Malicious Life Podcast: How Entire Countries Can Lose the Internet

Disruptions to the world’s internet cables happen more often than you think: Whether it be ship anchors or animals or saboteurs, cut a few wires in the right places and at nearly the speed of light you can disrupt or shut off the internet for broad populations of people at a time. It is an immense power that runs through these lines -- a power that can be sabotaged or, in the right hands, weaponized. – check it out...

 

Powered by RedCircle

Doug-Madory

Doug Madory

Director of Internet Analysis at Kentik

Conducts analysis of events and trends across the global Internet for Kentik (previously Oracle Internet Intel, Dyn Research and Renesys).

ran-levi-headshot
About the Host

Ran Levi

Born in Israel in 1975, Malicious Life Podcast host Ran studied Electrical Engineering at the Technion Institute of Technology, and worked as an electronics engineer and programmer for several High Tech companies in Israel.

In 2007, created the popular Israeli podcast Making History. He is author of three books (all in Hebrew): Perpetuum Mobile: About the history of Perpetual Motion Machines; The Little University of Science: A book about all of Science (well, the important bits, anyway) in bite-sized chunks; Battle of Minds: About the history of computer malware.

About The Malicious Life Podcast

Malicious Life by Cybereason exposes the human and financial powers operating under the surface that make cybercrime what it is today. Malicious Life explores the people and the stories behind the cybersecurity industry and its evolution. Host Ran Levi interviews hackers and industry experts, discussing the hacking culture of the 1970s and 80s, the subsequent rise of viruses in the 1990s and today’s advanced cyber threats.

Malicious Life theme music: ‘Circuits’ by TKMusic, licensed under Creative Commons License. Malicious Life podcast is sponsored and produced by Cybereason. Subscribe and listen on your favorite platform:

All Posts by Malicious Life Podcast

Transcript

In April, 2011, facing up to three years in prison, Hayastan Shakarian gave an interview to reporters. Tearfully, she claimed that she didn’t even know what the internet was.

Remarkably, she might have been telling the truth.

Shakarian was a 75 year-old pensioner from rural Georgia — not the state in the U.S., but the country in Eastern Europe. There aren’t many ways to make the following point without sounding a little mean, but suffice it to say, Shakarian looks like the type of person who genuinely might not know what the internet is. Maybe she was consciously playing that up — she’d also lied about what she was doing on her fateful day, claiming to have been collecting firewood.

Either way, Ms. Shakarian came face to face with the internet, in a way few among us ever have or will.

She was very poor and so, to make some extra money, she used to go digging around the countryside for copper wire. Stealing and reselling copper from power infrastructure is illegal and dangerous, but surely one poor, old lady can’t do that much harm on her own, right?

Well, on March 28th, 2011, she ended up wandering from the forest towards a set of train tracks in the village of Ksani, around 37 miles outside of Georgia’s capital city of Tbilisi. She dug at the tracks until she hit something — a cable. The single most important cable in the country.

The Caucasus Connection

Of the 552 existing and planned submarine fiber optic cables making up today’s internet, few are more politically intriguing than the “Caucasus Cable System” — a 12.6-terabyte connection between eastern Bulgaria and western Georgia, across the Black Sea. It, alone, connects Georgia to internet infrastructure in Europe, without having to rely on some of their more…disagreeable…neighbors — like, oh just a totally random example, Russia.

The Caucasus Cable, of course, has to be routed to Tbilisi and beyond on land. Cleverly, the underground cabling lies beneath the national railway line — approximately the most efficient route between major cities anyway, all the while avoiding any land use issues.

Meanwhile, Armenia, Georgia’s southern neighbor, has its own nearby political tensions to deal with. So they’re in on the action, with Georgia’s underground cable providing most of their internet connectivity.

That’s the groundwork for how a poor, old lady managed to cause an international incident of epic scale.

[Doug] if one of the core submarine cables that connects the backbone of the internet experiences a failure of one type or another, there are dramatic impacts.

That’s Doug Madory — he’s made his career in studying internet routing infrastructure.

[Doug] it affects many countries, the connectivity it’s somewhat some of them maybe disconnected.

Experts estimated that by cutting into the cable underneath Georgian Railway, Ms. Shakarian interrupted internet service to over three and a half million people, including around 90 percent of all internet users in Armenia, for approximately 12 hours.

Some dubbed her “the Spade Hacker.” Many felt empathy for her. “She is crying all the time,” her son, Sergo, told reporters. “She is so scared.”

Oddly enough, though, she wasn’t even first to do something like this. Another person digging for copper wire interrupted the internet in Georgia just two years prior.

[Doug] It’s quite common as a matter of fact [. . .] on any given week, I don’t know what the stat is, but there’s a you know, a dozen cable cuts around the world.

Tonga

Little, old ladies — dangerous as they may be — aren’t the only risk to underground cables. Ordinary construction work that needs to be done in or around the location of a cable line can cause similar, accidental damage. Gophers can chew through some of the protective layers surrounding the optical fibers, as can termites, and other kinds of animals and insects. Fires are a problem. In war, explosions. 

For those reasons and many more — like cost, land use, the complexity of installation, and so on — it’s often preferable to lay the internet’s backbone along the ocean floor. If you visit submarinecablemap.com, you’ll see lots of internet lines running around the circumference of landmasses, drawing outlines of huge regions like Africa and the Middle East, for this reason.

But the water comes with its own issues.

[Doug] Ship anchor is one of the top causes of cable cuts. Basically what winds up happening as a ship drops anchor, they’re supposed to stay out of areas where there’s a cable zone, not drop an anchor. They’re in shallow waters, the anchor rests on the ground or the seabed. And so one of two things can happen. Believe it or not, there are cases where the ship decides it’s time to go, and they don’t pull up their anchor, and they drag the anchor along until they realize that – Oh, they forgot to pull up the anchor, and in the meantime, the anchor by dragging along the seabed, snags the cable and breaks a cable. That is more common than you might think. And fishing: there’s a lot of fishing these days where they’ll drag a net across the bottom of the seafloor to try to catch every living thing and then pull up the haul and just throw everything they don’t want. Well, when they do that, they scrape along the bottom of the seafloor then they may snag a cable.

There are risks to underwater cables besides ships, as Tonga experienced just last year.

Back in 2013, the small Pacific island nation spent 15 million dollars to connect their island with Fiji, and by extension Australia and the wider world. Then, beginning on December 20th, 2022, the darndest thing happened.

The BBC called it a “magma hammer” — a month-long eruption of the Hunga Tonga-Hunga Ha’apai submarine volcano, around 200 kilometers from the coast of Tonga, which culminated in an utterly biblical conclusion.

Its effects radiated over an area the size of Germany, its plume reaching up to 57 kilometers into the sky. It sent somewhere between 20- and 200,000 tons of water into space, and created, according to one expert, the “greatest concentration of lightning ever detected” — over 400,000 lightning events on only its final day, January 15th, a rate of over 5,000 every minute. Meanwhile, the Fermi telescope — in low orbit, around the Earth — for the first time ever detected a gamma ray flash not from a black hole, or an exploding star, but a volcano.

It’ll come as no surprise, then, that the single fiber optic cable connecting Tonga with the wider internet was severely damaged in the maelstrom. From the evening of January 15th, the citizens of Tonga were entirely cut off from the internet.

Tonga, like Georgia, wasn’t completely new to such circumstances — in 2019, an outage caused by a ship’s anchor inspired them to install backup satellite connectivity, for just such an occasion as this. And so after five days without a packet entering or leaving the island, on the evening of January 20th, that system helped restore a connection. It wasn’t without fault, though — tons of volcanic ash swirling around the atmosphere isn’t optimal for connectivity.

Fault Tolerance

Tonga is an extreme example of the threat to internet infrastructure both because of the risk in natural disasters, and because of their isolation.

Most major population hubs are served by multiple connections. There are two undersea cables serving the city where we record these podcasts — Tel Aviv — and one more — the “Blue-Raman” — is planned for 2024. When I go home after work I travel to Haifa, which shares one of those connections with Tel Aviv, and has its own, separate line running to Cyprus and beyond. No undersea cables travel directly to the city where Nate Nelson, this show’s writer, lives. But that’s only because there are, like, 15 fiber optic endpoints within close driving distance. A bit greedy of him, perhaps.

One would think that, with multiple cables servicing most major metropolitan areas, an issue with any one might not cause such an impact, as the traffic could simply be rerouted. And that’s true — one cable going down will only cause congestion and slowdowns. But even the world’s most popular destinations for internet cables have outages — as you may have experienced yourself, without realizing the cause. A lot of our listeners are from places where such events have occurred very recently.

French Attacks

Like on April 27th of last year, in one of the most brazen, effective and mysterious attacks ever committed against the internet.

It happened during the early morning hours in the north, the south, and the east of Paris. In a coordinated strike, three sites containing underground fiber optic cables were dug out, exposed, and cut through — cleanly, as if by a professional-grade buzzsaw.

“The cables are cut in such a way as to cause a lot of damage and therefore take a huge time to repair,” a CEO of an affected telcom told Wired. “It is the work of professionals.”

The perpetrators were so diligent that, rather than simply slicing through the wires, they sliced in two different spots each time, removing entire sections so that the severed ends couldn’t simply be sewn together again.

The mystery surrounding the case was only compounded when, on October 18th, a new set of three severances were made around the city of Marseille, at connecting points towards Lyon, Barcelona and Milan. Again the attacks were coordinated and, again, it significantly interrupted service not only in Marseille, but also connecting cities.

To date, it’s unclear whether the two attacks were coordinated, who may have carried them out, or what the motive was.

So in case it’s not already clear, disruptions to the world’s internet cables happen more often than you think — there are many, many cases we simply don’t have time to get into in one podcast. Whether it be ship anchors or animals or saboteurs, cut a few wires in the right places and at nearly the speed of light you can disrupt or shut off the internet for broad populations of people at a time: 90% of a country here, 75 million people there.

It is an immense power that runs through these lines — a power that can be sabotaged or, in the right hands, weaponized.

Egypt

Consider, for example, the country of Egypt.

[Doug] it’s just a reality of the geography of the world that the best way to connect between Western Europe, the Middle East, South Asia, and the Far East, is through Egypt

A full 16 submarine cable systems travel from the Mediterranean Sea, through Egypt, and out through the Middle East and beyond.

[Doug] they come ashore in Alexandria or on the coast in Egypt, they travel the traverse the overland over Egypt, they go back into the water in the Red Sea and then continue on

Many of these cables extend so far as to wrap around Europe and Southeast Asia, from Ireland to Australia, Belgium to Korea. So when you hear someone talk about the internet “connecting people around the world,” picture Egypt in the middle.

[Doug] Everybody looks at the same problem and realizes that that’s the best way to do it the same for shipping, and it’s the same for the internet. And so as a result, we have a lot of submarine cables that have a route to go the same route and as that incur some risks.

Last summer, a reporter for Data Center Dynamics attempted to interview industry experts about the matter of Telecom Egypt, Egypt’s national telecommunications provider. His inquiries were met with resistance. “The story of Egypt’s submarine stranglehold is hard to tell,” he wrote. “Several analysts declined to talk on the record due to business relationships with Telecom Egypt,” and “in Egypt itself, it’s even harder to talk about the cable situation.”

Being in the middle of most of the world’s internet grants huge influence. Egypt’s soft power extends as long as its cables do. When there’s instability in the government, there’s instability for the world’s internet. And, understanding the power they wield, the government has taken on the practice of price gouging.

Telecom Egypt used to charge $100,000 for a perpetual license to use its cables, but learned it was far more optimal to charge for subscriptions. Now, a good chunk of the company’s operating revenue comes not from serving the internet to Egyptians, but charging licensing fees to companies all around the world. “Exorbitant” and “ridiculous” fees, some industry experts say, which in some ways get passed on to the consumer. “People started to revolt,” Doug told Data Center Dynamics. “Although what can you do? It’s not like there’s another Egypt you can go to.”

[Doug] And so there’s been a handful of attempts to try to go around Egypt and each one offers its own set of challenges. So there was a project called the GRD line that goes from Jeddah, Amman, Jordan, to Damascus, Syria to Istanbul.

The terrestrial line was designed by the government telecom companies of Saudi Arabia, Turkey, Jordan and Syria — 2,530 kilometers over land, bypassing the Egypt bottleneck.

[Doug] That line was constructed and it was actually an operation for a little while before the hostilities began in Syria. The cable was severed and was never repaired.

Nobody wanted to travel to an active warzone, to repair a blown up cable that would probably just get blown up again.

[Doug] Another route went from Turkey through Egypt through Iraq, and that’s never gained traction. In the past it’s been due to conflicts – these days, I’m not sure what’s going on with that. There was a line – I guess there still is a line – that goes through Iran as well. That was the EPEG: Europe Persia Express gateway.

10,000 kilometers — Oman to Iran, Russia, Ukraine, Germany and other countries in between.

[Doug] and so in April 2013. We spotted the first evidence of that route being in use in the end that also didn’t, didn’t get a lot of traction.

Iran, with a taste of the power their Egyptian neighbors have enjoyed for so long, decided they, too, would charge a hefty price for running wires through their land.

[Doug] A lot of times these things… you have a lot of countries on these trans-terrestrial lines that don’t want to cooperate and they all want to get paid a lot. They think their segment is the most important and end up being very costly as a result, and they end up not getting as much traction as these submarine cable projects. So as a result, everybody kind of ends up going back to Egypt.

Cuba

Egypt isn’t the only country that can exert political, economic and all kinds of other pressures on other nations via internet infrastructure.

[Doug] Cuba had been left out of every submarine cable project in the Caribbean, because every company wanted to really steer clear of the US embargo.

With no company willing to cross the United States, Cuba for decades had to rely on satellite-based internet, of the kind they used in Tonga.

[Doug] satellites in general are capacity constrained. Geostationary has a high latency so it’s very sluggish when you try to interact with it. And then the price per megabit pushed is a lot higher than if you were going across the terrestrial or a submarine fiber optic line.

Finally, a fiber optic lifeline arrived.

[Doug] The Venezuelan government, at the time led by Chavez, I guess, took pity on the Cubans. They put up their own money, and so they would connect Cuba to the global Internet. They built this cable and it was completed in 2011.

2011 — only a dozen years ago. Rebecca Black, arrow in the knee and No Nut November are older than Cuba’s fiber optic internet. And it took many months even after the cable was finished, for ordinary Cubans to experience the full results.

To this day, Cuba continues to struggle with the embargo’s impact on its internet availability.

[Doug] Since then, it’s been the one cable and it’s no one has built another one although just recently the ARCHOS is another submarine cable, a project in the Caribbean that has applied for permission from the US government because it lands in the US, it gets to us to ask permission, ask permission from the US government if they could build a spur over to Cuba. And that was recently rejected. And my position is that that was more to do with geopolitics than any cybersecurity rationale that they had included in their decision.

Try to grasp the consequences of all this — to the economy, the culture, and a generation of young people. Reliable, high-speed internet availability impacts the efficacy of healthcare, economic opportunities for the middle class and the poor, and it can literally change who runs countries. Egypt demonstrated as much that very same year — 2011 — when a grassroots political movement blossomed from Twitter and managed to depose a three-decade-long dictator, despite that dictator’s attempts to cut it off at the source.

War

Dictators are already known to shut down the internet in their own countries — just recently in Iran, for example. Cables provide a means to do the same, outwardly. It may be that, somewhere down the line, instead of pointing guns or sabotaging computer systems, armies use infrastructure to threaten their neighbors. There’s already evidence that governments are aware of the possibility.

[Doug] So China has their own submarine cable industry. They have a company that can manufacture and install long haul submarine cables and they often come in at a much lower bid than the Western competitors. But when they get selected, then Western governments, including the United States, weigh in and ask them to find another vendor because they don’t want the Chinese to build a submarine cable between whether it’s the United States and Hong Kong or the United States and Europe.

The U.S. may block Chinese fiber optic projects due to the theoretical risk of surveillance, or to help their own telecom companies get the contracts. But even more serious consequences are at stake.

[Doug] Probably more at risk is Taiwan, which has been in the news lately. They’ve actually had a few cable cuts recently. This kind of stokes these conversations around how vulnerable is Taiwan and there are a handful of submarine cables and if they were to be cut, they would be in a lot of trouble would be very hard to recreate the capacity that they get from a submarine cable through a satellite system

It feels like we could be on the cusp of something — of just one powerful regime realizing the power underneath their feet, or their shores, and changing the nature of cyber warfare forever. Because, really, the only thing preventing big, powerful countries from cutting off the web is the precedent such an act would set.

[Doug] And I wonder if we won’t get to a point where some of those norms are not honored anymore. [. . .] There’s no technical mechanism that keeps people from doing that. I mean, there are some but like if Ukraine really wanted to mess with Russia if they started announcing all the Russian IP address space, so that may get blocked by their transit providers, but they could start really messing with the Russian internet and then the Russians could start doing something similar to Ukrainians or someone else. We do have some route filtering that would probably prevent some of that, but you could really start. It could really devolve, I would think in a way that we maybe haven’t anticipated yet.

Epilogue: Big Tech

There is, actually, one recent development that may break the stranglehold some select, powerful governments have over the world’s internet.

In 2020, a brand new, 400-million-dollar cable was announced to the world. From Mumbai to Djibouti, through Saudi Arabia, Jordan, Israel and onto Italy, it promised to entirely bypass the Egypt bottleneck. Projected to be completed in 2024, it’s actually marketed as two cables — Blue and Raman — but likely only for political purposes, as one side runs through Israel, and the other through their enemy, Saudi Arabia.

It was a remarkable diplomatic feat to even get the project off the ground. One industry expert marveled to Data Center Dynamics about how the proprietors were, quote, “able to negotiate something with the various parts… I should probably stop talking.” End quote.

What country could have possibly negotiated an internet peace between Israelis and the Saudis? No country at all.

For most of the history of the web, fiber optic cables have been owned and operated by major telecoms, like Telecom Egypt. Often these corporations are government-owned — like the world’s second largest provider, China Telecom — or at least government-cooperative — like the world’s largest provider, AT&T. But having just recently cracked the top 10 are two new entrants into the game, who don’t quite fit that mold, both with 100,000 kilometers of cable to their names: Google and Facebook.

[Doug] it’s not just Google Facebook Amazon getting into the submarine cable space. These guys move a lot of traffic and they want to be instead of buying from the other consortiums and vendors they want to be building their own cables.

Google, with billions of dollars to spare and cloud infrastructure in both Israel and Saudi Arabia, may just be the perfect entity to break the Egypt bottleneck. And Facebook is involved in Africa, the longest undersea cable ever built, set to go live this year. It will reach from the U.K. to India, encircling essentially the entire continent of Africa along the way.

Big tech companies offer an alternative for government monopolies in internet infrastructure, for better or for worse. Who would you rather oversee the global web, Xi Jinping or Mark Zuckerberg?…