Threats to the Ties that Bind

By Ravi Nayyar

I’ll let the NATO Cooperative Cyber Defence Centre of Excellence get the ball rolling:

As the central nervous system of the global internet, undersea cables are strategically important and as such are part of the critical infrastructure of societies.

Folks, submarine communications cables (that I will refer to as ‘submarine cables’) are why you can read this.

The dizzying array of submarine cables (530 are tracked by the good folk at TeleGeography) traversing the oceans is, quite literally, holding the world together (see Figure 1). Look at how inherently digital our economies and indeed our societies are.

If you want a stat: as of 2021, submarine cables were estimated to stretch over 1.3 million km.

Or another stat: as of 2021, 99% of all Internet traffic is carried by these cables.

Okay, one more stat: in 2011, the Federal Reserve estimated that submarine cables carried US$10 trillion worth of financial transactions per day.

Figure 1: Submarine Cables Traversing the World’s Oceans (Source: The Submarine Cable Map).

How times have changed since the days of the ‘All Red Line’ (see Figure 2), inaugurated in 1902.

Figure 2: The All-Red Line (Source: Johnson).

Figure 3 details the anatomy of a submarine cable today.

Figure 3: What’s in a Submarine Cable? (Source: Reuters).

Breach in the cyber and operational resilience of submarine cables today and their accompanying infrastructure — such as the landing stations where the cables are connected to national telecommunications infrastructure (that I will refer to as ‘cable landing stations’) — affect the ability of countries to communicate and trade with each other, and thus their national security.

For instance, in 2008, just two submarine cables served around 75% of all Internet connectivity in the Middle East and the Indian subcontinent. When they were cut by a ship trying to moor off the coast of Egypt, 75 million people across continents were left with limited Internet connectivity.

This is why the cyber and operational resilience of submarine cables matter.

And indeed they do to Australia and India, both burgeoning digital economies. One an island nation, increasingly dependent on these cables to function since the late 19th century. The other, the world’s largest democracy and home to around 840 million Internet users who consume, on average, 14.6 GB of data per month.

In this vein, I present to you a series of articles, Holding the Indo-Pacific Together.

(Cheesy clichés are the most effective way to communicate ideas, after all.)

With a focus on Australia and India, I will delve into the world of submarine cables in the region which both countries call home, the Indo-Pacific. Note that the region is seeing the fastest growth in the world in terms of demand for bandwidth along these cables. To meet this demand, between 2020 and 2022, US$8.1 billion worth of new cables were inaugurated, US$2.3 billion of which was for cables traversing the Pacific Ocean. Between 2016 and 2020, a new transpacific cable system was lit up each year. So even more reason to focus on submarine cables in the Indo-Pacific.

Now, what specifically will this series cover?

Part I (this piece) will dive into the threat environment for submarine cables in the Indo-Pacific.

Part II will detail Australian and Indian regulatory frameworks for submarine cables.

Part III will explain why and how Australia and India should cooperate with each other on the installation, as well as cyber and operational resilience of, submarine cables as part of a Free and Open Indo-Pacific. Part III will do so in terms of specific bilateral initiatives as well as work through minilateral groupings like the Quad on which the two countries can get cracking.

Before I take it away, please note that I define cyber resilience as:

The ability to adapt to disruptions caused by cyber security incidents while maintaining continuous business operations. This includes the ability to detect, manage and recover from cyber security incidents.

And operational resilience as:

The ability of systems to resist, absorb, and recover from or adapt to an adverse occurrence during operation that may cause harm, destruction, or loss of ability to perform mission-related functions.

Alrighty, Part I.

The Threat Environment for Submarine Cables in the Indo-Pacific

Figure 4: Submarine Cables Traversing the Indo-Pacific (Source: The Submarine Cable Map).

Goes without saying that trends in the threat environment for these cables touch on regional security and thus the national security of both Australia and India. These trends stem from both malicious activity and non-malicious activity.

Malicious Activity

The threat from malicious activity can be divvied up into two categories: sabotage and espionage.

Sabotage seeks to disrupt or otherwise alter the functioning of (a) submarine cable(s) and/or its infrastructure. Sabotage can range from physically damaging the latter to changing the path which data takes through it.

Espionage concerns the tapping of submarine cables and/or infrastructure by actors that possess specialised equipment, such as the United Kingdom (through Operation Tempora, where the Government Communications Headquarters tapped over 200 submarine cables by attaching intercept probes where the cables landed on British shores with the agreement of their operators) and the United States (through Operation Ivy Bells, where the US Navy attached taps to a submarine cable carrying sensitive communications for the Soviet Pacific Fleet).

In terms of sabotage, one should note the length of memory lane. In the opening hours of World War I, the Royal Navy severed all five of the trans-Atlantic submarine telegraph cables that served Germany. On the flip side, the Kaiserliche Marine attempted to cut the eastern cable line at the cable relay station on Direction Island in the Cocos (Keeling) Islands, destroying infrastructure at the station but failing to cut all three cables. In World War II, Lt Cdr Max Shean, Royal Australian Navy, and his team cut both the Saigon-Singapore and Saigon-Hong Kong cables in July 1945 as part of Operation SABRE with the Royal Navy to disrupt the flow of sensitive Japanese military communications and facilitate an Allied operation to retake Singapore.

These days, the threat of sabotage remains. Of course, human divers will have a go, like the three men arrested by the Egyptian Navy in 2013 for trying to cut the SeaMeWe-4 submarine cable. A big deal because, at the time, that cable carried one-third of all Internet traffic between Europe and Egypt.

But it’s such an exciting time to be alive: we are seeing the development of Unmanned Underwater Vehicles (‘UUVs’) that may be launched from submarines or other vessels and attach, for instance, explosives to submarine cables or simply cut them.

China is accelerating its research of UUVs that can operate without human input (autonomous underwater vehicles or ‘AUVs’). As at 2021, through its AUV fleet is largely made up of ‘early-stage research experiments and prototypes’, research outputs from the People’s Liberation Army Navy suggest that it is ‘primarily interested’ in using AUVs for applications including submarine cable sabotage and espionage. PLA materials point to how it may equip UUVs with ‘robotic arms and sensors to interact with undersea cables’, while some PLA units expressed interest in buying the SPICE UUV which is manufactured by Kawasaki and equipped with a robotic arm for submarine cable repair. All stuff which is relevant, don’t ya think, in the case of a military conflict involving the South China Sea (‘SCS’) and/or Taiwan (see Figure 5)?

Figure 5: Submarine Cables in the South China Sea (Source: CSIS).

The use of UUVs for sabotage is indeed the flip side of how UUVs like SPICE are already used in the inspection and repair of submarine cables.

The threat to submarine cables in the Indo-Pacific from Russia — particularly through its auxiliary submarines that are operated by its Main Directorate for Deep Sea Research (‘GUGI’) — should also be noted. These submarines are likely to be equipped with equipment to tap or destroy the cables and are launched from either of (as at last year) two much larger submarines, such as the BS-64 Podmoskovye.

Figure 6: The Belgorod Special Mission Submarine (Source: Covert Shores).

The Russian Navy took delivery of the Belgorod submarine — the world’s largest — just in July this year. Given that is operated on the orders of GUGI, it will function as a host ‘a range of’ said auxiliary submarines, with the Losharik and PALTUS submarines pictured in Figure 6.

Don’t forget that the Russian Navy’s Yantar intelligence ship can launch ‘two submarines designed for underwater engineering missions’. Go figure.

The Russian Navy also has ‘significantly increased the frequency’ of deployments of submarines to the Atlantic Ocean and Mediterranean Sea. In 2015, naval, diplomatic and intelligence sources told the New York Times of ‘significantly increased Russian activity along the known routes of the [submarine] cables’, operations ranging from the North Sea to Northeast Asia and ‘waters closer to American shores’, harking back to the undersea contests of the Cold War. In late 2016, besides the Persian Gulf, the Yantar operated near submarine cables in the eastern Mediterranean that served Syria for the duration of an outage of Internet services in the country. State-affiliated Syrian Telecom said the outage was due to ‘submarine cable repairs’, which is interesting because the Yantar was near said cables the whole time.

Now, while said Russian activity is not within the Indo-Pacific, it should still be of concern to countries in the region like Australia and India.

Check out Figure 7: there are a number of current and proposed submarine cables connecting with India that get there via the Mediterranean Sea and the Persian Gulf. One of these cables is SeaMeWe-3, which runs all the way to Australia too.

Figure 7: Submarine Cables Connected to India (Source: The Submarine Cable Map).

Therefore, it could be argued that the Russian Navy need not operate within the Indo-Pacific to disrupt Internet access in the Indo-Pacific. Remember what followed from the accidental severing of two submarine cables in 2008, which was cited at the top of this article? Well, the Russians could achieve at least similar effects using their aforementioned undersea warfare capabilities.

And even then, folks, what’s stopping the Russians from doing the same operations within the Indo-Pacific? The Russians can project power in the region and are seeking to expand their capacity for power projection with military bases in African states, including Mozambique, Madagascar and Sudan. Such bases would provide the Russians with access to the Indian Ocean, including to submarine cables therein that are connected to said countries (see Figure 7). The Russians are shifting their focus from interdependence with Western Europe to the region, in addition to that with Eurasia and the Indian subcontinent. This is within the context of Russia being seen as a ‘forgotten Pacific power’.

Russia can also deploy GUGI-operated vessels to the Indo-Pacific to aid the designs of the Chinese when it comes to submarine cables serving the economies and militaries of the United States and its allies and partners in the region. After all, Russia sees China as a strategic partner with whom the objective of countering US influence in international affairs is shared. Russia and China signed off on a ‘no limits’ partnership per a joint statement which was issued right before Russia’s invasion of Ukraine; through note the caveats raised about the extent of the bilateral in practice, including its being termed ‘a temporary asymmetrical relationship, in which China predominantly sets the tone but remains dependent on Russia in many ways’.

Speaking of China, let’s return to the threat of sabotage and espionage which it poses. Indeed, China views such cables as ‘strategic assets’ that can be cut during a war. A Chinese Communist Party outlet explicitly referred to cable-laying as not merely a business, but a ‘battlefield’. Alrighty.

While we have touched on the threat from the Chinese military, don’t overlook the threat from Chinese companies’ growing involvement in the laying and operation of submarine cables. In 2020, HMN Technologies gained its 104th submarine cable contract, which is notable because the company, initially known as Huawei Marine, is the world’s fourth-largest manufacturer of submarine cables and owned by the Hengtong Group which is connected with the Chinese military. Per China’s National Intelligence Law article 7, HMN Technologies, like all Chinese persons, must ‘support, assist, and cooperate with state intelligence work according to law’. This creates sizeable espionage risks for countries that are served by any cable which the company lays, upgrades and/or operates. By the way, don’t forget Chinese espionage risk concerning the 31 submarine cables that are owned (as of 2021) by the state-owned China Telecom, China Unicom, and China Mobile, risk which is trending up with the investments that each company has announced for 2022 or 2023.

The weaponisation of submarine cables, be it for sabotage or espionage purposes, by China is especially a live risk for cables servicing developing economies that are part of its Digital Silk Road (‘DSR’), housed within China’s Belt and Road Initiative. This is because China has high network redundancy, the opposite of these developing economies who depend on fewer cable connections, combined with the sheer distance between China and these economies. With several of these submarine cables laid by HMN Technologies, China can use the continued functioning of the cables servicing these vulnerable economies as leverage to ensure that they do not engage in conduct contrary to China’s interests. China can thus hold a sizeable extent of their functioning — depending on how many submarine cables serve these countries — to ransom for its own geopolitical goals.

Let’s also reiterate the aforementioned risk in the SCS. Using the excuse of regional disputes or preventing the issuance of permits for the repair of cables within its Exclusive Economic Zone, China can (cause) damage, or at least spy on, to at least fifteen cables (as of 2021) running through the SCS region (see Figure 5). such sabotage operations can be outsourced to its maritime militia. Making matters worse is how China can target multiple cables simultaneously, given the ‘quantity and closeness of cables [which] makes the SCS a network chokepoint’.

It should be noted that the risk of Chinese sabotage or espionage in relation to submarine cables is gaining more attention. In 2021, a World Bank-led project canned a contract for installing the East Micronesia Cable system — connecting the Federated States of Micronesia, Nauru and Kiribati — because HMN Technologies reportedly could not be removed as a bidder, the Pacific countries agreed with American warnings about security risks from the company’s proposed involvement and the proposed cable system would connect to the sensitive submarine cable leading to the American territory of Guam, which the Deputy Commander of US Indo-Pacific Command defined as ‘the region’s most critical node for not just command and control but also logistics and for our power projection’,

Nonetheless, China and Chinese firms don’t seem to be slowing down. In December 2021, it was reported that China plans to build two bases for maintenance of submarine cables in the East and South China Seas in addition to two additional specialised maintenance vessels in the next five years ‘to establish an internationally competitive capacity in the construction and maintenance of submarine cables’.

In all the talk about sabotage of submarine cables and their infrastructure, let’s not forget non-state actors.

Like terrorists. Their threat can be especially serious if cable landing stations are not very geographically distributed and/or are landing sites for several submarine cables each. If they kinetically attack these stations, terrorists can exploit the concentration of Internet traffic processed by such stations to maximise the harm they can cause to a country’s ability to communicate via the Internet. Something which has been raised in relation to Australia. Little wonder the Guide to Australian Maritime Security Arrangements — which defines the division of labour in government for Australian maritime security — looks at ‘maritime terrorism as the major threat to critical infrastructure’, including the potential for attacks against submarine cables.

Besides, the targeting of submarine cable infrastructure can be done by malicious cyber actors. A contemporary example of such targeting in the Indo-Pacific was the compromise of servers operated by a private American firm to manage a submarine cable connecting Hawaii with the Pacific region. While the compromise by an unknown threat actor was blocked by agents from the Homeland Security Investigations agency within the US Department of Homeland Security, the attempt alone reinforces the ongoing threat of malicious targeting of submarine cable infrastructure by non-state actors in the Indo-Pacific.

Non-Malicious Damage

One must also recognise the threat to submarine cables from non-malicious activity.

This includes natural disasters, like the following:

• In 2006, an earthquake a few kilometres off the coast of Taiwan triggered undersea landslides within the Luzon Strait that severed six of seven submarine cables connecting North America to Taiwan, China, Hong Kong, Japan, Singapore and South Korea. As a result, Taiwan’s largest telecommunications firm, reported a complete Internet outage to Hong Kong and Southeast Asia. Trading of the Korean won stopped. 80% of Hong Kong’s telecommunications capacity was gone.
• In 2015, an undersea tremor led to a rockslide between the islands of Saipan and Tinian, in turn cutting the only cable connecting the islands to the Internet. This caused widespread economic disruption in the Commonwealth of the Northern Mariana Islands. Flights were grounded, telephone connections were broken and payment processing was disrupted.
• In 2016, a cyclone, which hit the Chennai coast, damaged a major submarine cable operated by a major Indian telecommunications company and other service providers, limiting Internet speeds for Indian internet users.
• In 2017, typhoons in Southeast Asia damaged four submarine cables — including the SeaMeWe 3 cable — affecting Internet speeds in the region but also as far as Western Australia where that cable lands.
• In January 2022, the eruption of the Hunga-Tonga Hunga-Ha’apai volcano cut the sole cable connecting Tonga to the Internet. Figure 7 captures how Tonga’s internet connectivity fell off a cliff following over 10% of the cable being ‘blown to bits’ by the eruption. Figure 8 provides evidence of the cable being ‘blown to bits’.

Figure 7: Impact of the Volcanic Eruption on Internet Traffic in Tonga (Source: Reuters).

Figure 8: Tonga’s Submarine Cable after the Eruption (Source: Tonga Cable Limited).

Let’s hone in on Tonga. During those five days of no Internet traffic, the people, essentially, lost their ability to trade with the rest of the word, given the reliance of cross-border payments services like MoneyGram on the Internet.

And while one should note that Tonga managed, to a large extent, to recover a sizeable amount of its connectivity via satellites, in the immediate aftermath, the dust cloud from the eruption rendered said satellite connectivity intermittent. It was also reported a few weeks after the eruption that available satellite capacity only met one-eighth of Tonga’s Internet demand. Yes, SpaceX provided (over a month after the eruption but good on the company) 50 Starlink terminals to remote villages in Tonga — connected to the Starlink network via a gateway station in Fiji — but the fact of the matter of is, the operational resilience of the sole submarine cable serving Tonga is critical. Especially since said gateway station will only operate for six months. What happens to Tongans’ Internet access after then?

The cable having been repaired, it will remain vital to Tongans’ Internet connectivity and thus the functioning of the country. All this amid the risk of naturally occurring phenomena that cannot be prevented, placing submarine cables, and thus the countries dependent on them, in a tricky position.

Besides natural disasters, there’s human error or negligence. The International Cable Protection Committee reported in February 2022 that fishing and anchoring cause around 70% of all damage to submarine cables annually. Here’s how:

• In 2018, repair work by the Kerala Water Authority accidentally severed SeaMeWe-3 — which connects Southeast Asia, the Middle East and Western Europe — disrupting services provided by the cable for six-and-a-half hours.
• In 2019, the very cable which was damaged by the eruption of the Tongan volcano was cut by a Turkish merchant vessel dragging its anchor, leaving Tongans with ‘drastically limited’ telecommunications services for twelve days.
• 2021 saw the first prosecution by the Australian Federal Police under clause 37 of Schedule 3A for negligent damage to the Australia Singapore cable caused by the alleged dragging of an anchor through the Perth Submarine Cable Protection Zone (more on Submarine Cable Protection Zones when I go through the Telecommunications Act 1997 (Cth) in Part II).

Therefore, it is as important to ensure the cyber and operational resilience of submarine cables against the risk of non-malicious damage — be it natural disasters, human error or negligence — as it is against that of malicious damage, which itself comprises a range of threats from a range of threat actors.

Having robust regulatory frameworks for the cyber and operational resilience of these cables is critical for the countries where the cables land and whose economies they serve.

But I’ll get to all that jazz in Part II.

Cheers for reading and stay tuned for the next instalment of Holding the Indo-Pacific Together, folks!