If you’ve been following the events in Syria over the past few days, you know the country’s Internet is now back from the dead after a 19-hour outage that the government blamed on “terrorist” sabotage—an explanation bought by approximately zero people.
But just because destroying the cables would be logistically and technically difficult for a terrorist or individual—not to mention suicidal; the voltage running through them would be enough to kill someone trying to cut through—doesn’t make it unthinkable. In March, Egyptian authorities accused three men in a fishing boat of trying to sever a submarine cable connecting Alexandria to the Web. The evidence was thin and experts are as cynical about that incident as the latest service disruption in Syria. But both episodes draw attention to how exposed the world’s Internet infrastructure really is.
Let’s begin with how the cables are physically stabilized. They’re not. The cables tend to rest unsecured on the ocean floor. Landslides, ship anchors—all are capable of moving or dragging the cables out of their normal position. Pull too hard, and they break. In 2006, an underwater landslide between Taiwan and the Philippines disrupted 19 out of 20 Internet cables in the area, causing service in much of Asia to go dark. Even though software could tell the repair crews exactly which part of the cables had malfunctioned, locating the actual point of the break took more time because the event had moved the cables and buried them.
There are other vulnerabilities, too. When the cables make landfall, they generally terminate at a control station that brings together more than one submarine cable. Disable the control station, and you might be able to cause some level of disruption downstream.These facilities are only lightly guarded, according to David Belson, who authors an annual “State of the Internet” report for Akamai, the Web-traffic routing company.
“They don’t have sharks with lasers on their heads, or armed guards, or anything like that,” Belson told me. “In many cases, the cables will just come ashore in some nondescript shack.”
The United States is home to at least a couple dozen such stations. Responsibility for defending them—and the underwater cables themselves—falls to the host country, or the consortium of companies that initially laid the fiber down. But there isn’t much patrolling that takes place, said Jason Healey, director of the Atlantic Council’s Cyber Statecraft Initiative. That’s because the assumption is most well-meaning people will try andavoid the cables.
Maritime cables are “extremely” well marked on maps, said Healey. That helps trawlers and tankers steer clear, but it could also aid a malicious actor under other circumstances.
Healey has worked with the White House on a number of cyber war-game exercises. In one scenario, fictitious Iranians disrupted the Internet by convincing a handful of ship captains to drag their anchors across the ocean floor off of Djibouti, France, Great Britain and Egypt.
Only in British waters would an attempt like that be reliably caught, said Healey.
“The British patrol heavily outside Bude,” he told me, referring to the cable landing station located in Cornwall. “If you’re in the area, they are going to be paying a lot of interest to you, and if you cut the cables they would be all over you very quickly, probably within minutes.”
Areas that are less well-developed—Djibouti, say—would almost certainly lack the capacity to defend the cables the same way. Luckily, nobody’s launched a “Die Hard”-style plot to unplug everything—yet. For now, all we have to worry about are environmental hazards. And “terrorists.”
Brian Fung is the technology writer at The National Journal.