Undersea Telecoms Cables Are Interception Targets

Uploaded on 2017-12-18 in NEWS-Cybersecurity News, GOVERNMENT-Defence, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

A report by right-leaning think tank Policy Exchange highlights how global undersea cables are poorly protected, and suggests that Britain should lead the way in remedying this.

The report, titled 'Undersea Cables: Indispensable, insecure' written by Conservative MP Rishi Sunak, discusses how easily cable-based communications can be disrupted, and the past and potential future threats to their continued function.

Cables carrying data are essential to modern communications but lack both physical and legal protections, according to Sunak.

Their locations are freely available to the public in order to prevent accidental damage by shipping, but the laws governing them are lax. He described the current laws as "far more suited to the comparatively peripheral role the infrastructure played in the '70s and '80s, than to the indispensable status they now hold in the internet age".

The age of those laws means that enforcement agencies struggle to deal with suspects and offenders with appropriate severity, said Sunak, who added that the need for reform has been ignored by national governments because the cables are often managed by private companies rather than nation states, and therefore slip under the gaze of legislators.

The risk of severed cables is compounded by the aggregation of cables into "dangerously concentrated" choke points. 
Examples of this are the Luzon Strait between Taiwan and the Philippines, which connects several eastern countries and the US, or a single building in Alexandria, Egypt, which holds the meeting point of five transnational cables.

This kind of infrastructure damage could appeal to terrorists, Sunak writes, indicating a foiled Al-Qaeda attack in 2007, meant to target an Internet exchange in London, as proof of this.

As well as terrorists, he points at Russia as the other major threat. He cites the severing of the main cable leading into the Crimean Peninsula when Russia annexed the region in 2014. 

The operation of Russian submarines along cable routes, and the use of the Yantar-class "intelligence ship", which carries two submarines believed to be capable of destroying cables or tapping them for information. 

Sunak recommended that government departments should focus on cable protection in future reviews, and that undersea cables should be designated as critical national infrastructure. Others involved updating international law and military codes to ensure legal protection, and the construction of new cables in diverse locations to act as backups.

Another recommendation pointed to Australia and New Zealand's Cable Protection Zones, where ships cannot fish or anchor, and can only sail through under supervision by the Coast Guard. Britain should "encourage the establishment" of such zones in the Suez and the Mediterranean to protect connections with the Middle East, Sunak wrote.

In his concluding remarks in the report, Sunak said: "Disrupting cables is not only possible and surprisingly easy, but it can have significantly negative consequences for our security and prosperity. "Despite this backdrop, there has historically been minimal state involvement in the sector, despite its strategic importance."

The Register:    Cable Data Map: Greg Mahlknecht

You Might Also Read:

Can Russian Submarines Cut Off the Internet?:

Cyber Spying All At Sea:

Forget Trident & Welcome To Cyber Warfare:

 

« Cyber Criminals Are The New Mafia
Russia Will Build A Separate Internet Directory »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Ergon Informatik

Ergon Informatik

Ergon Informatik AG is Switzerland's leading provider of customised software solutions and software products including fraud detection and the Airlock web security suite.

Ordr

Ordr

Ordr Systems Control Engine. The first actionable AI-based systems control engine for the hyper-connected enterprise. You’re in control.

Andreessen Horowitz (a16z)

Andreessen Horowitz (a16z)

Andreessen Horowitz (known as "a16z") is a venture capital firm in Silicon Valley, California that backs bold entrepreneurs building the future through technology.

In-Sec-M

In-Sec-M

In-Sec-M is a non-profit organization that brings together companies, learning and research institutions, and government actors to increase competitiveness of the Canadian cybersecurity industry.

QNu Labs

QNu Labs

QNu Labs’s quantum-safe cryptography products and solutions assure unconditional security of critical data on the internet and cloud across all industry verticals, globally.

AlertSec

AlertSec

AlertSec Ensure is a U.S. patented technology that allows you to educate, verify and enforce encryption compliance of third-party devices.

Secure Ideas

Secure Ideas

Secure Ideas is focused on penetration testing and application security including web applications, web services and mobile applications.

Commonwealth Cyber Initiative (CCI)

Commonwealth Cyber Initiative (CCI)

The Commonwealth Cyber Initiative is establishing Virginia as a global center of excellence at the intersection of security, autonomous systems, and data.

Pragma Strategy

Pragma Strategy

Pragma is a CREST approved global provider of cybersecurity solutions. We help organisations strengthen cyber resilience and safeguard valuable information assets with a pragmatic approach.

BlueHalo

BlueHalo

BlueHalo is purpose-built to provide industry capabilities in the domains of Space Superiority and Directed Energy, Missile Defense and C4ISR, and Cyber and Intelligence.

Whitaker Brothers

Whitaker Brothers

Whitaker Brothers data destruction equipment can be found in 115 countries and every single continent in the world, from major military organizations to small offices.

Sev1Tech

Sev1Tech

Sev1Tech is a leading provider of IT modernization, cloud, cybersecurity, engineering, fielding, training, and program support services.

Illustria

Illustria

Illustria is your agent-less “watchdog” for all open source libraries. Our mission is becoming a dev-velocity company, enabled via cyber security.

ZENDATA

ZENDATA

ZENDATA are an innovative provider of intelligent, tailored cybersecurity solutions to global companies and public sector institutions.

Neo Auth

Neo Auth

Neo Auth is an identity and access management solution to help organizations optimize their cybersecurity processes.

Corgea

Corgea

Corgea is AI-powered security platform that finds, triages and fixes your insecure code.