Before delving into the digital detail of cyber warfare, it’s useful to consider the ‘backbone’ on which it is based. There are four main ways that a cyber-attack can take place – directly placing code into a networked device (i.e. a keyboard or flash drive), direct wireless transmission to a device (e.g. Bluetooth, WiFi or NFC), via satellite or submarine/terrestrial cable connection.
While it’s commonly thought that most of our international internet traffic is carried via satellite that’s not correct. Over 90% of it is carried across the network of more than 400 trans-oceanic submarine cables. This represents significant vulnerability both in accidental and intentional terms. Cyber warfare is technical and challenging but, as shown with the severing of one of Egypt’s cables by divers with hand tools in 2013, physical network attacks are relatively simple.
The potential for problems has been apparent since the first telegraph cables were laid in the late 19th century. Back then, the threat wasn’t spies or other hostiles but, as is still largely the case today, sharks, fishermen and ships dragging anchor. The first international agreement for protecting submarine cables from harm was the 1884 Submarine Cable Convention. (The 1884 treaty prohibits intentional damage to cables and allows navies to board vessels to investigate reports of damage). This is represented today in the work of the International Cable Protection Committee.
Military applications of undersea cable tactics have been around for nearly as long. The British act of severing German undersea cables – thus forcing the Germans to use British and American cables – being one of the first of WWI in 1914. The same Allied attacks occurred in WWII. US, UK, Russia and probably Israel, Iran and China have the ability to non-invasively ‘tap in to’ undersea cables. There has been growing concern about Russian subs lurking around cables. Russia, in particular, has been retrofitting ballistic missile subs with the ability to deploy deep water unmanned underwater vehicles (UUV). Its spy ships can already do so. In December 2017 Mark Sedwill, the UK National Security Advisor, gave evidence that “you can achieve the same effect as used to be achieved in, say, World War Two by bombing the London docks or taking out a power station by going after the physical infrastructure of cyberspace in the form of internet undersea cables.”
Before moving on, it’s appropriate to note that the most vulnerable points in the cable network, in terms of ease of attack, are the cable landing stations where submarine cables are connected to terrestrial cables for voice and data. New Zealand has four international landing points for undersea cables:
- Southern Cross Cable Network (SCCN) has two landing stations at Takapuna and Whenuapai (Auckland)
- Tasman Global Access (TGA) which commenced receiving in 2017 lands at Raglan (Waikato)
- Hawaiki – which commenced receiving in July 2018 lands at Mangawhai (Northland)
- By Q4 2021, Southern Cross NEXT cable is due to be ready and will also land at Takapuna.
There are only two data cables connecting the North and South Island. Spark owns the Nelson-Levin link and Telstra owns the multi landing point Aqualink cable that has seven nodes from Auckland to Canterbury.
All discussions lead to the same place; that the nexus of cyber battlespace and subsurface battlespace is a major strategic focal point. It needs addressing urgently. As stealthier submarines are being produced in greater numbers, the usefulness of existing passive sonar and acoustic methods of detection is diminishing. It is essential that a major rethink of sub-surface tactics occurs and this leads to the logical ascendance of UUV and associated systems. Coupled with this is developing resilience through the laying of more cables that are not activated – so called ‘dark cables’. However, the latter is only of limited value as, in order to limit accidental harm, cable locations are generally public knowledge
What are the implications for New Zealand? As a trading nation, New Zealand is dependent on global financial and other markets operating properly. For the last decade, New Zealand has been pursuing a network-enabled defence force. All elements of the NZDF rely heavily on the use of high speed, broad bandwidth connectivity. Satellites lack the bandwidth needed by large scale sensor systems. They have other issues around latency, ‘bit dropping’ and general survivability. It makes sense to develop systems to protect the few cables joining us to the rest of the world. In order to do that, we need to invest in UUV and sub-surface systems that can monitor, detect and possibly deter an attack on our ocean floor lines of communication. With the exception of a remotely piloted survey vehicle for HMNZS Manawanui, the recently released Defence Capability Plan 2019 doesn’t mention submarines, cables, UUV or like systems at all. This is a significant gap in our national security strategy and not one that should be left to friends and allies to have to cover.
PREVIOUS: Cyber Battlespace Pt 1 – Which Web?
Blatant Advertising Bit: Have you read my short story trilogy “A Poke in the Fifth Eye”? It’s available in Kindle format for only 99c. A ripping good yarn about dirty bomb drone swarms in Wellington New Zealand, a couple of destroyed spy bases, an air force base on fire and only a hastily assembled bunch of Kiwi reservists standing between the terrorists and their ultimate goal. Currently in the Amazon top 200 45-Minute Mystery, Thriller & Suspense Short Reads.