Gavin E L Hall Blog - Insights into my Mind

Is Russia an Underwater Threat to the Internet

In early December, media picked up a report by the Policy Exchange examining the potential vulnerability to communications infrastructure which concludes that the UK is “uniquely vulnerable”. While it is good to see that non-technical aspects of cyber-security are receiving policy coverage, it is important to evaluate the nature of the threat and avoid hyperbole.
We first need to understand how the internet works, I don’t just mean the www. of the Web but all the different internets. In essence, this is a communications relay. Information is requested by a user, Point A, from a provider, Point B. The information is transmitted from A to B via a series of intermediate nodes, such as the London Internet Exchange (LINX). Information is routed between these nodes via a series of cables.
Due to the preponderance of water on the planet, many of these connectors between country nodes are undersea. On TeleGeography’s Submarine Cable Map, it is immediately apparent that a number of chokepoints exist that broadly align with chokepoints for global shipping. The threat, highlighted in the Policy Exchange Report, is that these cables are vulnerable to hostile action.
So it’s time to start stockpiling money, water, and canned food, right? Well, maybe hold fire on the panic. First, the threat to undersea cables is not new. As the Policy Exchange Report highlights, we have used undersea cables to transmit information — telegrams, financial data (“the cable” trading dollars and pounds), and telephony for years. The cables were a possible site of confrontation during the Cold War, and The Diplomat and other publications ran stories in 2015 similar to the current reports of concern.
Indeed, the harvesting of data, such as in Operation Ivy Bells in the early 1970s, is probably a more substantive threat that the severing of cables and cutting off an entire country. The CIA has been active in undersea intelligence gathering and counter-espionage since the Eisenhower Administration of the 1950s, primarily through the US Navy’s Sound Surveillance System (SOSUS).
So intelligence and military assets have been deployed in the undersea theater of war for decades. The threat to the undersea cables around the UK is no different to the threat that has existed for mor than 70 years, and Britain has deployed assets deployed to mitigate that threat.
Let’s assume for a moment that the threat is a clear and present danger. A State, or rogue actor, has decided to cut off the UK’s access to the internet. Britain has a number of cables entering at various different points, though there is a concentration in the Bristol Channel. How many cables need to be cut and how coordinated does this action have to be to have a noticeable effect?
Remember information is being routed via nodes. If we want to go from A to B on our Christmas holidays and the direct route is closed, what do we do? We go from A to B via C. We take a different route. Yes, congestion is likely going to higher and the journey along the route will be longer due to increased traffic, but we will arrive at our destination. The internet is no different — cutting an individual cable or even a series of cables will be an annoyance but it does not shut down access. The relative position of such an attack as a viable threat is negligible, especially as slowing down the Internet can be achieved without having to bother going to the hassle of developing deep sea combat capabilities.
Cables, whether on land or undersea, are only one part of the digital infrastructure. Taking out a node has much greater potential for damage, but I will await think-tanks catching up in their writing of reports before moving to discuss that issue. You the reader, however, can probably develop scenarios on your own.

This article was originally published on EA Worldview, 27th January 2017.