belxjander Serechai
    Linux

    @AC - Theft of Line Cards...

    Actually Ive helped dissassemble an Exchange with older equipment,

    Give someone 10minutes with the line-card rack and you would be looking

    at somewhere between 10 to 20 cards removed,

    depending on how quick the person got used to card removal...

    so all up maybe 30-40 minutes to strip the equipment into a sack and leg it...

    speaking of which I can personally strip down either of my own machines

    and rebuild it (including PSU removal from the case with everything else)

    in about that time if I am *really* in a hurry or totally wired up on sugar :)

    << Icon is Tux because my systems are all set to something I can use

    without needing to deal with a lawyer first :)

  42. kain preacher

    Guy Ritchie's birthday bash was going on

    DO you think any one was sober enough to notice ??

  43. Anonymous Coward
    Thumb Up

    We're up and running now!

    We had six sites down this morning (Oddly one didnt report the lack of connectivity until 13:00 today!!) .

    All are back up and running now. I'm relieved.

    DR questions aside, BT did a good job getting it all back up and running.

  44. Chris Williams (Written by Reg staff)

    Re: Illegal pics?

    No. Your snip removes the key part of the sentence.

    "any work of defence, arsenal, naval or air force establishment or station, factory, dockyard, mine, minefield, camp, ship, or aircraft belonging to or occupied by or on behalf of His Majesty, or any telegraph, telephone, wireless or signal station, or office **so belonging or occupied**,"

    BT exchanges are neither property of - nor occupied by - the crown.

    - Chris

  45. Anonymous Coward
    Pirate

    any Phorm kit gone?

    "Stolen To Order?

    By Rick LeemingPosted Thursday 11th September 2008 10:26 GMT Somehow I don't think this stuff will end up on ebay. Or alternatively it's someone who has finally had enough of BT's level of "Service".

    "

    i dont know about to order but IF therewas any Phorm DPI/layer7 kit taken then THAT WOULD EB WERTH A LOY OF MONEY to some blackhat or criminal gang as it will have all their custom code in it...

    as i understand it, it you have access to this then it makes it far simpler to find and exploit any 0day options later....

  46. Tim Walls
    Stop

    @neologic2k

    neologic, I take it you've never done any work in a telephone exchange!

    These places are not typically manned out of hours, if manned at all. The last exchange I worked in the physical security consisted of the usual stuff (swipe cards, that sort of thing) and a video camera; the door locks were released remotely after you'd phoned the security people and they'd clocked you on the video cameras.

    Telephone exchanges are a long way from being 'data centres', even in this day and age.

    Given that your modern high-tech thief's idea of a wiring tool is a set of bolt cutters, I'm quite sure they could be in and out well before plod or anyone else was on the scene.

  47. Anonymous Coward
    Anonymous Coward

    How come

    I dont here about thefts from telco centers in countries like Germany, France, Canada. Just in the UK ???

  48. Anonymous Coward
    Anonymous Coward

    Embassies, Consulates, etc.

    Given the high concentration of foreign diplomatic posts in Mayfair, it wouldn't be surprising if some of the line cards at that particular exchange were in some way "special".

  49. Anonymous Coward
    Anonymous Coward

    My BT Pass...

    ... is next to me! I have access to Mayfair but have never been there. Have been told it has the most MDF work in the country!

    AC because I work for Big Thingy!

  50. Ron Eve
    Unhappy

    FFS

    I always thought these kind of premises, you know, vital to communications and the like, were belled up to the max. And also, wasn't the interweb invented (DARPA) so that no single node knocked out could bring about communication breakdown? (Yeah I like Led Zeppelin too).

    And WTF are these people doing nicking highly specialised network cards? Is there an abundance of precious metal in them that can be extracted at Peckham Scrap Metal? (I quite liked the comment about the Irish Exchange announcing an 'upgrade' though).

    My flabber is truly ghasted.

  51. Anonymous Coward
    Coat

    I've been into that building

    the exchange itself is, I believe, on the first and second floors, the rest of them being occupied by some chunk of BT's other operations (I have a feeling it might be wholesale, but I wouldn't swear to it). There are doors into the exchange area served by the main stairwell, which also includes a lift shaft, which comes out at ground level into a teensy reception area directly behind the door into Farm Street, which is next to the pub. The street itself is VERY quiet even in the middle of the day, to the extent that there's a sign on the inside of the door saying something to the effect of "Please don't slam the door, it pisses the neighbours off". I didn't make a detailed survey of the security measures.

    Anyway, the upshot of all this is that I would very strongly suspect an inside job: it really wouldn't be that hard to get a few mates in through the front door, set about the hardware, lump it back out to a waiting BT van and make good your escape.

    Coat as in helping oneself to the contents...

  52. John Dougherty
    Dead Vulture

    @@Took you guys long enough!

    Obviously, he was part of the original ring. How else would he have known?

    Mine's the one with the foil in the pocket.

  53. Anonymous Coward
    Anonymous Coward

    Ignorance is bliss

    >I would very strongly suspect an inside job

    Couldnt agree more, smacks of someone getting an OBASS card as a contractor and hanging on to it for use at a later date.

    Oh and all those snotty sods on the proverbial high horse about how their datacentre has armed guards, starving rotties, minefields etc. for security, please consider this: Its an exchange NOT a datacentre.

    By law BT have to give equal access to ALL CP's and their contractors, anything less and OFCOM would be jumping on throats. This means that security can never be as tight as everybody would like.

    This is a serious incident but small beer compared to the thefts that are being made of cable throughout the network, copper fetches a good price and its being ripped out of the ground almost daily.

  54. Anonymous Coward
    Anonymous Coward

    effect of outage

    the exchange affected a lot of businesses that connect into london including government. I work on a servicedesk for gov dept and we were mostly out of business until about 3pm. w couldnt get into systems and remote offices could not connect to london.

    re kit stolen , what are they going to do with it ?? I think it will leave country. theives maybe have ££ in eyes and dont know that if connected will be seen and if sold abroad it is throw away as cisco will want ££ for support and they know who they sold it to !!

    Imagine buying a stolen porsche abd the first time it breaks down being told that thay wont give you the parts or help !! (and the local fuzz come knocking on your door )

  55. Robert Hill

    Final Mile...no real DR or re-routing...

    This stuff seems to be all local Final Mile routing stuff, so if there was any redundancy it was probably in the same building and stolen too. Despite all of the talk of the internet being redundant to route around failure, every residential node has ONE final connection to the rest of the network, and that's what they took - the entire exchange's worth of final connections.

    Hard to blame BT for this, or even accuse them of incompetence - sometimes the cost of preventing any and all crime costs a lot more than the crime itself would be worth...

  56. Rolf Parker

    Illegal pics?

    No!! It's a private Company

  57. Alan

    What a dump you lot work in.

    Give me my 12 miles of open countryside any day. Our phone exchange is a wooden hut over in the next village (near the duck pond, and across the road from the thatched cottage).

  58. Anonymous Coward
    Anonymous Coward

    @ Alan

    Wooden hut, you say? Hmm...

    /goes to buy chainsaw and help self to contents of said hut

  59. Watching Them, Watching Us
    Alert

    Communications Act 2003 section Schedule 17 para 2

    @ Chris Williams - the key part of the Spy Blog article is actually the reference to rhe

    Communications Act 2003 section Schedule 17 para 2

    http://www.opsi.gov.uk/acts/acts2003/ukpga_20030021_en_59

    "Official Secrets Act 1911

    2 For the purposes of the Official Secrets Act 1911 (c. 28), any electronic communications station or office belonging to, or occupied by, the provider of a public electronic communications service shall be a prohibited place. "

    This certainly does cover a BT telephone exchange.

    Luckily for you, and for all the tourists who take photos of the BT Tower, the Official Secrets Act 1911 power of arrest was repealed by the Serious Organised Crime and Police Act 2005, along with a dozen or so other obsolete powers of arrest (although the authorities now seem to want to reinstate these), and requires consent for prosecution to be given by the Attorney General.

  60. Anonymous Coward
    Flame

    Re-arrange, jerk, knee, act, ion and re

    - BT did have redundancy and contigency in place, an automatic switch over to Ilford took place immediately.

    - Only cards were stolen, damage was done by the forced removal of said cards.

    - Have a chat with the regulator about not allowing other line operators and their sub-contractors into BT Exchanges?

    - Establish all facts before gobbing off?

    - Remove foot/feet from mouth if you're an ignoramus talking out of your ar$e.

  61. tony trolle
    Pirate

    Name rings a bell

    apart from sharing a name with a men's magazine the exchange does or did something important once however cannot remember what. (Section 5 1989 Act)

    AFAIK BT has its Openreach Headquarters on the 4th floor

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2021