Will Russia attack undersea internet cables next? – POLITICO | #cybersecurity | #cyberattack | #hacking | #aihp

Explosions at two major national gas pipelines connecting Russia to the European Union have Western policymakers asking: what will be targeted next?

No one has yet to take responsibility for the attacks against the Nord Stream energy pipelines. But American and European officials have been quick to point the finger at the Kremlin — amid warnings the labyrinthine network of undersea cables that power the global internet could be an inviting target.

So far, few, if any, of these internet cables — which connect all of the world’s continents and represent the digital superhighway for everything from YouTube videos to financial market transactions — have ever been sabotaged by foreign intelligence agencies or non-government actors.

But the threat is real. In part, that’s due to weak security around these cables and a willingness by authoritarian regimes like Russia to go after non-military targets and use so-called hybrid warfare tactics.

“It’s been a target in conflicts for more than a decade now,” said Keir Giles, an expert in Russian information warfare at Chatham House, a think tank. “If there is not close attention to securing these vital assets, Western countries have only themselves to blame.”

Here’s everything you need to know about the threat to undersea internet cables.

What’s an undersea cable?

Almost all of the world’s internet traffic is carried across a global network of more than 400 fiberoptic pipes that, collectively, span 1.3 million kilometers. They are almost exclusively operated by private companies like Google and Microsoft, as well as France’s Alcatel Submarine Networks and, increasingly, China’s Huawei Marine Networks.

There are dozens of these cables connecting the EU with the United States — arguably the world’s most important digital relationship — though similar networks link Latin America with Asia, and Africa with Europe, respectively.

Part of the vulnerability is down to these cables’ location. They span the globe and are often located in extremely remote areas, which are easily accessible to submarines or unmanned underwater vehicles. A lack of regulatory oversight over how these networks operate also makes it difficult for companies and governments to protect them. Most of these pipelines are located in international waters.

There are also so-called choke points, or pivotal areas where major undersea cables intersect, which represent some of the highest-risk potential targets. For Europe, these include Gibraltar and Malta, where many of the EU’s connections to Asia make landfall after passing through Egypt’s Suez Canal. For the U.S., the New York coastline is the primary connection point with Europe. The United Kingdom’s Western shores represent a connection hub between the U.S. and the rest of Europe.

What’s the threat, and is it real?

Concerns have centered on a foreign government — such as Russia, China or North Korea — sabotaging these undersea cables, which are mostly unguarded and beyond the control of Western governments. National security officials have warned that adversarial regimes may also try to tap into these pipes for surveillance purposes, though both the U.S. and European authorities have carried out such deep-sea wire-trapping activity.

The risk isn’t new. For at least a decade, policymakers have raised red flags that undersea internet cables represent an easy target and need more government support to keep them safe. Almost two years ago, Jens Stoltenberg, NATO secretary general, told reporters undersea cables were vital not just for civilian society purposes — such as the functioning of financial markets — but also “for different military capabilities.” Most Western military can quickly turn to backup satellite communications if these undersea cables become compromised.

So far, the concerns over the vulnerability of these seabed cables have yet to be borne out in reality. Almost two-thirds of all detected faults on these cables, for instance, are tied directly with maritime shipping, either fishing nets disturbing the pipes or boats’ anchors accidentally causing damage, according to data from TeleGeography, which tracks the industry. The remaining faults are mostly due to normal wear-and-tear or environmental reasons like earthquakes.

There are no confirmed cases of governments cutting the cables for geopolitical reasons, though two separate Norwegian undersea networks were damaged in November 2021 and January 2022, respectively, by alleged human activity. Oslo has so far not attributed these faults to any specific group.

What would an attack look like?

British and American military officials have repeatedly warned Russia has the technical skills to take out parts of the world’s undersea internet infrastructure to cripple some of the West’s digital networks. These pipelines are often located less than 100 meters underwater, and would require either a submarine or unmanned vehicle to plant explosives at critical points of the network.

“Russia has grown the capability to put at threat those undersea cables and potentially exploit those undersea cables,” Tony Radakin, head of the U.K.’s military, told an audience in January.

No one denies Moscow has the ability to attack these targets. But what it lacks is the capacity to carry out worldwide attacks at a scale to significantly hobble the West’s internet infrastructure. In recent years, companies have built multiple redundancies into their undersea networks, primarily to ensure any short-term damage won’t materially affect people’s online activity. As internet usage has skyrocketed, so too have these deep-sea pipes that now connect disparate parts of the world via multiple alternative routes.

If the Kremlin did attack, for instance, it could possibly take down part of a regional network connecting the Baltic countries with the rest of Europe. But to have a long-term impact on the world’s network of undersea cables, Russia — or any other aggressor — would have to act at a scale that would likely be easily detectable to Western national security agencies. It would also damage its own citizens’ access to the internet.

“We’re no longer in the position that once we were where you cut one cable and everything goes down,” said Chatham House’s Giles.