Optical communication is harder to attack than copper, but not invulnerable. The relevant attack surfaces:
13.1 Fiber tapping by bend coupling
If you bend a fiber sharply, a fraction of the light leaks out of the core through the cladding (Section 3.3). With a sensitive photodiode and the right geometry, you can capture enough of that leaked light to read the data without cutting the fiber. Commercial "non-intrusive" fiber taps exist, designed for legitimate monitoring but trivially repurposable for eavesdropping. Insertion loss is a few tenths of a dB, well under the noise floor of most network management systems.
Defenses:
- Continuous OTDR monitoring: a network management system pings the fiber periodically and looks for new reflective events or insertion-loss bumps.
- Quantum key distribution (QKD): if your link uses single photons rather than classical pulses, any eavesdropping disturbs the photons and is detectable in principle (BB84 protocol). Commercial QKD systems exist from Toshiba, ID Quantique, and QuantumCTek, deployed in financial and government networks. They are slow and expensive but unconditionally secure under the laws of physics rather than under unproven mathematical assumptions.
- Encryption above the optical layer: MACsec, IPsec, or higher-layer TLS render the bits useless to a tapper even if the photons leak. This is the practical defense in commercial networks.
13.2 Side channels from optical modulators
The MZM driver in a coherent transponder is a high-power, high-speed analog circuit. Its power consumption and electromagnetic emissions are data-dependent: a string of identical symbols draws different current than alternating symbols. With an antenna or a current probe near the transponder, you can in principle leak information about the data without ever seeing the optical signal. The same TEMPEST-style analysis that we discussed for digital systems applies here too.
Mitigations: shielded transponder cages, balanced differential drivers that reduce common-mode current variation, and randomized bit-scrambling so the data does not have long runs of identical patterns.
13.3 Counterfeit transceivers
A pluggable optical transceiver (SFP, QSFP, OSFP) is a small computer with firmware. Several documented attacks involve counterfeit modules with malicious firmware that can dump memory contents, exfiltrate data over the management interface, or even reflash the host switch. The supply chain for these modules is global and complex; counterfeits are common in the gray market.
Defenses: cryptographically signed module firmware, hardware-rooted authentication (e.g., DDM digital signatures), procurement only from authorized resellers.
13.4 Submarine cable attacks
Cables on the seafloor are exposed to physical attack. Documented cases:
- Trawler and anchor damage: hundreds of cable faults per year are caused by fishing operations and shipping. Repairs are expensive but routine.
- Deliberate cable cuts: in 2008 multiple cables in the Mediterranean were cut nearly simultaneously, in events that remain controversial. In 2024 the Houthi forces in Yemen cut cables in the Red Sea, disrupting traffic between Europe and Asia. The Baltic Sea cables Cinia C-Lion1 and BCS East-West Interlink were cut in November 2024, and the cause is under investigation.
- Espionage: the USS Jimmy Carter and Russian Yantar are submarines reportedly equipped to access undersea cables. The capability to physically tap a submarine cable at depth has been an open secret for decades.
The defensive posture is redundancy: a packet from London to Tokyo has dozens of viable cable routes, and the BGP routing layer reroutes around faults within seconds. No single cable cut can take the internet down, but a coordinated attack on landing stations could degrade specific regions for weeks.
13.5 Side channels in QKD itself
Even theoretically secure QKD has practical attack surfaces. The most famous is the detector blinding attack: shine a strong laser at the receiver to saturate the single-photon detector, which then operates in linear mode and follows the attacker's brighter pulses, allowing them to control the bits without disturbing the photons in a detectable way. This was demonstrated against commercial QKD systems in 2010 and led to a decade of "device-independent QKD" research.
The lesson is the recurring one of hardware security: theoretical security and the security of a real implementation are different things. The implementation always has unmodeled physics that the model did not capture, and an attacker who understands the implementation deeply can usually find a side channel.