How the Internet Works and Why the Answer is Alarming

A map of the global oceanic telecommunications network. Potential vulnerabilities of the Internet’s physical infrastructure are extensive and largely unknown. (Wikimedia Commons/Rarelibra)

Where does the Internet come from?

Think about this question for a moment. While the answer may seem obvious, the John Q. Public will likely stumble through an explanation of satellite technology and “Wi-Fi clouds” as though the Internet were some fantastical intangibility. In a way it is; the Internet is a remarkable human invention – used by 81% of Americans on a daily basis – yet our understanding is remarkably limited. This je ne sais pas quoi that makes the world go round is in fact a physical architecture; 500,000 miles of undersea fiber-optic cables connect the US and Singapore, Egypt and Brazil, Japan and India. These cables, which carry 90% of Internet data around the world, are vulnerable.

How do these cables work? On a micro scale, the email you send from a coffee shop in San Francisco to your colleague in Beijing travels overland to an Internet exchange facility operated by a telecommunications company, then through their facility, across the Pacific Ocean in two-inch fiber-optic cable laid along the ocean floor, out through another exchange facility in Shanghai, and overland to your colleague’s computer. And by the way, minute strands of glass carrying data via light at different wavelengths transmit that very email. For the technologically naïve, the process of sending an email certainly is magical, but it is also tangible.

What are probable threats to the cable system?

(1) Natural disasters. One would think that telecommunication cables are secure; however, the vast majority of cables lie on the ocean floor, exposed to everything from shark bites to cyclones. In 2006, an underwater landslide between Taiwan and the Philippines inflicted damage on 19 of 20 nearby cables. 90% of the region’s Internet capacity was cut for a period ranging from one to thirty days.

(2) Accidents. The most common cause of cable damage is an accident. For instance, fishing vessels often rip lines when removing cages and nets. Larger vessels slice cables with their anchors, accounting for 70% of all incidents. However, even the most innocent damaging of a cable can have major ramifications. For instance, a 75-year-old woman in Georgia (the country) severed an underground Internet cable while digging for copper in her backyard. The result? The entire state of Armenia was without Internet for five hours.

(3) Attack on the underwater cables. The image of an Al-Qaeda operative in scuba gear cutting wires off the shores of New York City is as fantastical as it is frightening. The cables transmit such high voltage that an attempt to snip the cable with wire cutters would be suicidal. However, the threat of a terrorist attack on cables is still very real. Terrorists could drag a ship’s anchor, deploy a bomb, or use some other means to impair the cables. The location of every cable is publicly available information (because ships and fishermen need to know where not to drop anchor), and thus targeting the cables becomes a matter of creativity and execution.

(4) Attack on the exchange facility. Cables typically emerge from the ocean at private telecommunication exchange facilities, which, despite being heavily guarded, are vulnerable to attacks. For instance, Verizon Terremark’s headquarters in Miami contain 90% of the telecommunication cables between North and Latin America, servers for Facebook and the US Department of Defense, and vital infrastructure for global financial transactions. Were Terremark’s facilities to be compromised, everything from your bank account to US national security would be threatened. In short, global operations on a micro and macro scale would be compromised.

Left: The New York Stock Exchange. (Kevin Hutchinson/Wikimedia Commons) Right: A Google server facility (Sivaserver/Creative Commons). An attack on the Internet’s physical infrastructure affecting either system would have disastrous global consequences.

Left: The New York Stock Exchange. (Kevin Hutchinson/Wikimedia Commons) Right: A Google server facility (Sivaserver/Creative Commons). An attack on the Internet’s physical infrastructure affecting either system would have disastrous global consequences.

How can American Internet security be bolstered?

Shortly after his first inauguration, President Obama highlighted the potential risks of a web-operated world: “America’s economic prosperity in the 21st century will depend on cybersecurity. And this is also a matter of public safety and national security. We count on computer networks to deliver our oil and gas, our power and our water. We rely on them for public transportation and air traffic control. Yet we know that cyber intruders have probed our electrical grid and that in other countries cyber attacks have plunged entire cities into darkness.”

An attack on oceanic cables could cripple infrastructure and threaten national security plunging the nation into darkness. So how can the US limit attacks? For one, the US must increase cyber security funding in both the physical and network dimensions of the Internet system. The US government is aware of threats of cyber attacks, such as malware infiltrating nuclear facilities or worms penetrating electrical infrastructure. However, physical attacks, though less likely, could be far more damaging. Thus, the protection of cables must be a priority, and at least the partial responsibility, of the US security community rather than private telecommunication companies. Second, redundancy of the cable system will limit the potency of any terrorist attack. Currently, when one cable is severed, telecommunications are routed around the crippled zone. Though Internet service may be delayed, the global system remains fully operational. At certain “choke points” throughout the world, such as near the Suez Canal where only three cables connect the Mediterranean to East Africa and South Asia, a series of cable breaks would be catastrophic. Thus, greater cable redundancy across a variety of geographic zones is imperative in an effort to eliminate the “choke point” threat.

In sum, the US government must pay greater attention to physical Internet security. As it stands now, an enemy with a boat may be the greatest single threat facing domestic – and global – operations.

The Emerging Threat of Cyber Espionage Against US Economic Interests

Major Issues and Recommendations for a Stronger US Cyber Defense Capability

A comprehensive report recently released by Mandiant, a private information security firm, has confirmed China’s expansive cyber espionage operations against US private industry. This report has aroused debate in the public sphere regarding US cyber vulnerabilities. However, state-sponsored cyber espionage has been well documented as early as 2006 and has resulted in at least hundreds of terabytes of data theft (Mandiant 2013, 20). The main perpetrators have been identified as China, Russia, France, Israel, and most recently, countries in the Middle East such as Iran (Booz Allen Hamilton 2012, 8). Due to the increasing number of monthly cyber attacks on US economic interests, information security professionals in the private and public sectors have criticized the US Government’s inability to effectively address this growing concern. While the threat of catastrophic cyber warfare is often overhyped, the threat of economic espionage through cyber attacks is not, and public criticism of US cyber security vulnerabilities is valid.

Cyber espionage endangers America’s global economic prowess and national security. China, Russia, and other states continuously steal many years worth of R&D from private US companies to expedite their economic development. It is estimated that these efforts to increase political and military power via cyber espionage have resulted in the loss of tens of billions of dollars from US firms (Nakashima 2013). If left unaddressed, this growing threat could result in the theft of sensitive trade secrets that would severely impact national security, especially if the companies and data involved contain sensitive military secrets such as classified aircraft designs.

One of the greatest challenges in addressing cyber espionage is the current lack of effective attribution methods. This critical absence of sufficient detection techniques allows both state and non-state actors to conceal their roles in cyber espionage and therefore avoid public reprimands from the US Government and the international community (Economist 2012). In Russia, for example, the unique nexus between government, organized crime, and business makes Russian cyber attacks very difficult to track, especially since the government purportedly employs underground youth hacking networks to achieve its cyber espionage objectives (Smith 2012, 3). The US Government needs to increase its coordination efforts with private industry to develop more sophisticated cyber attack attribution techniques in order deter state actors from committing further economic espionage.

Efforts at collaboration between US Government entities and the private sector are hampered by a secretive and inconsistent US cyber policy. The Obama Administration has apparently begun drafting internal cyber security policy and has directed certain agencies, such as the Department of Homeland Security, to allocate more funding for cyber security initiatives (Sanger and Shanker 2013). However, many outside experts have indicated that the US Government and the private sector are not sufficiently collaborating to ameliorate the cyber threat (Wolf 2012, 11). The US Government cannot expect private businesses to defend themselves against the penetration efforts of foreign intelligence services. Therefore, policymakers and private industry leaders need to forge closer relations, develop a more coherent cyber defense policy, and share information regarding current threats and trends to provide for a stronger US cyber defense capability.