recommended reading

How Do You Protect Undersea Internet Cables, Anyway?

Katherine Worzalla/Shutterstock.com

If you've been following the events in Syria over the past few days, you know the country’s Internet is now back from the dead after a 19-hour outage that the government blamed on “terrorist” sabotage—an explanation bought by approximately zero people.

But just because destroying the cables would be logistically and technically difficult for a terrorist or individual—not to mention suicidal; the voltage running through them would be enough to kill someone trying to cut through—doesn’t make it unthinkable. In March, Egyptian authorities accused three men in a fishing boat of trying to sever a submarine cable connecting Alexandria to the Web. The evidence was thin and experts are as cynical about that incident as the latest service disruption in Syria. But both episodes draw attention to how exposed the world’s Internet infrastructure really is.

Let’s begin with how the cables are physically stabilized. They’re not. The cables tend to rest unsecured on the ocean floor. Landslides, ship anchors—all are capable of moving or dragging the cables out of their normal position. Pull too hard, and they break. In 2006, an underwater landslide between Taiwan and the Philippines disrupted 19 out of 20 Internet cables in the area, causing service in much of Asia to go dark. Even though software could tell the repair crews exactly which part of the cables had malfunctioned, locating the actual point of the break took more time because the event had moved the cables and buried them.

There are other vulnerabilities, too. When the cables make landfall, they generally terminate at a control station that brings together more than one submarine cable. Disable the control station, and you might be able to cause some level of disruption downstream.These facilities are only lightly guarded, according to David Belson, who authors an annual "State of the Internet" report for Akamai, the Web-traffic routing company.

“They don’t have sharks with lasers on their heads, or armed guards, or anything like that,” Belson told me. “In many cases, the cables will just come ashore in some nondescript shack.”

The United States is home to at least a couple dozen such stations. Responsibility for defending them—and the underwater cables themselves—falls to the host country, or the consortium of companies that initially laid the fiber down. But there isn’t much patrolling that takes place, said Jason Healey, director of the Atlantic Council’s Cyber Statecraft Initiative. That’s because the assumption is most well-meaning people will try and avoid the cables.

Maritime cables are “extremely” well marked on maps, said Healey. That helps trawlers and tankers steer clear, but it could also aid a malicious actor under other circumstances.

Healey has worked with the White House on a number of cyber war-game exercises. In one scenario, fictitious Iranians disrupted the Internet by convincing a handful of ship captains to drag their anchors across the ocean floor off of Djibouti, France, Great Britain and Egypt.

Only in British waters would an attempt like that be reliably caught, said Healey.

“The British patrol heavily outside Bude,” he told me, referring to the cable landing station located in Cornwall. “If you’re in the area, they are going to be paying a lot of interest to you, and if you cut the cables they would be all over you very quickly, probably within minutes.”

Areas that are less well-developed—Djibouti, say—would almost certainly lack the capacity to defend the cables the same way. Luckily, nobody’s launched a “Die Hard”-style plot to unplug everything—yet. For now, all we have to worry about are environmental hazards. And “terrorists.”

Threatwatch Alert

Accidentally leaked credentials

U.K. Cellphone Company Leaks Customer Data to Other Customers

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

    Download
  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

    Download
  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

    Download
  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

    Download

When you download a report, your information may be shared with the underwriters of that document.