Submarine cables, the backbone network of the global economy and telecommunications, are operating in an increasingly risky environment and are prone to geopolitical, physical, and cyber threats, including nation-state sabotage and spying. Fiber-optic submarine cables on the ocean floor transmit an estimated 99% of all intercontinental internet traffic and communications, including roughly $10 trillion of financial transactions daily and sensitive government and military communication, making them attractive targets for intelligence collection and sabotage.
The number of undersea cables has doubled over the past decade, reaching an estimated 529 cable systems in operation today, and their capacity is likely to increase, to meet the growing number of users and devices requiring internet connectivity. When it comes to risks these cables are exposed to, intentional attacks are the most damaging, compared to accidental damage from ship anchors or fishing vessels.[1]
In terms of intentional sabotage and spying, state-sponsored groups should be regarded as the greatest threat to submarine cables, especially with an increasing number of Chinese-owned companies operating cables, and with Russia interested in mapping the submarine cable system, very likely for potential sabotage or disruption.
Major geopolitical developments, specifically Russia’s war against Ukraine, China’s increasing coercive actions toward, and preparations for, a potential forceful unification with Taiwan, as well as the deepening rift between Beijing and Washington, will very likely be key drivers of the near-term risk environment. The main threat from China comes in the form of its ability to control digital flows, given its more prominent role as an owner/operator in the industry, which allows it to dictate the location of new cables, creating new opportunities for intelligence collection through the landing stations it controls.
Russia represents a threat to the physical security of submarine cables, especially those in the North Sea region. Cutting a submarine cable would lead to disruptions and, if the damage is dealt in deep water, the impact would be greater, as it would take longer to repair. State-sponsored threat actors have the resources required to identify and sever a cable in deep water.
While much less frequent, intentional damage or sabotage represents a unique threat vector, since the timing of an attack and target can disproportionately affect the countries and companies that rely on that cable system.
Another important issue, the company notes, is the increasing role that hyperscalers such as Amazon, Google, Meta, and Microsoft are taking in the development and ownership of the global cable network, which raises concerns over market monopolies and digital sovereignty.
Located at shore and designed to connect the submarine cable with terrestrial networks, landing stations also represent an attractive target for intelligence collection, as they may lack heightened security protections, are easier to access than deep underwater cables, and house network management equipment and power feeds.
It is likely that only a select few countries are capable of tapping into submarine cables in deep water locations, where their activities are less likely to be detected. Landing stations therefore present a more readily accessible option. These locations can serve as intelligence collection points by their owners, on behalf of their country or for the benefit of a foreign government, through the insertion of monitoring equipment or backdoor software.
The use of remote network management systems for the monitoring and control of infrastructure may also represent a weak point that state-sponsored adversaries, ransomware groups, and other threat actors are likely to exploit. State actors seeking an espionage edge will almost certainly target the entire submarine cable ecosystem for intelligence collection: landing station infrastructure, the submarine cables themselves, third-party providers, and the hardware and software that knits it all together. Separately, Russia will almost certainly increase its overt and covert mapping of submarine cables, and likely engage in targeted sabotage on land and underwater.
The BRICS nations are already building their own deep water communications systems, so if there is ever disruption in the current commercial networks, they have an alternative. It will be interesting to see how and these countries begin to withdraw from the current networks.
See: https://redskyalliance.org/xindustry/the-brics
This article is presented at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments, or assistance, please get in touch with the office directly at 1-844-492-7225, or feedback@redskyalliance.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www.redskyalliance.org/
- Website: https://www.redskyalliance.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
[1] https://www.securityweek.com/submarine-cables-at-risk-of-nation-state-sabotage-spying-report/
Comments