Is vital internet infrastructure at risk from new Russian naval capabilities? NATO’s military leadership has warned in recent months that the Russian navy is aggressively probing undersea communications cable networks. These cables form a global infrastructure system that transmits 99 percent of the international data sent over the internet. Should we be concerned? Despite the ominous warnings, defense officials have not provided much specific information about the actual substance of the Russian threat.

In the worst scenario, an attack that cut submarine cables coming into the United States could significantly harm its access to the global internet. Ordinary users would probably experience massive losses in bandwidth, particularly for services such as Google and Facebook that host much of their data overseas. Since most government also relies on commercial internet infrastructure, the outages would also interrupt official communications. Any data hosted outside the U.S. would become nearly inaccessible to U.S. parties and vice versa. For people who depend on the internet in daily life, such an attack would be a national disaster. But it is not clear whether NATO believes Russia has the capability or the intention of attacking cable networks in that fashion.

What is known about this problem can be broken down into four categories: Russia’s cable warfare capabilities, the Russian navy’s potential underwater targets, potential effects from damage to submarine cables, and NATO’s publicly acknowledged efforts to respond to Russia. In this post, I summarize existing information on each of these and then pose outstanding questions about the potential Russian threat. My earlier piece on Lawfare provides more background on submarine cables as well as the international law protecting them.

Russia’s cable warfare capabilities

Moscow threatens undersea cables primarily with submarines and spy ships that deploy deep-sea submersibles. At DefenseOne, a national security news site from Atlantic Media, Magnus Nordenman detailed how Russia has converted ballistic missile subs to deploy the highly secretive AS-12 Losharik deep-sea submarine. The Losharik can dive down thousands of meters, enabling it to target cables at depths that would be very difficult to repair.

The most prominent Russian spy ship is the Yantar. Classified as an "oceanographic research vessel," the Yantar on its 2015 voyage probing a cable route to Cuba provoked some of the first reporting that Russia was targeting cables. That trip drew attention to the Yantar’s capabilities for intelligence operations. It carries advanced surveillance equipment, including a remotely operated underwater vehicle and two manned submersibles that the BBC reported can dive about 6,000 meters. For context, the average depth of the ocean floor is about 3,700 meters.

With all its advanced gear, the Yantar has been busy since it came into service in 2015. The ship deployed off a U.S. submarine base in Georgia in 2015, located the wrecks of crashed Russian fighter jets in the eastern Mediterranean in 2016 and assisted in the search for a missing Argentine submarine in 2017. The Russian navy is scheduled to complete construction on a second Yantar-class ship in 2019 and to begin building a third in 2020.

Underwater submersibles can damage cables. But it is not certain whether they can tap cable communications underwater in the same way that human operatives can tap fiber-optic cables on land. The BBC article about the Yantar noted a Russian report that the ship has devices that can tap undersea cables to obtain the data flowing through them. According to the Register, a British technology news site, tapping fiber-optic cables underwater requires opening up armoured sheaths, avoiding shocks from the cable’s power supply and then splicing open highly sensitive glass fibers. Thousands of meters underwater this would be impossible for a diver or clumsy submersible. The New York Times reported in 2005 that the USS Jimmy Carter, a highly advanced submarine that was the only one of its class built, had a capability to tap undersea cables. An Institute of Electrical and Electronics Engineers report speculated that a 45-foot extension added to the Jimmy Carter provided this capability by allowing engineers to bring the cable up into a floodable chamber to install a tap. But it is unlikely that the USS Jimmy Carter routinely taps cables since U.S. intelligence agencies can much more easily (and lawfully) obtain cable data through taps at above-ground cable landing stations. There are no reports of Russian subs with similar capabilities. Submersibles would be too small to have the same kind of chamber as the Jimmy Carter. Therefore, it is not at all certain if Russia can credibly claim that the Yantar can tap cables.

What is Russia targeting?

The Russian naval activity is probably not aimed solely at commercial communications cables. Reports in 2015 about the Yantar’s voyage off the southeastern U.S. coast indicated that defense officials suspected the spy ship was mapping underwater sensors and equipment used by submarines at the Kings Bay, Ga., naval base. Other reports suggested that Russian naval activity was targeting military-operated cables that do not show up on normal maps. These systems would likely be highly classified. The Pentagon has laid publicly acknowledged cables connecting Miami to the naval base at Guantanamo Bay and is planning a cable from Guantanamo to Puerto Rico. These cables are part of the DODIN—the term for the Defense Department’s communications networks. The agency that manages the DODIN plans to build a communications cable network in the Caribbean. But it is not clear if these are the only cables that agency manages.

In addition to cables, the Russian activity may be directed at military underwater sensing equipment. The Integrated Undersea Surveillance System (IUSS) is the Navy’s name for the array of fixed and mobile acoustic arrays that provide its primary means for detecting submarines. It was a potent tool for tracking Soviet submarines during the Cold War and only because of information provided by a submarine officer turned Soviet spy. Earlier this year, an expert on the Russian military recounted that during the 1970s, U.S. intelligence concluded that a Russian submarine had cut off an underwater hydrophone that was part of the predecessor to the IUSS. Although the IUSS faded in importance after the collapse of the Soviet Union, it remains in operation. With the dramatic increase in Russian submarine activity in recent years, the system is newly relevant to the U.S. and to NATO.

Effects of a potential attack on undersea cables

Hundreds of cables criss-cross the oceans. They provide the connectivity that allows Microsoft to keep major data centers in Ireland and to have that data nearly instantly accessible to U.S. customers. Although each undersea cable transmits huge quantities of data, the cable network has significant redundancy capacity. Rupturing one cable can cause temporary disruptions but does not cut off service. When a major cable to Vietnam failed last year, customers in Ho Chi Minh City briefly lost connectivity. Because internet routing protocols direct data around points of failure, traffic flows adjust to the lost connection and send data over other cables to the same endpoint. Wayward anchors and storms regularly cause cable faults, about 200 a year; repair ships are readily available to mend broken lines. Cutting the United States off from the rest of the world would require severing a large number of cables: at least 18 in the North Atlantic alone, according to Telegeography’s cable map, and many more connecting the U.S. to Latin America and Asia.

Nicole Starosielski, who wrote a book about vulnerabilities in these cable networks, called concerns about widespread sabotage of cables “overblown,” saying such an attack is not likely. But experts emphasize that an adversary could strategically disrupt international networks in the event of conflict. Rick Ledgett, a former deputy director of the National Security Agency, points out that severing a number of a cables at deep ocean depths would cause a significant network disruption that could hamper a U.S. military response in the opening hours of a major war. Russia has used similar tactics in the past. According a 2016 Chatham House report, during the 2014 invasion of Crimea, Russian forces seized the peninsula’s main internet traffic exchange point, isolating Crimea’s internet from the rest of the world at a key moment in the conflict.

One of the main reasons the U.S. military cares so much about protecting civilian-run internet cables is that the military uses them too. According to a Harvard report on undersea cable vulnerabilities, the Defense Information Systems Agency (the agency responsible for defense networks) relies on commercial cables for 95 percent of strategic communications. One of the main military uses for network traffic is unmanned aerial vehicle (UAV) video footage. The same report said that when three cables in the Mediterranean went out in 2008, daily UAV flights from an air base in Iraq decreased from hundreds to tens. Only the commercial cable networks can provide the bandwidth for transmission of drone footage from southwest Asia to the continental U.S.

The U.S. and NATO response

NATO officials have not been silent. In December, the commander of NATO’s submarine forces said the Russian focus on submarine cables was unprecedented. A U.S. commander in NATO commented that Russia’s naval activity in and around the North Atlantic was greater than Cold War levels. At the meeting of NATO’s defense ministers in November, the alliance agreed to revive its Atlantic command, which had been shuttered in 2002. Leaders also agreed to create a Cyber Operations Center to integrate alliance members’ cyber-capabilities into NATO missions. Defense ministers will scheduled to decide on the location, size and cost of the Atlantic command at their Feb. 18 meeting. That meeting was one of the last before the NATO summit in Brussels in July, when alliance leaders will have to address the thorny question of who pays for the expanded commands.

Supporting these efforts, in the U.S. defense authorization bill for fiscal 2018, Congress authorized $250 million for a new ship that can lay and repair cables. The U.S. has only one active cable ship, the USNS Zeus, built in 1984. But the U.S. Navy has not put forth a plan for defending submarine cables.

There is no shortage of creative ideas for protecting cables. Last November, Rishi Sunak, a British member of parliament, published a report about vulnerabilities in undersea cables that discussed the Russian threat. It argued that cables have insufficient protection in international law (again, see my earlier piece for more on this topic). Sunak’s recommendations for improving security of undersea cables included:

Securing cable landing sites;

Establishing cable protection zones;

Deploying monitoring equipment along cable routes;

Diversifying cable routes away from geographic choke points;

Building backup “dark cables” for redundant capacity;

Strengthening international law protecting cables; and

Increasing NATO naval exercises in preparation for an attack on undersea cables.

The creation of cable protection zones is particularly interesting idea. Australia and New Zealand have proclaimed protected zones over key cable routes where activities that pose a risk—such as fishing, anchoring and dredging—are prohibited. Both countries imposed harsh penalties for violating the zones, penalties that the Federal Communications Commission concluded in a 2014 report constituted a strong deterrent to potentially harmful activities near cable routes. But it is not certain whether cable protection zones can extend past states’ territorial waters. The writers of the Tallinn Manual 2.0 on international law applicable to cyber operations argued that although states were perfectly within their rights to create cable protection zones in their territorial sea, “there is no clear norm with respect to either the [exclusive economic zone] or continental shelf, and certainly not for the high seas.” The zones could protect cables in states’ coastal areas, but the deep-water routes that concern NATO would still be an issue. Neither NATO nor the U.S. has put any of these ideas into practice, leaving unanswered the question of what steps they are taking to defend cables.

Outstanding questions

A lot remains unclear about the nature of the Russian threat to undersea cables. Much of that information is classified military intelligence. But this is a matter of significant public interest—citizens the world over depend on a functioning global internet. For reporters, researchers or enterprising congressional staffers, here are some questions whose answers would enhance public knowledge and security:

Do defense officials believe a Russian attack on cables would be a threat to “our way of life,” as Britain’s defense chief said in December?

Do Russian submarines or ships have a capability to tap underwater fiber-optic cables?

Is there contingency planning for major attacks on cables in the event of a conflict? How does NATO estimate that such an attack would affect internet access?

Have defense officials discussed the risks of a Russian attack with the commercial consortiums that own and operate most undersea communications cables?

What is the state of underwater sensing equipment that could detect tampering with cables, and how can such equipment be upgraded?

What kinds of anti-submarine or other defense capabilities does NATO believe are needed to deter Russia from attacking cables?

Would enhanced international legal protections make an attack on cables less likely? If so, what forums would be appropriate for developing such protections?

What kinds of capabilities would be necessary to quickly repair cable faults in the deep ocean and would they be readily available in the event of conflict?

Defense officials may not have all the answers, nor want to disclose those they do have. But the lack of information about Russian activities regarding this vital part of the internet is troubling.