Undersea fibre optic cables that relay web traffic between the UK and the rest of the world and whose locations are known to everyone could be sabotaged by Russia, China or Iran in the future to cripple the UK, new research has warned.
Undersea fibre optic cables connect the UK to the rest of the world and their destruction may cause significant damage to the economy and national security.
Conservative MP Rishi Sunak has, in a new research paper published by Policy Exchange, warned of the dangers posed to undersea fibre optic cables by enemy states, how their locations are made public despite their existing vulnerabilities, and how any damage caused to them could temporarily cripple the UK in the future.
The threat of a physical attack
Sunak, a Member of Parliament for the constituency of Richmond, highlighted the fact that undersea fibre optic cables transmit 97% of global communications and $10 trillion in daily financial transactions and as such, are critical to a nation's trade relations with other countries as well as how much it communicates with others.
Despite being of such value, Sunak wonders why such cables are so poorly protected, considering that they can be easily destroyed by enemy submarines or terrorists who have the means to reach them.
'US intelligence officials have spoken of Russian submarines “aggressively operating” near Atlantic cables as part of its broader interest in unconventional methods of warfare. When Russia annexed Crimea, one of its first moves was to sever the main cable connection to the outside world,' he wrote.
'Undersea cables come ashore in just a few remote, coastal locations. These landing sites are critical national infrastructure but often have minimal protection, making them vulnerable to terrorism. A foiled Al-Qaeda plot to destroy a key London internet exchange in 2007 illustrates the credibility of the threat.'
Sunak added that a successful attack on undersea fibre optic cables could pose an existential threat to the UK's national security. As such, protecting the freedom of the seas and all the lanes of communication on and under them is paramount.
In his paper, Sunak has suggested a number of steps the UK should take to improve the security around its undersea cable infrastructure. These include reviewing and improving the security at UK landing sites where cables come ashore, providing sufficient maritime resources to secure the cable infrastructure, installing more backup ‘dark cables’, improving monitoring at sea, and leading efforts to develop a new international treaty to protect undersea cables.
The digital threat
While Sunak has warned about the physical threat to undersea fibre optic cables, there's a more worrisome digital threat that the government and private companies must take note of as well.
Last year, a study conducted by Thales eSecurity revealed that while 37% of global companies were deploying a consistent encryption strategy across their enterprise, many of such strategies were implemented only where data was stored and not where data was "in-flight".
'What many people don’t realize is that fibre optic cables are often easily accessible and unguarded – even clearly marked with signs like the one pictured here to reduce accidental fibre cuts – making them susceptible targets for hackers,' noted network infrastructure firm Ciena.
'Anyone with Internet access can shop online for one of several easy-to-get tools and, after watching a few YouTube videos that guide you through the tapping process, be well-equipped to steal sensitive data from a fibre optic cable,' it added.
The firm added that data breaches could happen even without the provider knowing that a breach has happened, which means that hackers can gain access to terabytes of sensitive information for long periods without being caught in the act.
'An operator may observe some loss on the optical line but will not know that his or her in-flight data is being monitored. This means that a network could be compromised for long periods of time without detection,' the firm added.
We wonder if the thought has crossed the minds of those thousands of state-sponsored hackers who lose no opportunity to steal personally identifiable information of UK citizens, as well as critical data belonging to the government or national infrastructure firms.