Cyber security implies protecting the confidentiality, availability and integrity of computer systems and networks. Often security researchers and security teams focus on threats to software and the risks associated with authenticating and managing users. However, computing systems are built upon a tall stack of computing resources.
Each layer within the stack is exposed to specific threats which need to be considered as part of a cyber security strategy. As the threat landscape evolves and exposure to risk changes, organizations need to review their threat exposure and consider if current mitigations are sufficient for their needs.
The recent disruption of the Nord Stream submarine gas pipeline in the Baltic Sea by an apparent act of sabotage highlights the risks to infrastructure located beneath the waves. The telecommunications infrastructure that carries internet traffic between countries and continents is often provided by submarine cables. These cables are relatively few in number but carry vast amounts of internet and enterprise traffic, potentially from many different service providers.
The seabed is a challenging environment for infrastructure. Sea water is corrosive, the pressure on the ocean floor can be extreme, while earthquakes, ship’s anchors and dredging provide additional risks to may result in the severing of a cable. Submarine cables are only expected to achieve a lifespan in the region of 25 years before failure.
Repairing or replacing a submarine cable is expensive and time consuming. It may be many months before a failed cable can be repaired or replaced. In the absence of a functioning cable, internet connections must be rerouted to avoid disruption. However, this risks saturating the remaining infrastructure and adversely affecting the quality of connections.
Organizations that require high availability international or intercontinental network connections should review their exposure to the risk of submarine cables failure. The nature of this risk will depend on how services are currently delivered.
- Services may be delivered by a single service provider with a guaranteed level of service. In this case, organizations should review their provider’s contingencies in case of loss of one or more submarine cables and verify that these meet requirements.
- Piecemeal connections delivered by multiple providers may have been assembled to satisfy needs. Organizations should verify that this connectivity is able to support network requirements if one or more of the connections are unavailable. Organizations should seek to avoid single points of failure such as landing stations or conduits that may be shared by what otherwise appear to be independent connections.
- Software-defined Wide Area Networking (SD-WAN) is often used to route traffic in the most efficient manner to meet requirements. The flexibility of the approach implies that the loss of any single physical path would not lead to the loss of connectivity, but the increased flow of data within remaining paths may lead to a degradation in connection quality. Organizations should model how the loss of an undersea cable would affect their services and check if additional redundancy is necessary.
At the time of writing there is no specific threat to undersea infrastructure. Other than attacks against terrestrial cables, no cable damage has been shown to be due to sabotage. Nevertheless, the Secretary General of NATO has stressed the importance of undersea cables to civilian society and military capability . The British Chief of Defense Staff has warned how seriously intentional damage to telecommunications cables would be taken .
Physical infrastructure can not be taken for granted. Organizations would do well to review the impact of one or more submarine cables being taken out of service. Preparing response plans and contingencies in advance ensures that disruption is kept to a minimum in the event that such a scenario occurs.
. Press Conference (22 Oct 2020), NATO Secretary General Jens Stoltenberg.
. “Chief of Defence Staff: Russia cutting underwater cables could be ‘an act of war’” (8 Jan 2022), Forces.net.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels