The feds' plan to protect the Internet’s oceanic backbone from typhoons and cyberattacks
LatestOn July 9, 2015 a typhoon ripped through the Pacific Ocean, causing severe damage to an undersea cable that carried Internet to the Northern Mariana Islands, a U.S. territory and popular vacation destination. The damage left tens of thousands of Pacific Islanders and tourists unable to use credit cards, withdraw money, or make 911 calls for nearly a month.
The islands “lie precariously at the end of a single cable” and are particularly at risk of attack due to their close proximity to Guam, “the centerpiece of American military power in the Pacific,” wrote the Mariana Islands’ attorney general in a comment to the Federal Communications Commission.
The FCC, the agency tasked with overseeing America’s underwater cables, wasn’t alerted of the outage. According to Chairman Wheeler, the U.S. agency in charge of the internet had to figure out what happened by piecing together press reports and scrambling to make calls.
Ninety-five percent of global phone calls and Internet activity worldwide are transported by a vast, yet concentrated network of over 550,000 miles of submarine cables that string the continents together. Without these fiber optic lines the global economy would come to a screeching halt.
“They are responsible for $10 trillion worth of transactional value every day,” said FCC Commissioner Jessica Rosenworcel in a statement. “It is greater than the combined domestic product of Japan, Germany, and Australia. It is a big deal.”
The undersea cables that form the backbone of the internet as we know it are operated by a handful of telecoms with no government oversight. Right now, if an outage happens, the cable operators are asked to voluntarily report it, but that’s about to change.
On Tuesday, the Federal Communications Commission Chairman announced new rules for reporting outages in submarine fiber lines, not only to alert the government of critical damage caused by typhoons, underwater earthquakes, and piercing anchors dropped from fishing ships, but also sabotage and cyberwar.
The FCC is right to be concerned. The fiber-optic lines that pull all our data and cash across the planet with beams of light under the sea are vulnerable, each measuring less than two inches wide—about the size of a garden hose.
Earlier this year the FCC says, a lighting storm in Florida disabled the terminal center of a major undersea cable that connects multiple locations in the Caribbean to the U.S., knocking out the Internet and 911 service to the Cayman Islands. But AT&T, the telecom responsible for the terminal, didn’t notify the FCC and denies the outage even happened, despite an announcement from the local telecom authority that says otherwise. The FCC says it needs to be notified in order to take action if there’s been a disruptive outage, which can take days, especially if a ship has to travel far out to sea.
The new federal rules will require cable operators to report outages that last for more than thirty minutes and cause “significant degradation” to the cable’s operating capacity, regardless if the traffic can be re-routed. The agency hopes that more information about damage to cables will help to detect patterns of failure, decrease response time, and mitigate the effect on consumers.
“On average a cable is damaged somewhere in the world every three days,” says Alan Mauldin, research director at Telegeography, a telecommunications consulting firm. In the continental United States, where there is significant local hosting and redundant lines, it would take more than damaging a single cable to shut down Internet traffic. “But if you’re in a country with just a handful of cables, the loss of one can really impair connectivity to the rest of the world,” says Mauldin.
While most cases of cables that are cut or damaged are due to fishing nets and errant anchors, sabotage happens too. In 2007 Vietnamese pirates salvaging metal from undersea cables disrupted Internet service for months. The Egyptian Navy found divers cutting cables in 2013 off the coast of Alexandria, and last year the digital economy of Gabon in West Africa was crippled for days after their submarine cable was vandalized on two separate occasions.
The vulnerable security of our oceanic Internet backbone became national press last October when Russian submarines spooked Pentagon officials by “aggressively operating” too close to U.S. cables for comfort. Officials feared Russians would either cut or tap into cables—not that the United States doesn’t run undersea cable surveillance systems too. Documents leaked by Edward Snowden revealed both the National Security Agency and the British spy agency GCHQ copy traffic directly from multiple submarine cable landing centers.
There are about 60 cables that connect the United States to the rest of the world, and the companies that own and run them would prefer the government didn’t meddle. The North American Submarine Cable Association noted in its comments to the FCC that the new reporting requirements will amount to expensive and time-intensive paperwork and that the agency didn’t factor in redundant lines already built to route traffic around an outage.
Microsoft, a newer player in the undersea cable racket, also weighed in, saying it’s “concerned about the potential burdens that might be imposed by reporting requirements” that will, they argue, get in the way of repairing cables. The company is joining forces with Facebook to build a mega 4,100 mile transatlantic cable later this summer for piping their own data across the globe starting from their data centers in Virginia. Although they’re bypassing traditional telecom companies, these platforms are subject to new FCC reporting requirements too.
But one of the largest threats to oceanic cables stems from the fact that lines are laid on very concentrated routes, which makes more cables susceptible to damage at once, says Nicole Starosielski of New York University, who studies oceanic cables. On the east coast, for example, the majority of the transatlantic undersea fiber lines cluster around New York and Miami.
If countries are serious about maintaining resilient infrastructure, “the more viable option is to build a more geographically diverse network of cables, but there’s no financial incentive for telecoms to do that,” says Starosielski. It’s cheaper to lay new cables where there’s already a landing station and interconnection points established.
Maybe that will change: Since Facebook and Microsoft plan to primarily pipe their own data, their cable can connect to the data centers they use in Virginia Beach, a much less crowded interconnection point than New York.
We trust these cables, with our money, our attention, our life’s work, and communication with those we love. So it’s probably a good thing that the feds are starting to keep closer tabs on what goes on at the bottom of the sea.
April Glaser is a freelance journalist based in Oakland, California. She focuses on technology policy, social justice, and the computers in our lives.