Undersea Telecoms Cables Are Interception Targets

Uploaded on 2017-12-18 in NEWS-Cybersecurity News, GOVERNMENT-Defence, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

A report by right-leaning think tank Policy Exchange highlights how global undersea cables are poorly protected, and suggests that Britain should lead the way in remedying this.

The report, titled 'Undersea Cables: Indispensable, insecure' written by Conservative MP Rishi Sunak, discusses how easily cable-based communications can be disrupted, and the past and potential future threats to their continued function.

Cables carrying data are essential to modern communications but lack both physical and legal protections, according to Sunak.

Their locations are freely available to the public in order to prevent accidental damage by shipping, but the laws governing them are lax. He described the current laws as "far more suited to the comparatively peripheral role the infrastructure played in the '70s and '80s, than to the indispensable status they now hold in the internet age".

The age of those laws means that enforcement agencies struggle to deal with suspects and offenders with appropriate severity, said Sunak, who added that the need for reform has been ignored by national governments because the cables are often managed by private companies rather than nation states, and therefore slip under the gaze of legislators.

The risk of severed cables is compounded by the aggregation of cables into "dangerously concentrated" choke points. 
Examples of this are the Luzon Strait between Taiwan and the Philippines, which connects several eastern countries and the US, or a single building in Alexandria, Egypt, which holds the meeting point of five transnational cables.

This kind of infrastructure damage could appeal to terrorists, Sunak writes, indicating a foiled Al-Qaeda attack in 2007, meant to target an Internet exchange in London, as proof of this.

As well as terrorists, he points at Russia as the other major threat. He cites the severing of the main cable leading into the Crimean Peninsula when Russia annexed the region in 2014. 

The operation of Russian submarines along cable routes, and the use of the Yantar-class "intelligence ship", which carries two submarines believed to be capable of destroying cables or tapping them for information. 

Sunak recommended that government departments should focus on cable protection in future reviews, and that undersea cables should be designated as critical national infrastructure. Others involved updating international law and military codes to ensure legal protection, and the construction of new cables in diverse locations to act as backups.

Another recommendation pointed to Australia and New Zealand's Cable Protection Zones, where ships cannot fish or anchor, and can only sail through under supervision by the Coast Guard. Britain should "encourage the establishment" of such zones in the Suez and the Mediterranean to protect connections with the Middle East, Sunak wrote.

In his concluding remarks in the report, Sunak said: "Disrupting cables is not only possible and surprisingly easy, but it can have significantly negative consequences for our security and prosperity. "Despite this backdrop, there has historically been minimal state involvement in the sector, despite its strategic importance."

The Register:    Cable Data Map: Greg Mahlknecht

You Might Also Read:

Can Russian Submarines Cut Off the Internet?:

Cyber Spying All At Sea:

Forget Trident & Welcome To Cyber Warfare:

 

« Cyber Criminals Are The New Mafia
Russia Will Build A Separate Internet Directory »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ASIS International

ASIS International

ASIS International is a global community of security practitioners with a role in the protection of assets - people, property, and/or information.

Ridgeback Network Defense

Ridgeback Network Defense

Ridgeback is an enterprise security software platform that defeats malicious network invasion in real time. Ridgeback champions the idea that to defeat an enemy you must engage them.

Slovak Security Policy Institute (SSPI)

Slovak Security Policy Institute (SSPI)

Slovak Security Policy Institute is an independent non-governmental organization that focuses on research and analysis of security challenges including defence and cyber security.

Cyberra Legal Services (CLS)

Cyberra Legal Services (CLS)

Cyberra Legal Services provides cyber law advisory, cyber crime consultancy, cyber law compliance audit, cyber security, cyber forensics and cyber training services.

Hacken

Hacken

Hacken provide a range of cybersecurity services including security assessments, blockchain security audits, and secure software development.

Huntington Ingalls Industries (HII)

Huntington Ingalls Industries (HII)

Huntington Ingalls Industries is America’s largest military shipbuilding company and a provider of professional services to partners in government and industry.

Security Risk Management (SRM)

Security Risk Management (SRM)

SRM provide a comprehensive security risk management service encompassing people, processes, technology, governance, compliance and risk management.

Nine23

Nine23

Nine23 are a highly focused cyber security solutions company that defines, builds and manages innovative services, enabling end-users to use technology securely in today’s workplace.

BlueSteel Cybersecurity

BlueSteel Cybersecurity

BlueSteel is a compliance consulting firm that leverages deep system, data and application expertise to build sustainable cybersecurity solutions.

CloudScale365

CloudScale365

CloudScale365 offers state-of-the-art managed IT services and cloud, hosting, security, and business continuity solutions.

International Association of Financial Crimes Investigators (IAFCI)

International Association of Financial Crimes Investigators (IAFCI)

International Association of Financial Crimes Investigators provides services and information about financial fraud, fraud investigation and fraud prevention.

SecureTeam

SecureTeam

SecureTeam are a UK-based information security practice, specialising in all areas of cybersecurity.

Saudi Information Technology Company (SITE)

Saudi Information Technology Company (SITE)

SITE is a forward-thinking enterprise, which aims at revitalizing Saudi Arabia’s digital infrastructure, cybersecurity, software development, and big data and analytics capabilities.

Kong

Kong

Kong - powering the API world. Increase developer productivity, security, and performance at scale with the unified platform for API management, service mesh, and ingress controller.

CloudDefense.AI

CloudDefense.AI

CloudDefense.AI is an industry-leading multi-layered Cloud Native Application and Protection Platform (CNAPP) that safeguards your cloud infrastructure and cloud-native apps,

SafetyDetectives

SafetyDetectives

SafetyDetectives' mission is to give our readers accurate and valuable information so they can make informed decisions about staying safe, secure and protected on the internet.