Undersea Telecoms Cables Are Interception Targets

Uploaded on 2017-12-18 in NEWS-News Analysis, GOVERNMENT-Defence, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

A report by right-leaning think tank Policy Exchange highlights how global undersea cables are poorly protected, and suggests that Britain should lead the way in remedying this.

The report, titled 'Undersea Cables: Indispensable, insecure' written by Conservative MP Rishi Sunak, discusses how easily cable-based communications can be disrupted, and the past and potential future threats to their continued function.

Cables carrying data are essential to modern communications but lack both physical and legal protections, according to Sunak.

Their locations are freely available to the public in order to prevent accidental damage by shipping, but the laws governing them are lax. He described the current laws as "far more suited to the comparatively peripheral role the infrastructure played in the '70s and '80s, than to the indispensable status they now hold in the internet age".

The age of those laws means that enforcement agencies struggle to deal with suspects and offenders with appropriate severity, said Sunak, who added that the need for reform has been ignored by national governments because the cables are often managed by private companies rather than nation states, and therefore slip under the gaze of legislators.

The risk of severed cables is compounded by the aggregation of cables into "dangerously concentrated" choke points. 
Examples of this are the Luzon Strait between Taiwan and the Philippines, which connects several eastern countries and the US, or a single building in Alexandria, Egypt, which holds the meeting point of five transnational cables.

This kind of infrastructure damage could appeal to terrorists, Sunak writes, indicating a foiled Al-Qaeda attack in 2007, meant to target an Internet exchange in London, as proof of this.

As well as terrorists, he points at Russia as the other major threat. He cites the severing of the main cable leading into the Crimean Peninsula when Russia annexed the region in 2014. 

The operation of Russian submarines along cable routes, and the use of the Yantar-class "intelligence ship", which carries two submarines believed to be capable of destroying cables or tapping them for information. 

Sunak recommended that government departments should focus on cable protection in future reviews, and that undersea cables should be designated as critical national infrastructure. Others involved updating international law and military codes to ensure legal protection, and the construction of new cables in diverse locations to act as backups.

Another recommendation pointed to Australia and New Zealand's Cable Protection Zones, where ships cannot fish or anchor, and can only sail through under supervision by the Coast Guard. Britain should "encourage the establishment" of such zones in the Suez and the Mediterranean to protect connections with the Middle East, Sunak wrote.

In his concluding remarks in the report, Sunak said: "Disrupting cables is not only possible and surprisingly easy, but it can have significantly negative consequences for our security and prosperity. "Despite this backdrop, there has historically been minimal state involvement in the sector, despite its strategic importance."

The Register:    Cable Data Map: Greg Mahlknecht

You Might Also Read:

Can Russian Submarines Cut Off the Internet?:

Cyber Spying All At Sea:

Forget Trident & Welcome To Cyber Warfare:

 

« Cyber Criminals Are The New Mafia
Russia Will Build A Separate Internet Directory »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Tresorit

Tresorit

Tresorit helps teams to collaborate securely and easily by protecting their data with end-to-end encryption.

Military Cyber Professionals Association (MCPA)

Military Cyber Professionals Association (MCPA)

MCPA are a team of Soldiers, Sailors, Airmen, Marines, Veterans and others interested in the development of the American military cyber profession.

Department of Energy - Cybersecurity, Energy Security, and Emergency Response (CESER)

Department of Energy - Cybersecurity, Energy Security, and Emergency Response (CESER)

The Office of Cybersecurity, Energy Security, and Emergency Response (CESER) addresses the emerging threats of tomorrow while protecting the reliable flow of energy to Americans today.

AnubisNetworks

AnubisNetworks

AnubisNetworks is one of Europe’s leading threat intelligence and email security suppliers.

Aricoma

Aricoma

Aricoma are Architects of Digital. We aim to become a major player in end-to-end IT services and digital transformation in Europe.

Clari5

Clari5

Clari5 redefines real-time, cross channel banking Enterprise Fraud Management using a central nervous system approach to fight financial crime.

Emirates International Accreditation Center (EIAC)

Emirates International Accreditation Center (EIAC)

EIACI is the national accreditation body for the United Arab Emirates. The directory of members provides details of organisations offering certification services for ISO 27001.

Axiomtek

Axiomtek

Axiomtek is a leading design and manufacturing company in the industrial computer and embedded field.

Cytenna

Cytenna

Cytenna Signal is a suite of SaaS (Software-as-a-Service) products that use AI and machine learning to automatically aggregate the latest information about software vulnerabilities.

Edgile

Edgile

Edgile is the trusted cyber risk and regulatory compliance partner to the world’s leading organizations, providing consulting, managed services, and harmonized regulatory content.

Ermetic

Ermetic

Ermetic’s identity-first cloud infrastructure security platform provides holistic, multi-cloud protection in an easy-to-deploy SaaS solution.

CloudCover

CloudCover

CloudCover is a software-defined cybersecurity risk solution that provides risk awareness, risk analytics, and data security in real time.

Testhouse Ltd

Testhouse Ltd

Testhouse is a thought leader in the Quality Assurance, software testing and DevOps space. Founded in the year 2000 in London, UK, with a mission to contribute towards a world of high-quality software

Ruptura InfoSecurity

Ruptura InfoSecurity

Ruptura InfoSecurity provide CREST Accredited Penetration Testing & Offensive Security Services. We secure your critical assets through targeted and research driven penetration testing.

Tsaaro Academy

Tsaaro Academy

Tsaaro Academy is a unique privacy certification training platform and here you earn a privacy certification CEH, CISM and DPO from India’s No.1 Privacy training platform.

Proaxiom

Proaxiom

Proaxiom are focused on erasing cyber driven panic paralysis for Small and Medium Enterprises through brilliant cyber technologies which drive productivity and support growth.