The Internet’s Tubes: Trawling the Vulnerabilities of Deep-Sea Cables

Submarine communications cables seem uniquely at risk, but we may have more to fear from corporate consolidation than from undersea sabotage.

Michael Driver

Few things are as terrifying as the idea of dying in a fire inside of a submerged submarine — which is what happened to 14 sailors following an explosion within the Lorishak, a nuclear-powered Russian sub that was operating off the coast of Norway in July 2019. Little has been publicly confirmed about what the crew was doing at the time, but numerous researchers, academics, and Western security officials allege that the Lorishak was a spy submarine with the ability to tap into or sever deep-sea communications cables.

Between the metaphor of cloud computing, dreams of solar-powered broadband drones, and the promotional fanfare behind the 5G wireless network, most people can be forgiven for imagining the internet as an untethered, virtually immaterial technology. But in reality, it is still mostly a series of “tubes” — approximately 426 of which are responsible for moving 99 percent of global communications traffic across vast expanses of ocean. Submarine communications cables, as they are called, are among the most centralized bottlenecks for internet traffic, facilitating more than $10 trillion in financial transactions per day and serving an important role in coordinating the global economy.

If the internet were to suddenly give out, the resulting shocks would be acute and widely felt — perhaps as difficult to overestimate as they are to predict. In recent years, a growing sense that submarine cables present the network’s weakest links has been fed by alarmist statements from NATO officials, American security analysts, and national media outlets that describe this infrastructure as a uniquely vulnerable target. “Undersea cables help keep Americans connected, prosperous and safe,” wrote former national security advisor Nadia Schadlow in a 2020 op-ed. “Protecting them from sabotage and espionage is a vital national security interest of the United States.”

Submarine cables can operate at depths of more than a mile below sea level, running up to tens of thousands of miles long. They are incredibly difficult to monitor as a result, prompting fears that intelligence agencies might tap into them and conduct surveillance without a network operator’s knowledge. Additionally, while deep-sea cables are typically armored against environmental hazards like anchors, earthquakes, and fish bites in shallow water, their diameters resemble garden hoses at greater depths, making them relatively easy to sever. “The technical capabilities required to damage cables are relatively low and unsophisticated,” wrote former NATO commander Admiral James Stavridis in an influential 2017 study. “The risk posed to these garden hose-thin connections that carry everything from military intelligence to global financial data is real and growing.”

As relations between NATO and Russia have deteriorated, the security of undersea fiber-optic cables has become a prominent focus of an apparently resurgent arms race around deep-sea military force projection. “We are seeing Russian underwater activity in the vicinity of undersea cables that I don’t believe we have ever seen,” said US Navy Rear Admiral Andrew Lennon, then commander of NATO’s submarine forces, in a 2017 interview with The Washington Post. “Russia is clearly taking an interest in NATO and NATO nations’ undersea infrastructure.”

While Russian submarines have allegedly been prowling the routes of transoceanic internet cables, NATO officials have also highlighted an uptick in activity by the Yantar, an intelligence vessel that acts as a mothership for a small fleet of deep-sea mini-submersibles. According to Russian media, the ship has equipment “designed for deep-sea tracking” and “connecting to top-secret communication cables.” In recent years, it has been observed operating near Mediterranean submarine cables bringing internet connections to Israel and Syria, as well as military cables leading to the secretive US base in Guantanamo Bay.

“Whether this renewed Russian activity seeks to eavesdrop on cable-borne communications, or aims to survey them so that they can be more easily severed during a conflict, the dramatic effect of such interference cannot be overstated,” wrote US Rep. Joe Courtney (D-CT), the current chair of the House Armed Services Subcommittee on Seapower and Projection Forces, in a Defense News column. These fears have been used to justify a buildup of NATO’s Atlantic naval capacity, as well as funding for a new cable security fleet program established in the 2020 Department of Defense budget, and the US Navy’s first new military cable ship since the Cold War.

To understand the worst-case scenario for a hypothetical attack on deep-sea cables, we can look to major faults from recent history. Last year, for example, a single break in the Red Sea knocked out internet service for 28 million Yemenis, with impacts reaching into Africa and as far south as Tanzania. A few years before that — several months prior to the 2013 military coup in Egypt — three men were arrested in connection with a suspected act of sabotage that severed a major cable in the region, reducing connection speeds in Egypt by as much as 60 percent. Major outages have also been caused by apparently innocent mistakes, such as when an elderly Georgian woman accidentally severed a cable that knocked all of Armenia offline for five hours in 2011. Even brief outages like this can incur huge economic tolls, slowing, complicating, or even halting essential services like transportation and healthcare. “The exact locations of these cables are both isolated and publicly available,” wrote British MP Rishi Sunak, describing them as “jugulars of the world economy which are a singularly attractive target for our enemies.”

Despite all this bluster, dire warnings of physical attacks on deep-sea internet cables are likely overstated, if not entirely misplaced. According to a statement from the International Cable Protection Committee (ICPC), a nonprofit organization focused on submarine cable protection, around 200 subsea cable faults occur each year. “The majority of these are caused by bottom contact fishing in which fishing gear snags a cable and damages it,” the statement notes. “Other predominant risks are vessel anchors and dredging. Malicious and intentional damage to submarine cables is a serious matter and has occurred sporadically since the telegraph era, but it is also very rare.”

Submarine cables are more often clipped by landslides or accidents than deliberate attacks, and even when lines are cut, the effects are seldom felt in the West. The commercial internet takes advantage of immense redundancy to reduce the impacts of temporary outages, which strengthens the reliability of directing traffic across the network via multiple routes. The internet’s TCP/IP protocol suite determines how data is divided into packets and addressed, routed, and received, allowing the flow of information to quickly adapt to changes or disruptions. Because TCP/IP generally routes traffic in a permissionless manner — in theory, gatekeepers cannot selectively grant network access — you would need to simultaneously cut a critical mass of cables in order to spark total outages anywhere other than in poor or remote regions with only one or a few connections to the larger network. 

Unless a sophisticated actor were to simultaneously sever all of the manifold cables connecting the US to the broader world, it is unlikely this would constitute an effective attack. “A lot of the internet is actually located in the US,” explained Nicole Starosielski, a media studies professor at New York University and the author of The Undersea Network, in a recent interview. “If you cut the cables between the US and someplace else, chances are, someplace else might suffer more.” Thanks to the internet’s distributed architecture, we’re able to get a significant amount of mileage out of just a few hundred deep-sea garden hoses.

In The Undersea Network, Starosielski suggests one possible explanation for why we hear so much scaremongering from security officials despite the relatively low risk of a deliberate attack, proposing that we read narratives of cable disruption through the lens of a dominant power structure’s fears and anxieties. During the Cold War, for example, American media portrayed Soviet interference as the biggest threat to deep-sea communication systems despite the fact that the most significant cable-tapping offensive, Operation Ivy Bells, was conducted by American intelligence agencies. In today’s globalized world, she writes, “cable breaks continue to be written about in relation to security concerns,” such as terrorists or rogue states. 

“If you have a Russian submarine in the vicinity of a cable, it becomes a news story because people are interested in threats from hostile nation-state actors,” said Starosielski. “They’re not interested in how a fisherman’s net caught on a cable and accidentally shut off the internet.”

“More people than ever before are invested in the deep sea,” she continued, suggesting that the very real international buildup of deep-sea military force projection that we see today might be better understood as “part of a larger, intensified investment in deep-sea space.” To many people, the internet symbolizes a kind of global unity. An existential threat to its trans-oceanic backbone might serve as a more effective call to arms than, say, deep-sea mining. 

Fears of a physical attack may be hyperbolic, but deep-sea cable surveillance does at least present a more realistic scenario. Military subs like the USS Jimmy Carter, for example, are reportedly capable of tapping and culling data from cables. Even so, Starosielski maintains that fears of deep-sea surveillance are often trumped up. “Not because it’s not possible,” she said, “but because there are way easier ways to do it without getting a submarine and going to the bottom of the ocean. It’s easier to tap on-land physical infrastructure with the assistance of people that will help you tap it.”

“Submarine-borne physical tapping is extremely unlikely and would be very difficult to execute,” said the ICPC in a statement, “especially on modern fiber optic cable systems with encrypted data.” Starosielski also emphasized that cable tapping is a blunt surveillance measure, and would inevitably capture an enormous amount of white noise. “You can have tens of thousands or millions of people sending video through cables every second,” she said, arguing that going through platforms would likely be more effective. Furthermore, because TCP/IP usually routes packetized data along diverging paths, data copied from any one cable is likely to be incomplete and of diminished value.

With help from US-based telecom conglomerates like AT&T, the NSA has already shown that intelligence agencies are perfectly capable of siphoning data from terrestrial backbone infrastructure without needing to engage in complex deep-sea sabotage. This reality is likely a driver behind the US government’s interest in the outcome of the mounting struggle between American and Chinese companies over control of the world’s internet infrastructure. When then-Secretary of State Mike Pompeo announced vague initiatives last year “to ensure the undersea cables connecting our country to the global internet are not subverted for intelligence gathering by the People’s Republic of China,” it is natural to wonder if he was also thinking of the US’s own intelligence-gathering operations.

National security hawks aside, the average internet user may in fact have more to fear from the recent, aggressive push into the submarine cable space by domestic tech giants. According to American research firm TeleGeography, Google, Facebook, Amazon, and Microsoft collectively own or lease about half of all undersea bandwidth — and are increasingly laying their own cable. This development signals a troubling merger of the dominant platforms with the physical networks that sustain them, forming a system that looks more and more like a totalizing digital oligarchy. To quote Shoshana Zuboff, author of The Age of Surveillance Capitalism: “It’s almost like we woke up and suddenly the internet was owned and operated by private capital under a kind of regime, a new economic logic that really was not well understood.”

If greater network security is something we want, it is almost certainly more prudent to build on the strengths of the internet’s distributed infrastructure than to pour millions of tax dollars into unaccountable deep-sea military force projection. Protecting poor and isolated regions from routine outages or deliberate attacks, for example, could simply mean building infrastructural redundancy on the basis of need rather than profit — that is, wrestling control of the ocean’s subsea cables away from corporate tech giants and placing them under genuinely democratic governance structures. Meanwhile, structural solutions to state and corporate surveillance might involve user-centric tweaks to the internet protocol suite, like working in protocol-level encryption — an alternative to ad hoc solutions like virtual private networks (VPN) that was originally envisioned by TCP/IP architects Robert Kahn and Vint Cerf.

With the internet’s deep-sea cables serving as sites of corporate consolidation and geopolitical tug-of-war, the network’s once-utopian aspirations are a fading memory. The clearest way to revive them is by deepening the internet’s structural commitments to collectivization, democracy, and horizontal distribution.

Artwork By

Michael Driver

Contact Us

Have an idea for a story or illustration? Interested in discussing partnerships? We want to hear from you. Send us a note at info(at)thereboot(dot)com.

Recommended Reading