Skybird
10-22-22, 06:37 AM
DIE ZEIT writes:
-------------------
Two cuts and the Internet is gone
Sabotage of train radio, broken deep-sea cables, destroyed Internet cables: damage to Western communications infrastructure is becoming more frequent. How vulnerable are we?
Closed banks, no card payments, no Internet: It's as if someone has turned back time 20 or 30 years, is how British Member of Parliament Alistair Carmichael describes the situation on the Shetland Islands. After a deep-sea cable was damaged there again on Wednesday, telephones and the Internet failed in some places. In the previous week, a first cable between the Faroe Islands and Shetland Islands had already been damaged, and repairs are currently ongoing. This means that the only two cables that bring the Internet to Shetland have been completely or partially cut.
The situation on Shetland is a good example of how quickly damage to deep-sea cables can actually disrupt communications and cut off individual regions from the Internet if there is not sufficient redundancy. Because even if the term Internet sounds cloudy to many, as if the data were coming directly from the data cloud in the sky to our smartphones and laptops, this is wrong: The Internet is a very real network, the data packets travel long distances through cables under the earth and under the sea. For decades, this seemed safe and trouble-free, but now damage to the important lines is accumulating, and some of it looks like sabotage.
Some regions of the world are connected to just one cable
There are currently around 530 submarine cables running through the world's oceans, with a combined length of around 1.3 million kilometers. And while some are rather short, such as the 131-kilometer CeltixConnect cable between Ireland and the United Kingdom, others are very long: for example, the 20,000-kilometer Asia-America Gateway cable.
A good and impressive overview of all deep-sea cables is provided by the map of TeleGeography, a telecommunications market research company that compiles up-to-date data on deep-sea cables: If you zoom in there, you can quite easily find out which areas of the world are particularly vulnerable and where there is hardly any redundancy. In addition to the Shetlands, these include other islands off Scotland and some islands in the Pacific, some of which depend on a single cable connection. That became a problem for residents of the Tonga archipelago northeast of New Zealand in February, when a submarine volcanic eruption severed the cable there to Fiji in two places - the only Internet connection to the outside world, as the map shows. It took five weeks for the islands to regain Internet access.
Because of the simultaneous damage in several places, sabotage could be assumed in the case of the Shetland Islands. Scotland's head of government, Nicola Sturgeon, told the BBC that while there was currently no evidence of sabotage, the investigation was ongoing. However, one of her investigators said Thursday that it was quite a coincidence that two cables were damaged at the same time. The head of Faroe Telecom's infrastructure department, Páll Vesturbú, told the BBC on Friday that there was reason to believe the cables were accidentally damaged by a fishing vessel. He did not give details, however.
Russia, however, may have seen the incident as an opportunity for a show of force: according to observations by independent analyst H. I. Sutton, who specializes in submarines and underwater systems, a Russian government research vessel spontaneously changed its route to pass near the damaged cables. In fact, the "Akademik Boris Petrov" passed the passage between the Faroe and Shetland Islands on Saturday morning, as could be traced on the portal Vesselfinder.
The sabotage at the Deutsche Bahn fits into the picture
Shetland's Internet cables are not the only ones to take a hit this week: In Marseille, an important mainland Internet cable was cut on Wednesday night. This affected submarine cable connections between Europe, Asia and the United States, causing both data loss and longer website loading times, according to Zscaler.
Marc Helmus, an expert in network engineering in the telecommunications industry, finds not only the accumulation of attacks on communications infrastructure striking, but also the location of the latest incidents: "Marseille is the new gateway to submarine cables," says the expert in an interview with ZEIT ONLINE. The so-called landing station there is relatively new, connecting 16 submarine cables to the land: data is thus transported here via the mainland and then fed into the cables under the sea and vice versa. In addition to Marseille, important European landing stations are in Barcelona, near Lisbon, on the coast of the Netherlands and on the coast of Denmark. And while there are known incidents from the past where saboteurs or intelligence agencies like the NSA have tampered with undersea cables, it may be easier to attack the infrastructure beforehand - after all, it doesn't take submarines. "Why would I dive 20,000 feet down to the bottom of the ocean when I can drive to the landing station by car?" asks Helmus.
The sabotage of railroad cables also fits that bill. In early October, it paralyzed train radio and thus train traffic throughout northwestern Germany for half a day. Both attacks, at Deutsche Bahn and in Marseille, were very targeted, Helmus explains. "In the Bahn incident, someone knew very well what to do to cause the greatest possible damage." So far, he has only seen pictures of the damage in Marseille, but he believes that these also speak for the fact that the perpetrators knew their way around: "You can see quite clearly that the cables were separated directly at the entries into the shaft," he says.
Admittedly, it's too early to tell if these incidents are all related. In the case of the Shetland Islands and the cables off Marseille, it is also too early to speak of sabotage. Further investigations will show that. Helmus, however, has seen a lot of damage to network infrastructure in 25 years on the job. He says there are clear differences between vandalism and targeted sabotage - and he sees clear signs of sabotage in the case of the railroad as well as in Marseille. In both cases, he suspects there were perpetrators who knew their stuff. "An attack like this from the inside is much more dangerous because no one knows what will happen in the aftermath."
Russia interested in submarine cables
As long as only individual submarine cables or landing stations are sabotaged, the damage is limited because network operators have built in redundancies: If a connection fails, which also happens again and again in everyday life due to congestion, the data packets are sent via another route - for example, instead of the direct route from Germany to the U.S. via the Dutch coast via the longer eastern route through Asia and the Pacific. To do this, network operators secure certain connections from the consortia operating the cable connections and usually at least two different possible routes for each connection. This makes data loss unlikely on a day-to-day basis. "It's like a traffic jam on the freeway," Helmus explains, "if a truck overturns on the A7, I just drive via another freeway."
It only becomes critical when many connections are affected at the same time. "If trucks have overturned on several routes, it also becomes tight on the alternative routes." So if several submarine cables are damaged at the same time, problems can arise, Helmus warns: "If someone were to sabotage the very cables over which the traffic of the two largest network operators flows, that would be massive damage."
Critical information is publicly available
Fortunately, the network operators keep this information to themselves: exactly where they route their traffic along is not public knowledge. What is public knowledge, however, is the location of the deep-sea cables: These are precisely marked on corresponding nautical charts - actually to protect them, so that ships do not anchor there. In the interview, however, Helmus also shows nautical charts in which the exact name of some cables is given. Combined with other publicly available information, attackers can figure out how to attack systems with little redundancy, such as islands with few connections.
This is particularly dangerous for strategically important locations. For example, Ireland, which is both on the important link between Europe and the U.S. and is the European base of some of the major U.S. tech companies: the Russian Navy's interest in submarine cables there is high, the Irish Times reported in January 2022. At almost the same time, the head of the British Army, Admiral Tony Radakin, warned the Guardian of a threat to submarine cables from rapidly increasing Russian undersea activity.
In the case of Deutsche Bahn, too, the necessary information was publicly available, Helmus explains: "There are precise descriptions for the train radio, and also for the backup concepts." These also state the destructive forces that the corresponding cables can withstand; in the case of Deutsche Bahn, for example, "the transverse pressure of the cable is six kilonewtons," says Helmus. So attackers can easily figure out what tools and methods they need to cut them.
Whoever runs the cables has power over the data
It's not just in terms of resistance to sabotage attacks that Europe is doing poorly: countries outside Europe, such as China and the U.S., have recognized the strategic importance of submarine cables and are investing in their own infrastructure accordingly. Even the big tech companies are starting to operate their own deep-sea cables to route their own data traffic. Europe, on the other hand, operates few of its own cables under the sea and is thus heavily dependent on infrastructure from outside, including U.S. companies. This can be dangerous, because in case of doubt, the intelligence services of the operating countries have access to the data flowing through.
But autonomous infrastructure can also sometimes stand in the way of resilience: For example, some Pacific islands recently wanted to expand their barely resilient connection to the Internet with additional submarine cables in view of a few central cables. But the U.S. warned against China: The Chinese company Huawei had submitted a particularly favorable bid for an additional cable. The company was working with the Chinese intelligence service, the U.S. authorities said - that was a security problem.
But the American NSA does not have a clean slate either: according to information from whistleblower Edward Snowden, it had not only siphoned off data from submarine cables, but also gained access to the German Internet node DE-CIX and intercepted information there. DE-CIX is one of the largest Internet nodes in the world; Internet cables from many countries converge there. As it turned out later, the German intelligence service BND had been forwarding data from the Internet node directly to the NSA for years.
It's even easier for U.S. intelligence agencies when the data passes directly through the United States. "European Internet traffic is often routed via the U.S., even though the sender and receiver are located in Europe," says Rena Tangens of the net-policy association Digitalcourage. The connection via the U.S. is even often cheaper - possibly deliberately: "U.S. authorities want to have access to our data." A few years ago, the so-called Schengen routing was discussed as a measure against this, proposed by the former Telekom CEO René Obermann: data traffic should be kept in Europe and not routed via the USA. However, the idea is almost ten years old - and nothing has happened.
-----------------------------
This is a vizualisation of the cable infrastructure between continents:
https://www.submarinecablemap.com/
Sabotage is, beside blackouts, the other big reason why I always store a solid ammount of cash money in my reach, not at home, but also not at a bank - and have already weeks ago started with changing 100 and 50 Euro notes into 20, 10 and 5 Euro notes and 1 and 2 Euro coins when shopping. I pay with bigger notes and store the smaller change. This is only about having liquidity in small quantities available if need be.
-------------------
Two cuts and the Internet is gone
Sabotage of train radio, broken deep-sea cables, destroyed Internet cables: damage to Western communications infrastructure is becoming more frequent. How vulnerable are we?
Closed banks, no card payments, no Internet: It's as if someone has turned back time 20 or 30 years, is how British Member of Parliament Alistair Carmichael describes the situation on the Shetland Islands. After a deep-sea cable was damaged there again on Wednesday, telephones and the Internet failed in some places. In the previous week, a first cable between the Faroe Islands and Shetland Islands had already been damaged, and repairs are currently ongoing. This means that the only two cables that bring the Internet to Shetland have been completely or partially cut.
The situation on Shetland is a good example of how quickly damage to deep-sea cables can actually disrupt communications and cut off individual regions from the Internet if there is not sufficient redundancy. Because even if the term Internet sounds cloudy to many, as if the data were coming directly from the data cloud in the sky to our smartphones and laptops, this is wrong: The Internet is a very real network, the data packets travel long distances through cables under the earth and under the sea. For decades, this seemed safe and trouble-free, but now damage to the important lines is accumulating, and some of it looks like sabotage.
Some regions of the world are connected to just one cable
There are currently around 530 submarine cables running through the world's oceans, with a combined length of around 1.3 million kilometers. And while some are rather short, such as the 131-kilometer CeltixConnect cable between Ireland and the United Kingdom, others are very long: for example, the 20,000-kilometer Asia-America Gateway cable.
A good and impressive overview of all deep-sea cables is provided by the map of TeleGeography, a telecommunications market research company that compiles up-to-date data on deep-sea cables: If you zoom in there, you can quite easily find out which areas of the world are particularly vulnerable and where there is hardly any redundancy. In addition to the Shetlands, these include other islands off Scotland and some islands in the Pacific, some of which depend on a single cable connection. That became a problem for residents of the Tonga archipelago northeast of New Zealand in February, when a submarine volcanic eruption severed the cable there to Fiji in two places - the only Internet connection to the outside world, as the map shows. It took five weeks for the islands to regain Internet access.
Because of the simultaneous damage in several places, sabotage could be assumed in the case of the Shetland Islands. Scotland's head of government, Nicola Sturgeon, told the BBC that while there was currently no evidence of sabotage, the investigation was ongoing. However, one of her investigators said Thursday that it was quite a coincidence that two cables were damaged at the same time. The head of Faroe Telecom's infrastructure department, Páll Vesturbú, told the BBC on Friday that there was reason to believe the cables were accidentally damaged by a fishing vessel. He did not give details, however.
Russia, however, may have seen the incident as an opportunity for a show of force: according to observations by independent analyst H. I. Sutton, who specializes in submarines and underwater systems, a Russian government research vessel spontaneously changed its route to pass near the damaged cables. In fact, the "Akademik Boris Petrov" passed the passage between the Faroe and Shetland Islands on Saturday morning, as could be traced on the portal Vesselfinder.
The sabotage at the Deutsche Bahn fits into the picture
Shetland's Internet cables are not the only ones to take a hit this week: In Marseille, an important mainland Internet cable was cut on Wednesday night. This affected submarine cable connections between Europe, Asia and the United States, causing both data loss and longer website loading times, according to Zscaler.
Marc Helmus, an expert in network engineering in the telecommunications industry, finds not only the accumulation of attacks on communications infrastructure striking, but also the location of the latest incidents: "Marseille is the new gateway to submarine cables," says the expert in an interview with ZEIT ONLINE. The so-called landing station there is relatively new, connecting 16 submarine cables to the land: data is thus transported here via the mainland and then fed into the cables under the sea and vice versa. In addition to Marseille, important European landing stations are in Barcelona, near Lisbon, on the coast of the Netherlands and on the coast of Denmark. And while there are known incidents from the past where saboteurs or intelligence agencies like the NSA have tampered with undersea cables, it may be easier to attack the infrastructure beforehand - after all, it doesn't take submarines. "Why would I dive 20,000 feet down to the bottom of the ocean when I can drive to the landing station by car?" asks Helmus.
The sabotage of railroad cables also fits that bill. In early October, it paralyzed train radio and thus train traffic throughout northwestern Germany for half a day. Both attacks, at Deutsche Bahn and in Marseille, were very targeted, Helmus explains. "In the Bahn incident, someone knew very well what to do to cause the greatest possible damage." So far, he has only seen pictures of the damage in Marseille, but he believes that these also speak for the fact that the perpetrators knew their way around: "You can see quite clearly that the cables were separated directly at the entries into the shaft," he says.
Admittedly, it's too early to tell if these incidents are all related. In the case of the Shetland Islands and the cables off Marseille, it is also too early to speak of sabotage. Further investigations will show that. Helmus, however, has seen a lot of damage to network infrastructure in 25 years on the job. He says there are clear differences between vandalism and targeted sabotage - and he sees clear signs of sabotage in the case of the railroad as well as in Marseille. In both cases, he suspects there were perpetrators who knew their stuff. "An attack like this from the inside is much more dangerous because no one knows what will happen in the aftermath."
Russia interested in submarine cables
As long as only individual submarine cables or landing stations are sabotaged, the damage is limited because network operators have built in redundancies: If a connection fails, which also happens again and again in everyday life due to congestion, the data packets are sent via another route - for example, instead of the direct route from Germany to the U.S. via the Dutch coast via the longer eastern route through Asia and the Pacific. To do this, network operators secure certain connections from the consortia operating the cable connections and usually at least two different possible routes for each connection. This makes data loss unlikely on a day-to-day basis. "It's like a traffic jam on the freeway," Helmus explains, "if a truck overturns on the A7, I just drive via another freeway."
It only becomes critical when many connections are affected at the same time. "If trucks have overturned on several routes, it also becomes tight on the alternative routes." So if several submarine cables are damaged at the same time, problems can arise, Helmus warns: "If someone were to sabotage the very cables over which the traffic of the two largest network operators flows, that would be massive damage."
Critical information is publicly available
Fortunately, the network operators keep this information to themselves: exactly where they route their traffic along is not public knowledge. What is public knowledge, however, is the location of the deep-sea cables: These are precisely marked on corresponding nautical charts - actually to protect them, so that ships do not anchor there. In the interview, however, Helmus also shows nautical charts in which the exact name of some cables is given. Combined with other publicly available information, attackers can figure out how to attack systems with little redundancy, such as islands with few connections.
This is particularly dangerous for strategically important locations. For example, Ireland, which is both on the important link between Europe and the U.S. and is the European base of some of the major U.S. tech companies: the Russian Navy's interest in submarine cables there is high, the Irish Times reported in January 2022. At almost the same time, the head of the British Army, Admiral Tony Radakin, warned the Guardian of a threat to submarine cables from rapidly increasing Russian undersea activity.
In the case of Deutsche Bahn, too, the necessary information was publicly available, Helmus explains: "There are precise descriptions for the train radio, and also for the backup concepts." These also state the destructive forces that the corresponding cables can withstand; in the case of Deutsche Bahn, for example, "the transverse pressure of the cable is six kilonewtons," says Helmus. So attackers can easily figure out what tools and methods they need to cut them.
Whoever runs the cables has power over the data
It's not just in terms of resistance to sabotage attacks that Europe is doing poorly: countries outside Europe, such as China and the U.S., have recognized the strategic importance of submarine cables and are investing in their own infrastructure accordingly. Even the big tech companies are starting to operate their own deep-sea cables to route their own data traffic. Europe, on the other hand, operates few of its own cables under the sea and is thus heavily dependent on infrastructure from outside, including U.S. companies. This can be dangerous, because in case of doubt, the intelligence services of the operating countries have access to the data flowing through.
But autonomous infrastructure can also sometimes stand in the way of resilience: For example, some Pacific islands recently wanted to expand their barely resilient connection to the Internet with additional submarine cables in view of a few central cables. But the U.S. warned against China: The Chinese company Huawei had submitted a particularly favorable bid for an additional cable. The company was working with the Chinese intelligence service, the U.S. authorities said - that was a security problem.
But the American NSA does not have a clean slate either: according to information from whistleblower Edward Snowden, it had not only siphoned off data from submarine cables, but also gained access to the German Internet node DE-CIX and intercepted information there. DE-CIX is one of the largest Internet nodes in the world; Internet cables from many countries converge there. As it turned out later, the German intelligence service BND had been forwarding data from the Internet node directly to the NSA for years.
It's even easier for U.S. intelligence agencies when the data passes directly through the United States. "European Internet traffic is often routed via the U.S., even though the sender and receiver are located in Europe," says Rena Tangens of the net-policy association Digitalcourage. The connection via the U.S. is even often cheaper - possibly deliberately: "U.S. authorities want to have access to our data." A few years ago, the so-called Schengen routing was discussed as a measure against this, proposed by the former Telekom CEO René Obermann: data traffic should be kept in Europe and not routed via the USA. However, the idea is almost ten years old - and nothing has happened.
-----------------------------
This is a vizualisation of the cable infrastructure between continents:
https://www.submarinecablemap.com/
Sabotage is, beside blackouts, the other big reason why I always store a solid ammount of cash money in my reach, not at home, but also not at a bank - and have already weeks ago started with changing 100 and 50 Euro notes into 20, 10 and 5 Euro notes and 1 and 2 Euro coins when shopping. I pay with bigger notes and store the smaller change. This is only about having liquidity in small quantities available if need be.