Resting on the ocean floor, spanning 1.4 million kilometres of seas and oceans, is the world’s internet. Subsea cable systems form the backbone of intercontinental internet connections, keeping global economies afloat and intertwined, but they are increasingly coming under new threats.
The cable systems – at least the newer ones – are fibre-optic pipelines delivering data at light speed across the ocean bed, but despite their importance to global infrastructure, they are surprisingly vulnerable. The fibres themselves are made of wafer-thin glass, but, to keep them safe from common threats, they are encased in a pipe comprising polycarbonate, aluminium, steel wires, and polyethylene.
Around 570 submarine cables are in operation today, acting as the data highway between countries across the globe. They are also, in many ways, the West’s Achilles Heel.
Last June Dmitry Medvedev – former Russian president and one of Vladimir Putin’s closest allies – argued that Russia has a right to attack subsea cable systems, citing his belief that the West was responsible for sabotage to the Nord Stream undersea gas pipeline in 2022.
“If we proceed from the proven complicity of Western countries in blowing up the Nord Streams, then we have no constraints – even moral – left to prevent us from destroying the ocean-floor cable communications of our enemies,” he wrote.
Defending cable systems has always been a priority – cable landing stations, which is where the systems meet the land, are often highly secure facilities – but Medvedev’s words put governments on high alert. Last October, Finland initially suspected Russia of sabotaging a cable connecting Estonia and Sweden in the Baltic Sea, which Putin has denied.
As probes proceeded, Finnish investigators named a Chinese-owned and Hong Kong-flagged container as a prime suspect, believing it dragged an anchor along the seabed.
Increased Russian naval activity off the Irish coast also raised alarm last year, given the high number of cables located there that connect North America to Europe.
Potential threats stretch beyond Russia, however. The conflict in Gaza has prompted Ansar Allah – better known as the Yemen-based Houthi movement – to launch attacks on Western supplies in the Red Sea in protest to Israel’s actions in Gaza.
A high density of cables run between the Suez Canal and the Gulf of Aden – which borders Yemen – prompting Houthi rivals to warn the group may purposely sabotage cable systems there, something they deny.
However, there have been cuts there since the conflict began. Several major cables, including the Asia-Africa-Europe 1 (AAE-1), TGN Atlantic, Europe India Gateway, and the Seacom system were cut in the Red Sea, causing outages in February, which the Houthis blamed on US and British military strikes against them.
“If Houthi rebels are behind the recent damage to undersea and land cables…then evidently those cables are now considered infrastructure worthy of attack during times of conflict,” says Jeff Huggins, president of deeptech company, Cailabs.
Nevertheless, those uninvolved in the attacks are feeling the impact. According to HGC Global Communications, as a result of just four of the 15 severed submarine cables in the Red Sea in February, an estimated 25% of traffic flowing between Asia and Europe was affected.
“The sheer ubiquity of internet in daily life makes the potential impact of successful sabotage enormous,” adds Huggins.
Intentional attacks on fibre networks have happened before.
In October 2022, multiple fibre cables were cut in Marseille – a central hub for subsea cables, located in the Mediterranean, with the Atlantic to the west and links to Asia to the East – in a targeted attack.
At the time, cloud security company Zscaler wrote in a blog post: “We are aware of a major cable cut in the South of France that impacted major cables with connectivity to Asia, Europe, UK, and potentially other parts of the world.”
Speaking to TI, Yannick Leboyer, European managing director of communications firm Zayo, explains: “One night around 2 am, we saw three links go down one after the other within one or two minutes with sabotage.”
“There’s been a few of these in France, so the police have been investigating for quite some time.”
While the cables were repaired quickly since they were at a landing station, investigations are still ongoing as to who conducted the attack and why.
For cyber security firm Recorded Future, these incidents highlight that onshore landing stations remain the most vulnerable point in a cable system to state-sponsored damage or attack – and fortunately, these can be repaired more easily.
When a submerged part of a cable is cut or damaged, repairing it takes time – depending on the location a repair can take up to several weeks – and this can cost businesses money and disrupt internet usage.
The reason for this is complex. Firstly, the cable provider needs to detect where the fault took place, and this is first estimated onshore. Then they need to hire a specialist vessel to go and repair the fault, which will involve both picking up relevant equipment and travelling to the location. Unfortunately, this type of ship is limited – around 60 are in operation globally, and many of these are old stock that have been in operation for decades.
The vessel itself can face rough waters before even reaching the location of the damage. They then need to feed the cable through the boat until they find the actual cut before repairs are carried out – meaning the whole process can take weeks.
Intentional damage isn’t the only problem, either. While threats from state actors have happened, most outages are caused by accidental or natural causes, adds Zayo’s Leboyer.
Referring to last week’s cable damage in Africa that caused internet outages in 13 African countries, Leboyer says: “I know there’s a lot of discussion right now about disruption, especially towards Africa, but honestly this is pretty normal for us.”
Accidental cable faults are not uncommon. They can occur as a result of fishing lines, anchors, or in some rare cases, sharks.
It’s why firms such as Orange Marine have vessels aimed at not only laying new cables but fixing old ones, with digital technology implemented simply for identifying faults on cables on the seabed.
For Zayo, this has always been a reason for advising clients to have a minimum of three or four different routes taking data from A-to-B to ensure there is no black-out of transmission.
“Even before recent events, we’ve had situations where we were down to only one path out of six,” Leboyer recalls.
“We have UK-based clients trying to connect the UK to India and, as you go into India, not only are you crossing the ocean, but you also have a pretty long terrestrial distance as well.”
“So we’ve moved them to a solution where we try to keep [the routes] as diverse as possible,” he says, choosing separate directions of cables for each client.
Still, Recorded Futures believes that larger attacks on the network will happen, with results varying from intermittent traffic disruptions to widespread outages that will take days or weeks to resolve – as demonstrated by the recent disruption in Africa (which, it turned out, was caused by an underwater landslide).
“State actors seeking an espionage edge will almost certainly target the entire submarine cable ecosystems for intelligence collection: landing station infrastructure, the submarine cables themselves, third-party providers, and the hardware and software that knits it all together,” Recorded Futures notes.
Subsea cables hold a lot of weight. Within the so-called internet superhighway, the cables can carry sensitive government communications, and are used to support overseas military operations.
As well as undercover communication, submarine networks also facilitate more than $10 trillion of financial transactions daily. For banks, this makes the security of the network a vital asset: “Banks are typically at the top in terms of diversity requirements,” adds Leboyer.
According to Recorded Future, the increasing volume of data and the importance to global finance have only exaggerated the impact posed by physical security attacks.
The organisation warns that recent conflicts have created new imperatives for countries and state actors to disrupt cable system operations, and even covertly tap into the data flowing through them for national security and economic espionage purposes.
This kind of sabotage and espionage is not new. During the Cold War, the US successfully tapped into a Soviet Union military communication cable in the Sea of Okhotsk to listen in on sensitive conversations.
While the report states that the rapid growth of the system since then has created more opportunities to tap into information, it’s more challenging to find coveted information as the “sheer magnitude” of data surging through the cables would necessitate a super complex mechanism able to filter or transfer it to analytics.
Therefore, hacktivists or ransomware groups are unlikely to be capable of finding information through subsea cables, “but their threat cannot be discounted,” adds Recorded Future. Protecting cable systems still remains a priority.
Subscribe to our Editor's weekly newsletter
Newsletter
Share
