Introduction
Submarine Communications Cables (SCCs) are a vital part of global communications infrastructure. SCCs are also known by a variety of other names, to include underwater/undersea communications cables. However, for consistency, this paper will utilize the acronym SCC. This paper will examine the various threats and hazards that have the potential to affect SCCs, as well as a few recent case studies highlighting threat/hazard events involving SCCs.
SCC Overview
Modern SCCs consist of a fiber optic cable laid at the bottom of the ocean to connect two (2) or more landing stations. They are comprised of the optical fibers that carry data traffic, including internet and phone service. The fibers are typically covered in silicon gel and sheathed in plastic, steel wiring, copper, and nylon for insulation and protection. Many SCCs are no thicker than a household garden hose.1
Cable landing stations connect continents and provide the point where SCCs meet terrestrial networks. This enables internet service providers (ISPs), telecommunication networks, and other data centers to communicate across the globe. SCCs support commercial, economic, and national security ventures, and they also transmit the majority of civilian, military, and government offshore communications traffic. Over 95% of international data and voice transfers are routed through SCCs. They connect the continental U.S. with Alaska, Hawaii, American Samoa, Guam, the Northern Marianas, Puerto Rico, and the U.S. Virgin Islands, as well as the rest of the world. SCCs are laid using ships outfitted for laying the optical cable on the ocean floor. A subsea plow is used to trough and bury SCCs near the shoreline to avoid damage from ships anchoring and fishing.1,2,3,4
Some cables are short, like the 131-kilometer CeltixConnect cable between Ireland and the United Kingdom. Others are significantly longer, such as the 20,000-kilometer Asia America Gateway cable. The 2Africa project connects 46 cable landing stations in 33 countries in Africa, Asia and Europe, at a length of 45,000 kilometers. It is the longest SCC in the world.5,6
In 1995, the traffic between satellite and submarine cables was evenly split. Today, SCCs carry over 97% of data traffic. Satellites are useful as an emergency backup during disasters, to expand mobile coverage, and to connect isolated areas. However, satellite communications are expensive, less reliable, and are becoming less common as SCC coverage grows. However, while SCCs are equal to landlocked cable systems in their capacity for data transmission, routing through multiple sovereign territories requires satellite communications to bridge gaps.7
There are only four (4) major companies in the world that manufacture and lay SCCs: The U.S.’s SubCom, Japan’s NEC Corporation, France’s Alcatel Submarine Networks and China’s HMN Technologies (formerly Huawei Marine Networks). In November 2020, Huawei Marine was rebranded as HMN Technologies Co. This followed Hengtong group completing its 81% shareholding acquisition of Huawei Marine. The remaining 19% was held by New Saxon 2019 Ltd. In December 2021, HMN Technologies was added by the U.S. Commerce Department’s Bureau of Industry and Security (BIS) to its Entity List because of national security and human rights concerns. For sensitive projects, the U.S. government reportedly only works with U.S.-based SubCom. Several other companies are sole or partial owner of SCCs or are major capacity buyers. These include Amazon, Meta, Google, and Microsoft. Content providers include Apple, LinkedIn (owned by Microsoft), Dropbox, IBM, OVH, Chinese content providers like Alibaba and Tencent, and content delivery networks like Akamai, Cloudflare, and Limelight.8,9,10,11
As of early 2024, there are nearly 1.4 million kilometers of SCCs worldwide. Europe, Asia, and Latin America all have significant volumes of data to communicate between their shores and North America. Conversely, there may be less data that needs to travel between other countries. SCCs are placed according to market demands. For example, if an emerging industry required extensive communications between Australia and South America, demand for a new cable in the South Pacific would likely drive construction.4
SCC Threat Environment
Due to their critical importance to global communications, SCCs are likely a highly appealing target to various threat actors. Because SCCs carry government/military communications, they are a potential target for espionage and sabotage by foreign nation-states. During the Cold War, the U.S. reportedly gained valuable intelligence by conducting a covert operation to tap an SCC that connected two Soviet naval bases. In early 2023, the North Atlantic Treaty Organization stated that Russia may seek to target SCCs following a suspected Russian attack on the underwater Nord Stream pipeline.12,13,14
Concerns have also been raised regarding China’s ability to tap into cables due to the market share held by HMN Technologies (formerly Huawei Marine). As previously noted, HMN Technologies has been flagged by the U.S. as a potential security risk. While Huawei had historically been scrutinized due to its ability to support China’s intelligence-gathering efforts, the sale/rebranding to HMN Technologies does not appear to have mitigated these concerns. A key stakeholder in HMN Technologies has notable ties to the Chinese Communist Party, and could potentially facilitate use of HMN infrastructure for espionage purposes.15,16
Non-state actors such as terrorist groups could also potentially seek to target SCCs and associated infrastructure. However, such groups likely have significantly lower capabilities than nation-states, and may seek to target shore infrastructure such as cable landing stations. Any significant disruption to international communications could serve as a symbolic victory for militant groups.
Malicious cyber actors could also seek to target SCCs for a variety of purposes. Cyber actors operating on behalf of a nation-state could be pursuing similar espionage/sabotage objectives as described above. However, other cyber actors may be pursuing financial gains (such as in a ransomware attack) or may be acting in pursuit of political objectives. Other cyber activity could affect the infrastructure that supports SCCs (such as cable landing stations), causing inadvertent disruptions.
SCC Hazard Environment
Estimates by telecommunication market research firm TeleGeography indicate an average of more than 100 SCC faults each year. Accidental hazards account for approximately 75% of the yearly SCC breaks. Natural hazards and equipment failure account for 14% and 6% of SCC breaks respectively with intentional damage making up the remaining 5%. While the recent Red Sea attack resulting in damage to three (3) SCCs is drawing attention to the vulnerabilities of SCC’s, accidental and natural hazards are far more likely to cause breakage.17
The most common accidental cause of SCC breaks is from fishing and anchoring. Anchors, when dropped directly onto the cables, cause damage to a relatively short section of the cable. When anchors, fishing gear or trawl nets hook onto a cable and drag it for some distance, the damage occurs across a much longer section of the cable and often requires the entire section of cable to be replaced. Although very rare, a vessel running aground or sinking can also cause damage to SCCs.18
Maritime Spatial Planning (MSP) attempts to balance the use of maritime space by traditional and emerging sectors while preserving the proper functioning of marine ecosystems. MSP can help reduce the accidental risk to SCCs by deconflicting marine areas used by fisheries, shipping, and SCCs. The appropriate burial of SCCs below the sea floor can help avoid accidental hazards, however natural hazards can expose buried cables over time. The shortest route possible across shipping lanes should be used for the planning and installation of SCCs. Creation of well documented zones where anchoring, trawling and certain forms of fishing are prohibited can also reduce the number of accidental breaks. Currently there are no universally accepted cable protection standards across the private sector and governments worldwide.17,18
Natural hazards to SCCs include earthquakes, volcanic activity, tsunamis, submarine landslides, tropical cyclones, storm surge, flooding, and rising sea levels. These natural hazards can displace large volumes of sediment, exposing cables to damaging turbidity currents. Tropical cyclones increase waves and currents creating higher potential of damage to SCCs. Storm-generated movement of sand, gravel and other seabed sediments can erode surface-laid cables. Sediment flows from river flooding, earthquakes and submarine landslides have caused sufficient movement of SCCs causing them to break. Sea floor vibrations from earthquakes and volcanic eruptions have cut SCCs in several incidents. Although natural hazard damage to SCCs is not common, they often cause multiple faults on multiple cables across long sections of the cable due to the broad geographic nature of many natural hazards.19,20,21
Cable landing stations are also susceptible to the risks posed by natural hazards. Cable landing stations are located in coastal areas which have an increased risk of tropical cyclones, storm surge, tsunamis, and flooding. The equipment associated with cable landing stations include telecommunications equipment, power generators, battery plants, and computer controls. These systems are sensitive to moisture and must be kept dry. Roofs can be damaged by high winds or rising water from floods and storm surge can enter the station and cause damage to equipment. Various types of storm surge and flooding are worsened by the effects of rising sea levels. Climate and natural hazard projections should be considered when planning and developing new SCC infrastructure which generally has a 20-30 year operational lifespan.
19,20,21
Case Study: 2022 Tonga Volcanic Eruption
On 15 January 2022, a massive underwater volcano eruption severed an SCC in Tonga, a remote island located east of Australia in the Pacific Ocean. The cable linked Tonga to Fiji, then onward to other cable networks. With the cable severed, Tonga lost the vast majority of its internet connectivity, with only limited satellite capabilities available. Restoration efforts took approximately five (5) weeks.22,23
The lack of connectivity hindered eruption-related response and recovery efforts, as an estimated 85% of Tonga’s population was affected by ash fall and limited access to safe drinking water. The lack of communication capabilities also made it difficult for Tongans and those visiting the country to contact friends and family outside the country.22,23
This incident highlights the potential for natural hazard-driven disruptions affecting SCCs, many of which can occur with little to no warning. Additionally, the incident highlights the reliance on SCCs in remote locations; particularly in island nations.
Case Study: 2022 Hawaii Hack
In April 2022, a cyberattack on an unidentified Hawaii-based SCC was stopped by Homeland Security Investigations (HSI). A hacking group reportedly targeted a private company’s servers on the island of Oahu. HSI agents acted on a tip from out-of-state colleagues, identified the attack, and blocked access. An international hacking group was allegedly responsible. HSI worked with law enforcement in other countries to identify and arrest a suspect, whose name was not revealed in open source reporting, nor was the country where the apprehension occurred. Neither the goals of the attacks nor the nature of the charges have been made public.24
There are eight (8) SCCs that run through Hawaii connecting the mainland to foreign countries, including Japan, Australia and New Zealand. There are contingencies in the event of a successful hack or kinetic attack on an SCC. Communications can be rerouted to another cable. In the case of the attack on Oahu, there was no damage to the SCC or related infrastructure. However, that SCC and others in the area are still fundamentally vulnerable.25
While details surrounding this incident are limited, Hawaii is home to a dense concentration of U.S. military installations, assets, and personnel. Additionally, current reporting noted that the hacking group responsible was based internationally. It is possible that this activity could be related to espionage efforts or other malicious activity targeting the DoD.
Case Study: 2024 Houthi Attack
In early 2024, the Yemen-based Houthi militant group publicly threatened to target SCCs that pass through the Bab al-Mandab Straight, where there are at least 15 cables that carry approximately 17% of the world’s internet traffic. The Houthis posted an image depicting SCC routes in the Red Sea on the Telegram app, claiming that the maps were easily accessed. The legitimate (U.N. recognized) government of Yemen issued warnings due to the Houthi threats. Some dismissed the warnings, stating that the Houthis did not have the capability to target the cables.26,27
Three (3) of the undersea communication cables in the Bab al-Mandab Strait were damaged on 24 February 2024. Some early reporting on the incident speculated that the Houthis were responsible although the group denied any involvement. The latest reporting indicates that the SCCs were cut by the dragging anchor of the UK-owned cargo vessel, Rubymar. The ship was struck by a Houthi missile on 18 February 2024 causing significant damage. The crew dropped the anchor prior to abandoning the ship on 19 February 2024. The ship drifted, dragging the anchor across the Red Sea bottom, until it eventually capsized on 2 March 2024. These damaged SCCs belong to separate systems that connect Europe with Asia and Africa. The communications on the three (3) cables were rerouted through other cables, limiting the impact of the incident. Repairs may be delayed due to the availability of cable repair ships, which are usually scheduled in advance.26,27
Some analysts who dismissed the Houthi capability to carry out an attack on SCCs based their assessment on the premise that a threat actor would need the technical expertise and equipment to dive or use a manned or unmanned submersible to be successful. While the damage to SCCs in this incident was almost certainly an unintentional secondary effect of attacking local shipping, it highlights the vulnerability to SCCs. Threat actors aware of marine areas where SCCs are present would simply need to drag a ship anchor or pose as a fishing vessel to intentionally damage SCCs while providing the appearance of an accidental hazard.26,27
Outlook
SCCs will continue to serve a key role in the global communications infrastructure, while remaining susceptible to a wide variety of manmade and natural threats and hazards. SCCs will remain a highly appealing target to nation-state and non-state threat actors alike, while the natural hazard environment will persist, and many natural hazards are expected to be exacerbated by the effects of climate change. RMC’s Intelligence & Climate Analysis Division continues to monitor the global threat/hazard environment, to include incidents that may affect SCCs.
Sources
1. Swinhoe, D. (2021, August 26). What is a submarine cable? Subsea fiber explained. Retrieved from https://www.datacenterdynamics.com/en/analysis/what-is-a-submarine-cable-subsea-fiber-explained/.
2. Huston, G. (2023, March 14). Submarine cable resiliency in the face of disruptions. Retrieved from https://circleid.com/posts/20230314-submarine-cable-resiliency-in-the-face-of-disruptions.
3. EXA Infrastructure. (n.d.). Cable landing station. EXA Infrastructure. Retrieved fromhttps://exainfra.net/exa-knowledge-centre/cable-landing-station/.
4. TeleGeography. (n.d.). Submarine cable frequently asked questions. TeleGeography. Retrieved from https://www2.telegeography.com/submarine-cable-faqs-frequently-asked-questions.
5. Submarine Networks. (2020, May 15). 2Africa: a transformative subsea cable for future internet connectivity in Africa. Submarine Networks. Retrieved from https://www.submarinenetworks.com/ en/systems/asia-europe-africa/2africa.
6. NOAA. (n.d.). Submarine cables. NOAA. Retrieved from https://www.noaa.gov/submarine-cables.
7. Detecon Asia-Pacific Ltd. (2013, February). Economic impact of submarine cable disruptions. APEC. Retrieved from https://www.apec.org/docs/default-source/Publications/2013/2/Economic-Impact-of-Submarine-Cable-Disruptions/2013_psu_-Submarine-Cables.pdf.
8. Technavio. (2017, October 30). Top 5 vendors in the global submarine fiber cable market from 2017 to 2021. Business Wire. Retrieved from https://www.businesswire.com/news/home/ 20171030006219/en/Top-5-Vendors-in-the-Global-Submarine-Fiber-Cable-Market-from-2017-to-2021-Technavio.
9. Converge Digest. (2021, December 16). U.S. adds Huawei Marine Networks to entity list. Converge Digest. Retrieved from https://convergedigest.com/us-adds-huawei-marine-networks-to/.
10. Brock, J. (2023, March 24). U.S. and China wage war beneath the waves – over internet cables. Reuters. Retrieved from https://www.reuters.com/investigates/special-report/us-china-tech-subcom/.
11. TeleGeography. (2017, November 9). A complete list of content providers’ submarine cable holdings. TeleGeography’s Official Blog. Retrieved from https://blog.telegeography.com/ telegeographys-content-providers-submarine-cable-holdings-list.
12. Wall, C., & Morcos, P. (2021, June 11). Invisible and vital: undersea cables and transatlantic security. Center for Strategic and International Studies. Retrieved from https://www.csis.org/analysis/invisible-and-vital-undersea-cables-and-transatlantic-security.
13. Carle, M. (2022, June 29). The mission behind Operation Ivy Bells and how it was discovered. Military.com. Retrieved from https://www.military.com/history/operation-ivy-bells.html.
14. Siebold, S. (2023, May 3). NATO says Moscow may sabotage undersea cables as part of war on Ukraine. Reuters. Retrieved from https://www.reuters.com/world/moscow-may-sabotage-undersea-cables-part-its-war-ukraine-nato-2023-05-03/.
15. Clark, E. (2021, July 23). Undersea cables bring Pacific nations online, but there are concerns China is trying to tap in. ABC News. Retrieved from https://www.abc.net.au/news/2021-07-24/china-huawei-build-png-cable-that-connects-to-sydney/100249922.
16. Hasler, J. (2019, June 5). Huawei Marine is being sold. That’s unlikely to change the threat it poses. Washington Post. Retrieved from https://www.washingtonpost.com/politics/2019/06/05/huawei-marine-is-being-sold-thats-unlikely-change-threat-it-poses/.
17. Congressional Research Service. (2023 August 7). Protection of Undersea Telecommunication Cables: Issues for Congress. Retrieved from https://sgp.fas.org/crs/misc/R47648.pdf.
18. European MSP Platform. (n.d.). Cables and Fisheries. European Union. Retrieved from https://maritime-spatial-planning.ec.europa.eu/sector-information/cables-and-fisheries.
19. Drew, S. (2009, October.). Causes of Cable Faults and Repairs in Regional Seas. International Cable Protection Committee. Retrieved from https://cil.nus.edu.sg/wp-content/uploads/2009/10/Causes_of_Cable_Faults_and_Repairs_in_Regional_Seas.pdf.
20. Dr. Clare, M. (2023, May). Submarine cable protection and the environment. International Cable Protection Committee. Retrieved from https://iscpc.org/publications/submarine-cable-protection-and-the-environment/ICPC_Public_EU_May%202023.pdf.
21. Clare, M. et al. (2023). Climate change hotspots and implications for the global subsea telecommunications network. Earth Science Reviews. Retrieved from https://pdf.sciencedirectassets.com/271741/1-s2.0-S0012825222X00135/1-s2.0-S0012825222003804/main.pdf.
22. Menon, P., & Westbrook, T. (2022, January 18). Undersea cable fault could cut off Tonga from rest of the world for weeks. Reuters. Retrieved from https://www.reuters.com/markets/funds/undersea-cable-fault-could-cut-off-tonga-rest-world-weeks-2022-01-18/.
23. British Broadcasting Company. (2022, February 22). Tonga volcano: Internet restored five weeks after eruption. Retrieved from https://www.bbc.com/news/world-asia-60458303.
24. Boylan, P. (2022, April 12). Cyberattack on Hawaii undersea communications cable thwarted by Homeland Security. Star-Advertiser. Retrieved from https://www.staradvertiser.com/2022/04/12/ breaking-news/cyberattack-on-hawaii-undersea-communications-cable-thwarted-by-homeland-security/.
25. Hawaii News Now. (2022, April 13). HSI agents in Honolulu disrupted cyberattack on undersea cable critical to telecommunications. Retrieved from https://www.hawaiinewsnow.com/2022/04/13/hsi-agents-honolulu-disrupted-cyberattack-undersea-cable-critical-telecommunications/.
26. Monaghan, S. et al. (2024, March 7). Red Sea cable damage reveals soft underbelly of Global Economy. Center for Strategic and International Studies. Retrieved from https://www.csis.org/analysis/red-sea-cable-damage-reveals-soft-underbelly-global-economy.
27. Vigliarolo, B. (2024, February 27). Underwater cables in Red Sea damaged months after Houthis ‘threatened’ to do just that. The Register. Retrieved from https://www.theregister.com/2024/02/27/red_sea_cables_houthi/.
