At its peak, CyberBunker clogged up a mind-boggling 300 gigabits per second of the Internet in what’s being called the biggest cyber-attack in history. But what if you could switch off 1.28 terabits—four times as much bandwidth—with nothing more high-tech than an axe?
That’s what three men tried to do in an unsophisticated but effective form of sabotage in Egypt yesterday; their identities and motives are not yet known. Reuters reports the Egyptian coastguard intercepted a fishing boat off the coast of Alexandria and arrested three men trying to cut through the SEA-ME-WE 4 undersea cable. The cable is one of the main connections between Asia and Europe, running from France to Malaysia and linking Italy, north Africa, the middle east and south Asia. The men, whose pictures the navy uploaded on Facebook, are being interrogated by Egyptian authorities. (If you recognize them, send an email to hi@qz.com.)
The Internet does not live in anything resembling a cloud, as Andrew Blum memorably put it in Tubes, his book about the net’s physical infrastructure. Instead it resides in hundreds of cables snaking underground and along the bottom of the sea, where it is susceptible to ship anchors, marine life, and sabotage.
Most big countries have several redundant cables landing on their shores. But the loss of even a single one means that all the traffic must be jammed through remaining connections, causing congestion. And there is nothing to stop determined attackers from targeting several cables. Indeed, since many cables go through geographic chokepoints like the Suez, it wouldn’t be difficult to disrupt a whole bunch of connections in a brief period of time.
That’s exactly the kind of attack that seems to be underway. The past week saw reports of several severed cables off the coast of Egypt that are part of Seacom, a network of cables serving much of Africa. At the time, Seacom officials suspected careless ships. But the arrest of the three men yesterday suggests there could a concerted effort to take down Egypt’s connectivity. A similar spate of cuts affected the region in 2008, though no culprit was officially established.
Yesterday’s attacks on the Internet’s infrastructure—Cyberbunker and the Egyptian cable—show two ways of waging asymmetric war in the Internet era. If your aim is a single company, it helps to know how to wrangle thousands of zombie computers into a precise, targeted attack. That also has the benefit of allowing regular users—and the attackers themselves—to stay online. But if your target is bigger, say a country or a continent, all it takes to cripple the network is scuba gear and a few sharp-edged tools.