Bottom Line: The U.S. and its NATO allies have warned that an uptick in Russian submarine activity near undersea fiber optic cables means Moscow may be plotting to disrupt or intercept sensitive or other critical internet communications in the event of a confrontation with the West. Their warning serves as a plea to western civilian leaders for greater funding to monitor such activity – and also, serves as a public demarche to Russia to cease and desist that is likely to be ignored.
- Fiber optic cables are large underwater wires that relay 99 percent of the world’s digital communications. Approximately 400 undersea fiber optic cables span an estimated 683,000 miles across oceans and seas. This privately owned physical infrastructure binds the digital world, allowing servers in Hong Kong to quickly respond to requests from a computer in Washington, for example.
- Physical damage is the main threat to fiber optic cables. The cable industry estimates that over 150 faults in cable connectivity occur every year, with the vast majority of them being isolated or accidental incidents such as fishing boats dragging their anchors near shallow shores. Since there is an expectation of damage, the industry has built-in network redundancy, or backup “dark cables” that could quickly replace damaged cables to limit the effects of such disruptions.
- When fiber optic cables are disrupted, they can cause significant loss in network traffic. In March 2013, the Egyptian navy detained three men for allegedly attempting to cut an undersea cable off the coast of Alexandria, a hub of Mediterranean cable-landing points. The damage caused a 60 percent drop in internet speeds throughout the country. Back in January 2008, two cables that were cut off Alexandria’s coast temporarily shut down internet access in Egypt, India, Pakistan and Kuwait. In December 2006, four major fiber optic lines were damaged as a result of an earthquake that hit Taiwan, choking data transiting to and from Hong Kong, South East Asia and China until the traffic was fully restored 49 days later.
- Russia has sought to modernize its submarine fleet, servicing and acquiring 13 additional vessels since 2014. Estimates are that Russia has an arsenal of 60 full-size submarines compared to the U.S. fleet of 66. Russia accelerated the refurbishments and additions to its sub fleet after the Kremlin’s annexation of Crimea in 2014 heightened tensions with the U.S. and NATO.
- With submarines capable of stealthy, long-distance deployments, Russia can use them in a range of potentially hostile actions, from serving as the long arm of conventional weapons in lower-level conflicts such as Syria, to tracking the long routes of undersea cables, to retaliating with ballistic missiles in case of nuclear war. “There’s a new risk to our way of life, which is the vulnerability of the cables that crisscross the seabeds,” warned Britain’s Air Chief Marshal Sir Stuart Peach, speaking at the Royal United Services Institute in December. “Therefore, we must continue to develop our maritime forces…to match and understand Russian fleet modernization.”
Admiral Jonathan Greenert, former Chief of U.S. Naval Operations
“What they are doing is rebuilding a ballistic missile submarine fleet that would be effective. Russia is very defense-orientated, so they believe that nuclear deterrence is the key to that, and their most survivable part of that will be their ballistic missile submarine fleet. They are also looking for a submarine that will be quiet enough that will go out and double as a cruise missile submarine for both anti-carrier, but also surface-to-land missiles. So they are on the rebound.”
Issue: Russia has increased the size and capabilities of its submarine fleet, expanding its access to underwater fiber optic cables that transport humanity’s digital information. The close proximity of Russian military vessels to these pan-oceanic information highways is causing alarm among NATO countries, with fears that Russia could sever, tap or corrupt the flow of secretive or other crucial communications.
Rick Ledgett, former Deputy Director of the NSA
“Fiber optic cables are a chokepoint, and that is a natural place to do monitoring. Chokepoints give you efficiency as opposed to having to go after a bunch of individual channels. Chokepoints help you achieve economies of scale in that regard. Those are hard things to do, though. The engineering attached with tapping fiber optic cables is formidable, and when you add it being underwater, that makes it really formidable.”
- The deluge of data transiting the undersea cables would be of tremendous intelligence value for the Kremlin. But tapping such cables at the depths of the ocean is a significant engineering feat, and doing so at the cable’s landing points onshore is much more feasible.
- Cutting the cables entirely, however, would be particularly effective at depths where it would be difficult to repair them. Such an action could lead to significant economic fallout, disrupt important military communications, or divert network traffic patterns to cables that are already tapped. The U.S. military is almost always operating at the end of a long tether, and these fiber optics are its communications lifeline for high-volume data too burdensome for satellite communications. Tactically severing specific cables prior to, for example, a full-on shooting war spurred by a Russian invasion of the Baltics could significantly hinder a U.S. response.
- Experts are unaware of any publicly known instances of intentional disruption of internet cables by Russian forces thus far, and it would take significant preparation for such a surgical operation to achieve the desired result – but the Russians are working on developing that skill. “These types of high tech, delicate and complex undersea maneuvers constitute important training and preparation for the Russian Navy,” wrote (ret.) James Stavridis, a Cipher Brief expert and former Supreme Allied Commander of NATO. “The ability to tap these cables for intelligence as well as attack them with precision is a skill-based activity that requires detailed knowledge and real precision work at depth, according to many reports. Practice is vital.”
- Should the Kremlin seek to understand the specific effects disruption could have—their own communications could be affected too—the Russian military could conduct deniable disruption by using fishing vessels, for example.
- Russia also could attempt to breach the network-management software used to control the flow of data along the ocean floor. The software is similar to the Supervisory Control and Data Acquisition (SCADA) systems used in other industrial systems, such as power grids. With access, Russian hackers could monitor data traffic, see cable faults and tinker with wavelengths that transmit data to slow it or reroute it. Russian state-sponsored hackers already have proven their ability to conduct such sophisticated operations by temporarily shutting down portions of Ukraine’s power grid in December 2015 and 2016.
Chris Inglis, former Deputy Director of the NSA
“There are three possibilities. First, they are messaging us that we are not safe in the normal conduct of our business and that we can’t depend upon the steady flow of those communications. The second one is they might be doing intelligence operations. And three, this might be something that they employ in a time of extremis. That is pretty thoughtful on their part. It is due diligence.”
Rick Ledgett, former Deputy Director of the NSA
“There is a concern over any attempts to sever the communications over fiber optics, especially in a kinetic situation like if we were ever, God forbid, to have a military operation against Russia. For them, they are unlikely to invade North America, but it is more likely to be in Europe… and fiber optic cables are essential. So are our satellite communications. So an obvious thing for an adversary such as the Russians to do in a case like that would be to sever the fiber optic cables that we use and take out the satellites’ use. That would put the U.S. military at a significant disadvantage.”
Response: While the threat of Russia disrupting the fiber optic cables is significant and should be addressed, it is important to avoid an overreaction that could play into the Kremlin’s political objectives. Overreacting, with either resources or rhetoric, could simply enhance Russia’s prominence on the global stage.
- Cipher Brief experts recommend that the U.S. step up joint military exercises and operations within NATO and with Pacific allies such as Japan and Australia to protect this critical shared infrastructure as well as to signal to Russia their resolve to do so. For NATO’s part, alliance defense ministers in November approved the re-establishment of a NATO North Atlantic command embedded in the U.S. Fleet Forces Command, to bolster the alliance’s coordination in the event kinetic conflict breaks out with Russia. At the same time, they approved plans to improve their monitoring of Russia’s submarines in the Atlantic.
- Constant physical monitoring of the stretches of undersea cables is likely an inefficient use of limited resources. But increasing monitoring via technology could better track movements of Russian submarines throughout the North Atlantic, the Pacific, and the Mediterranean, Baltic and Black Seas. That includes advanced sonar-equipped surveillance planes such as the P-8A Poseidon, as well as semi-autonomous sub-maritime and surface drones that are capable of longer-term deployments, such as the Sea Hunter.
- Perhaps most important is building resiliency into the internet’s physical backbone by creating redundant cables waiting to take over should a significant disruption occur. Doing so could be the difference between entering into a hot war with a nuclear adversary with eyes open or in relative darkness.
Admiral Jonathan Greenert, former Chief of U.S. Naval Operations
“We, the U.S. and NATO, endeavor to employ autonomous undersea systems, including unmanned underwater vehicles. You would want to have acoustic systems aboard and a reliable propulsion system, and you would need a very reliable navigation system so that the autonomous vessel goes where you want it to go, and, more importantly, doesn’t go where you don’t want it to go. That could be effective to track what you are looking for. And then the hard part is to get it to do it for a long-enough period of time and be able to communicate the data back real time. If I send something out for a month and it comes back with a bunch a recordings, it is not likely tactically useful.”
Anticipation: Russia is likely to continue sub activity near fiber optic cables, to learn how best to tap the communications for intelligence, and to signal to both the U.S. and NATO that Russia can disrupt their communications in case of a military faceoff. It’s a win-win situation for Russian President Vladimir Putin, who gains prestige at home ahead of March presidential elections by publicly defying the U.S. and its allies by continuing such patrols – as well as signaling to his foes that he will extract a high price for any confrontation.
Kenneth Geers, Ambassador at the NATO Cooperative Cyber Defence Centre of Excellence
“Advanced espionage, which might be the first thing that people think about with a submarine floating near undersea cables, is certainly on the table. But all warfare is based on deception. There is an implicit threat that they could sever these cables in the event that we push Putin too far. Putin is looking at the March elections in Russia, so from the Kremlin’s perspective, they are very paranoid, and they are very busy massaging the news and trying to look tough. Anything like this helps him to win domestically.”
Levi Maxey is a cyber and technology analyst at The Cipher Brief. Follow him on Twitter @lemax13.