Your digital "Home of IT Security"
365 days a year: solutions, knowledge and networking.
Find and offer innovative IT security solutions, take part in our diverse action program and make and maintain contacts.
Become part of the it-sa 365 community!
Make an appointment with
So that you can make an appointment, the calendar will open in a new tab on the personal profile of your contact person.
Create an onsite appointment with
So that you can make an onsite appointment, the appointment request will open in a new tab.
Attacks on international infrastructure show that cybersecurity needs to be rethought. A broader understanding of critical infrastructure is necessary, but this will not be possible without international cooperation.
The critical infrastructure sector in particular is facing major challenges in the new year. These include not only the long overdue NIS-2 implementation, but also the new threats to international communication infrastructure as a result of global conflicts.
The tense global conflict situation is creating new threats to IT security. This is demonstrated not only by the current incidents in the Baltic Sea, but also by the conflict in the Red Sea. What was unthinkable years ago is now an everyday threat: undersea cables are a target. They are regarded as the central arteries of the Internet, connecting continents, islands or parts of countries. According to Bavarian broadcaster Bayrischer Rundfunk, ‘1.4 million kilometres of cable are laid in the oceans and bundled into just 500 lines’. Outages can lead to entire countries being cut off from the internet, especially smaller island states.
If one of the basic requirements of cybersecurity is to ward off external interference with central business processes, outages caused by destroyed cables also come into focus. This threat naturally exceeds the capabilities of a corporate CISO; the protection of important infrastructure becomes an important government task. It is no coincidence that the critical infrastructure sector is subject to stricter requirements, which have been further extended by the NIS-2 regulation. When submarine cables connect countries, protection is a bilateral matter. However, not all countries consider these cables to be critical infrastructure. The International Cable Protection Committee (ICPC), for example, has been calling for corresponding extensions for some time.
Sabotage: Failures and impairments despite redundancy
Attacks on this part of the global infrastructure are easy in themselves; the cables are marked on nautical charts or maps such as Openseamap. A ship dragging a large anchor across the seabed in the right place in the shallow Baltic Sea, for example, has a good chance of catching a cable. The repairs are time-consuming as they require specialised ships to bring the cable to the surface. These ships have to travel from far away to carry out the complex repairs. It can take weeks before the cable is functional again.
As cables can occasionally fail even without intentions of sabotage, cables are usually laid redundantly. However, this is not always the case, especially in poorer regions. And: the redundant cables not only serve as a fallback solution for failures, but are also used in regular operation to increase the bandwidth. If a cable fails, the transmission bandwidth is also reduced. This alone can lead to significant problems and bottlenecks.
Espionage: submarine cables are not tap-proof
However, sabotage is not the only threat; espionage is another issue. Fibre optic cables are by no means tap-proof. With special devices, the light signals can be tapped. This usually requires a slight bend in individual strands, whose insulation must be opened beforehand. This is done with special tools. However, this leaves traces that can sometimes be detected from a distance, for example, through altered signal transit times. Even a slightly changed curvature of a strand can affect transmission performance. Companies that rent their own dedicated lines, usually in the form of dark fibre, should be concerned with this. Providers only offer a fibre optic connection, whose connection and management are entirely up to the customers. For large corporations, these can also be intercontinental connections. IT giants like Google, Facebook, Amazon, or Microsoft have their own worldwide fibre optic networks. For smaller companies, these are usually continental connections that, for example, connect company locations in several cities or countries. It goes without saying that future-proof encryption of all transmitted data is indispensable.
Ultimately, however, cable outages affect everyone and not just companies with their own lines, as telephony is now also predominantly handled via Internet IP connections. E-commerce can no more do without transcontinental data networks than other everyday Internet uses and, in particular, payment transactions. ‘Every day, financial transactions totalling more than ten trillion US dollars are processed via the cable infrastructure,’ writes a Swiss security portal.
In search of new forms of protection
The protection of underwater infrastructure components was usually not considered during installation. However, subsequent measures are difficult. A cable thousands of kilometres long cannot be secured with ships. The search for new safety technologies is in full swing.
Together with research institutions, the Federal Police wants to test the extent to which underwater drones can be used to monitor the cables. However, this is more likely to be practicable for shorter connections, such as those used to control wind farms in the North Sea. The EU Commission is planning to replace parts of the European submarine cables with a satellite network, but this first needs to be established. At the same time, an increase in redundancy through additional submarine cables is being considered, which would reduce the impact of outages.
Attempts are also being made to diagnose changes in noise using acoustic sensor systems attached to the cables. This would make it possible to recognise suspicious activity in the vicinity of a cable at an early stage. However, if this approach were to become established, expensive retrofitting of existing cables would be necessary, which would take a lot of time.
In addition, various international initiatives have been launched to improve the protection of underwater infrastructure. In March, for example, the G7 countries decided to improve the safety of telecommunications cables at sea. Increased monitoring of ship movements is also being discussed. In the future, companies will also have to consider their dependence on external infrastructure more than ever before.
Author: Uwe Sievers
Securing critical infrastructure: nothing works without it
How secure are our critical infrastructures? What cyber threats do operators of critical infrastructures face? What are the security standards and which organizations are subject to the regulatory requirements?
Information and recordings of the presentations at it-sa Expo&Congress and it-sa 365 will show you how to protect your business.
Sources used for the preparation of this article:
OpenSeaMap: Map
Bayrischer Rundfunk: Wie lassen sich Untersee-Kabel schützen?
International Cable Protection Committee (ICPC): Government Best Practices for Protecting and Promoting Resilience of Submarine Telecommunications Cables
Swiss Infosec AG: Unterseekabel als Kritische Infrastruktur und geopolitisches Machtinstrument
Tagesschau: G7 wollen Unterseekabel besser schützen
Stiftung Wissenschaft und Politik (SWP): Cracks in the Internet’s Foundation
