Do Nothing: An Alternative Opinion on Critical national Infrastructure and Seabed Warfare

Aim

The aim of this paper is to reflect on some key questions around the problem of seabed infrastructure defence and explore what the ‘Do Nothing’ (or at least very little) option would look like.  This is by no means a hit piece on the military policies of any nation; in times of increasing financial constraints, looking at current priorities and asking ‘what should we be doing?’ is helpful. Ruthless prioritisation and clarity of purpose, rather than denuding decision-makers of choices, is a liberating exercise; it focuses mission statements, organisational structures and husbands resources, materiel and personnel for vital, obligatory and necessary tasks rather than discretionary.  Asking whether protection of CNI is a military responsibility is the first step in achieving strategic coherence.

To limit the scope of this paper, the focus will be on what to do to deal with deliberate sabotage of seabed infrastructure.  This paper will look to answer four questions:

• Can deliberate sabotage be stopped?
• What happens after?
• Is redundancy its own deterrent?
• What should defence do?

This paper will focus on physical actions against seabed infrastructure.  Whilst outside the scope laid out above, it should not be ignored that an alternative attack vector would be a cyberattack against the network infrastructure.  Deliberately targeting the systems which enable the transfer of data along the cables could lead to widespread outages and potentially more significant impacts.  In the maritime domain, there is little that can be done to protect or prevent this kind of attack, the responsibility for protection resting with government and corporate IT and cybersecurity professionals.

“I knew exactly what I was doing: I was doing nothing, because I knew there was nothing to do.”

 

Charles Bukowski

Introduction

The deep sea and seabed host vital infrastructure which is essential to modern life.  Undersea cables and infrastructure rest on and below the seabed all around the globe.  However, these unseen networks are mostly unknown; few people in the UK are cognisant of our reliance on the cables and pipelines through which data, money, and energy flow. Indeed, over 90% of all global digital communications ¹and financial transactions are transmitted by undersea cables every day.²

Undersea cables have been critical to the transmission of government policy, news and data since the 19^th century.  From the very first, their protection has been subject to international treaty.³  As submarine cables progressed from telegraph, to telephony, to data, the financial impact of these developments made them vital to the economic interests of all countries.  Today, it is estimated that $10 trillion worth of  financial transfers are transmitted via undersea cables each day; cables provide the digital backbone of the global economy.⁴  But information is not the only commodity that passes under the sea.  Energy is also widely distributed, from oil and gas pipelines such as the Nord Stream series, to electricity.  As the globe shifts towards a low carbon economy, the increased requirement for renewable energy further increases the need for maritime and seabed infrastructure to meet demand, both in terms of power generation and transfer to end users.

Given this heavy reliance on undersea infrastructure, there is clearly a requirement to protect it.  However, it is difficult to protect something without necessarily understanding the threat.  To do so, we must first identify what the major causes of disruption, breakages and failure in CNI are, what mitigation is currently in place.

Causes and faults can be separated according to depth.  Greater than 1000m, faults are mostly caused by natural processes (geological or current abrasion); it is exceptionally difficult for humans to directly affect infrastructure at these depths.  By contrast, inside the continental shelf (less than 200m) most causes of faults are human activity.  However, as the 2022 attacks on Nord Stream proved, underwater infrastructure is not immune from the actions of malevolent actors.  As such, protection of critical national infrastructure (CNI) is of vital interest to national governments, private corporations and society as a whole.

In 2017, then newly elected MP and now current Prime Minister, Rishi Sunak, authored a Policy Exchange paper on subsea cable infrastructure.  In it, he said that: ‘Cables are inherently vulnerable as: their location is generally publicly available, they tend to be highly concentrated geographically both at sea and on land, and it requires limited technical expertise and resources to damage them.’⁵  Admiral James Stavridis USN (then NATO SACEUR) in his foreword stated that in ‘the most severe scenario of an all-out attack upon undersea cable infrastructure by a hostile actor the impact of connectivity loss is potentially catastrophic, but even relatively limited sabotage has the potential to cause significant economic disruption and damage military communications’.⁶  It is statements such as these that have percolated through high commands around the world.  Every major maritime nation within NATO now has a policy on protecting seabed infrastructure specifically, or on seabed warfare more generally.  Concomitantly, significant investment is being made in the name of protecting this CNI.

However, having policies and strategies on these topics presupposes that there are actions that we can and should take to protect seabed and offshore infrastructure.  Seemingly little thought has been given as to whether this is, in fact, a military or naval task.

Can it be stopped?

As of June 2023, there are 485 in service submarine cable systems,⁷ with another 70 planned.⁸   As the map at Figure 2 shows, there is a significant number of critical cables and routes that would need to be protected.  Understanding the causes of failures, mitigations in place, the nature and character of CNI enables a correct diagnosis of the issues, and prevention, treatment or cure by the appropriate means; it should not be assumed that navies and militaries are the answer to the problem.

Normally, within the continental shelf, seabed cables are heavily armoured and often buried to protect them from human activities such as fishing and dragging anchors.  As a result, the vulnerable cables are now at depths that make accessing them particularly difficult.  As Admiral Stavridis stated previously, a large scale coordinated attack could cause catastrophic losses.  However, as vulnerable as these cables are, there are questions over the probability and likelihood of success in attacks on them.  The declared bogeyman in this situation is Russia, which has a long history of developing deep-sea vehicles, while China is also investing in this domain.⁹  Western intelligence agencies, politicians, think-tanks, and experts, have declared often that there is an existential risk to CNI posed by state sabotage.  Unfortunately, no prevention system is perfect and there will always be opportunities to probe, penetrate, and exploit these vulnerabilities in the deep ocean, especially given the geographic scope of the task.

The assessment that seabed infrastructure is vulnerable is valid for, as Figure 1 shows, undersea cables are regularly damaged owing to a number of factors, both human and natural.  Since 2007, there have been two declared ‘criminal’ acts against cables.  In 2007, Vietnamese pirates stole optical amplifiers, disabling a cable system for 79 days. In 2013, a diver intentionally cut the Southeast Asia-Middle East-Western-Europe 4 (SMW 4) cable, affecting several service providers, slowing internet speeds by 60% in Egypt.¹⁰  Both incidents happened in shallow water close to the coast.  In the event of the 2013 incident, three men were arrested reportedly operating from a fishing vessel less than 1km from the coast.¹¹  Whilst the downtime for the 2007 Vietnam incident is attributable to the amount of material that was removed, in the case of the 2013 incident, the criminal damage was resolved within 14 days.  The ability to reroute data, redundancy in cable lines and the availability of repair ships reduces the effect of a single event causing widespread outages.

Whilst a single event may cause local interference, there is sufficient resilience within cable networks to keep widespread disruption to a minimum.  There are questions, however, over resilience in the face of a large-scale attack such as one aiming to deliberately cripple the network of NATO states.  The current legal framework protecting undersea cables does not explicitly prohibit states from treating undersea cables as legitimate military targets during wartime.¹²  In the buildp to conflict, where nations use irregular methods in the transition from competition to warfare, the only protection is based upon attribution and legal process.  It could be argued that this protection is insufficient, but it may be enough.  The likelihood of such a brazen attack, however, is deemed to be relatively low; given the ubiquity of cables and the reliance on all states – both neutral, protagonist and antagonist – on CNI, an attack could be viewed as self-defeating.

It is highly unlikely that a non-state actor would have sufficient resources or capabilities to plan a targeted campaign against seabed infrastructure with the objective of achieving an advantage in the preliminary stages of a conflict.  As a result, any scenario should be framed around escalating tensions between nation states (or blocs thereof).  The point at which such plans or intent is implemented suggests an inflection point.  Do it too early, even pre-emptively, and there is the risk of this being discovered before it can be initiated, resulting in both failure and embarrassment or being seen as the aggressor.  Too late, and the risk is that opposition forces are now so attuned to your actions that you lack the freedom of manoeuvre to achieve the objective, and the effect of action is mitigated.  Hybridity is an option open to states, and the use of seemingly innocent vessels to achieve this presents a viable third way, especially where horizontal escalation could be utilised.  However, the recent media furore when a Russian vessel was tracked operating in the North Sea shows that this is not necessarily a guaranteed method either – as evidenced in Figure 3.

At this stage, none of the actions to prevent a significant sabotage effort go beyond the current focus of commanders within their areas of responsibility.  The same methods of deterrence and monitoring that exist and are practiced today will reduce the likelihood of a significant campaign against seabed infrastructure being possible, especially beyond the continental shelf.  From a UK perspective, a continued focus on North Atlantic Surface and Sub-surface warfare will provide sufficient deterrence against any large-scale sabotage campaign.  The key to any sabotage to campaign of this type is plausible deniability, which whilst achievable on individual installations, such as Nord Stream, could be put at risk in the event of a larger action.

The inherent challenge of protecting extensive, remote, and underwater seabed infrastructure suggests a “do nothing” approach might not significantly impact the existing vulnerabilities.  Sabotage prevention requires substantial resource allocation for surveillance, enforcement, and deterrence, often extending beyond a nation’s territorial waters.  Despite these efforts, complete protection is unachievable due to the vastness of the seafloor and the complexities of international jurisdictions.  Furthermore, the costs and political implications of a kinetic response against potential aggressors can be high.  Hence, the reality could be that regardless of the amount of resource poured into prevention, the possibility of sabotage cannot be eliminated.

What happens after?

The response to a cable fault is rapid, but cable repair is an expensive and complex marine operation requiring specially designed vessels with highly trained crews and skilled engineers.  Commercial cable repair is directed by contracts, which for reasons of efficiency and economy, are often pool agreements between cable owners in a particular region.  The vessels are strategically located in regional ports and kept in a high state of readiness.  They are contractually obliged to sail, with a trained crew and repair spares, within 24 hours of a cable fault being reported.¹³  As the priority is restoration of service as quickly as possible, and as the international legal framework does not necessarily require attribution, there is little necessity for investigation.  If there was suspected nefarious activity in the proximity of a cable and the cable then subsequently suffered damage, it is unlikely sufficient evidence will exist for the cable operator to seek recompense through the 1884 Paris Convention.  As such, the opportunity for investigation into possible causes may be deferred until after the cable has been repaired, further reducing the chance of finding attributable evidence as to the cause of it.

During this period, cable operators will be rerouting their services through alternative cables to guarantee services to their customers.  Cable operators represented by the International Cable Protection Committee (ICPC), have stated that, ‘that there is enough diversity in the international submarine cable network’.¹⁴  The biggest threats after fishing vessels and anchors, appears to be geological activity, with significant downtime being attributed to natural disasters in the Luzon Strait¹⁵ and after Fukushima.¹⁶  Despite the considerable impact of these events, there was never a requirement for the military to do more than its humanitarian role; it was not directly tasked with the restoration of subsea infrastructure.

Is redundancy its own deterrent?

In the early years of submarine cables, lack of redundancy made them inviting targets.  The United States cut cables linking Spain to its colonies during the Spanish-American War.¹⁷  The first offensive action of Britain’s Royal Navy in the First World War was cutting Germany’s international links to the rest of the world by severing its cables.¹⁸  This was an easier endeavour at the time, owing to the single digit number of cables that needed to be cut to achieve the effect.  Today, the only breaks that are ‘news-worthy’ are the ones in areas where there is less redundancy, such as Armenia (March 2011) and Tonga (January 2022).  Along the most economically important routes, there is sufficient redundancy that a single break is imperceivable to an end user.

As part of the target selection criteria for an operation, seabed infrastructure could, as mentioned before, be considered a legitimate military target.  However, in order to achieve strategic effect significant resource allocation would be required to ensure that sufficient numbers of targets could be attacked simultaneously.  It would appear, therefore, that redundancy and resilience is a deterrent in its own right.  The probability of success would also remain low, further lowering the priority of this target set in comparison with others. Direct kinetic action against shore-based infrastructure could achieve the same effect, with a higher probability of success; recent research by risk consultants Cygnus Resilience points to a relative paucity of physical security at on-shore facilities.¹⁹

To ensure a deterrence of mass, it could be necessary for governments to articulate minimum availability requirements as part of any critical infrastructure legislation.  It would be the responsibility of cable operators to achieve this redundancy – which is also to their own benefit – and the subject of any licensing or permitting associated with seabed infrastructure.  Incentives (either financial or otherwise) may also be necessary for cable operators to ensure that continuing to develop and maintain network redundancy does not affect profitability.  As such, it would be beholden on operators, individually or collectively, to ensure that sufficient incident management expertise exists to ensure that any situation does not cross the threshold between impact and manageability, thereby becoming a crisis.  That government would be able to call on this expertise in time of crisis is eminently feasible, as stated by RAdm Rune Andersen at the 2023 RUSI Seapower Conference, where he described the Norwegian government’s response to the Nord Stream attack.

As infrastructure is predominantly a corporate or business responsibility, in the aftermath of an attack or malfunction offshore, the immediate focus is on swift restoration of services rather than on investigation or attribution.  Commercial operators prioritize minimal service downtime, and the global legal framework does not necessitate investigation.  In such a scenario, the “do nothing” strategy could be viewed not as a failure to act, but as an acceptance of the reality that the priority lies in restoring functionality as quickly as possible, rather than investing resources in the pursuit of likely inconclusive attributions.  There is a different calculus onshore, where land and infrastructure ownership carries legal protections, but this does not exists in areas outside national jurisdictions such as international waters.

When viewed in this light, the built-in redundancy of seabed infrastructure is indeed its own deterrent against hostile acts.  The myriad of interconnected cables worldwide ensures that any single cable’s destruction would not have a devastating effect; or, at least, could be mitigated relatively swiftly.  It could even be argued that the “do nothing” approach in this context is a demonstration of faith in the natural deterrent that is the robust and intricate design of the global seabed infrastructure.  This approach could encourage operators to enhance redundancy, maintaining the balance between security and cost-effectiveness, at minimal to military or government resource.

What should Defence do?

As mentioned in earlier sections, Defence already plays a significant role in deterring hostile actors from operating in areas considered vital or sensitive.  This is a core role for Defence and, as a result, a decision to do nothing specifically about seabed infrastructure should not reduce this operational demand.  The time that Defence will be called upon will be in times of crisis: where deterrence, redundancy and resilience have all failed.  The role for the military would be in a Civil Military Cooperation (CIMIC) role; this will be Military Aid to Civilian Authority and/or Civilian Populace.  If there was a particular issue that ran the risk of reaching crisis level, the government could charge Defence to assist, but likely not at the risk of other missions.

In the event of a cable break, it is unlikely that UK government could insist on Defence assets deploying to the locale or to conduct forensic investigations.  Time spent waiting for units to arrive on scene and then conduct investigation would come with significant commercial penalties, and could result in government compensating to the cable operator.  It is more probable that these types of events would occur in international waters beyond the continental shelf, where nations exercise no jurisdiction.  Whilst deliberate acts against cables are prohibited by treaty, evidence is unlikely to reach the threshold for a successful conviction.

Government could charge Defence to patrol and survey seabed infrastructure.  However, with existing priorities already exceeding capability and financial limits, it must be asked whether this additional tasking would represent fair value for money for what is essentially, except in the most extreme of cases, a matter for corporate risk and insurance.  The infrastructure operators already have means of monitoring their equipment and can measure accurately any disruptions within the systems.  In fact, additional military assets operating in the vicinity of seabed infrastructure could heighten the risk of an accident outage rather than preventing, resulting in obvious embarrassment.

Where Defence could play a significant role is in sub-threshold events.  Were a suspicious vessel noted operating in the vicinity of seabed infrastructure, such as in Figure 3, then observation of what effect it had had on the seabed would be of interest.  It could also allow for a better understanding of the threat posed by these suspicious vessels.  If nothing were found, that drives decision makers down a specific thought process.  More importantly, if evidence were found near the area of interest, this supports the suspicion around these vessels and increase the support of the units already operating in the deterrent role.

Seabed Warfare is a term frequently used around NATO headquarters.  The idea of armed competition on the seabed itself seems incredible and focussed on a very niche and specific threat.   However, there are other areas of non-military competition where real effects can mitigate risks from these threats.  Ensuring the existence of redundancy within current infrastructure will mean that the risk is mitigated, as multiple simultaneous actions would be required to overmatch the spare capacity within the networks.  The majority of this continues to be the responsibility of the operators, with vested interest in maintaining infrastructure and reducing the time a system is offline to maximise profitability.  Defence can play a part in this, offering advice and expertise in certain areas: the mechanisms for command and control, coordination and consulting with external agencies already exist.  Investment in capabilities – military and civilian – which can support seabed infrastructure should also continue.  However, it should be able to perform additional functions as well.  Niche capabilities for niche problems is no longer something that financially constrained militaries operating in an increasingly uncertain world have the luxury of maintaining.

Defence’s role in protecting seabed infrastructure does not necessarily need to be active or proactive. Passive roles such as supporting restoration efforts during crises or maintaining a general deterrent presence in sensitive areas can be just as effective.  In line with the “do nothing” strategy, the military might avoid direct interventions like patrolling and surveying infrastructure, which could impose additional risks and costs.  This approach recognises that defence’s strength lies not only in active protection but also in its capabilities to assist in swift response and restoration, thus contributing to the overall resilience of the infrastructure.

Conclusion

Seabed infrastructure is going to remain critical to modern life for the foreseeable future.  Ensuring that it is suitably robust to meet the growing needs of the entire planet should be a priority.  In the event of large-scale disruption, the effect could be significant; financially, politically, and personally.  However, the responsibility for ensuring the protection of these global enablers may not rest primarily with Defence.  The aim of this paper was to explore whether defence had a significant role in the direct protection of seabed infrastructure from interference by a threat actor.  Whilst limited in its scope, it has examined four stages of the process and identified that there is not necessarily a requirement for Defence to lead in this domain.  Commercial companies have far greater experience, expertise and capability to deal efficiently with outages and have robust systems in place across their networks to mitigate for this.

The prospect of a state actor simultaneously launching a widespread attack on multiple undersea cables seems unlikely.  Such an action would not be an efficient use of resources or capabilities, especially considering the significant deterrent activities already in place.  A more effective use of limited resources is likely to be ensuring adequate protection of the more vulnerable shore-based infrastructure from both physical and digital interference.  This, however, falls outside of the maritime domain and only on the periphery of broader Defence activity.

The reason seabed infrastructure is not necessarily the tempting target it once was is because of redundancy.  As stated previously, the resources required to achieve a meaningful effect have shifted significantly, affecting the strategic and operational calculus.  This resilience could be further improved by governments mandating resiliency margins for cable operators to further mitigate any outage reaching crisis level.  Defence will be ready to assist in the event of a crisis and should have the appropriate capabilities to do so.  However, these capabilities should form part of a larger toolkit available to defence.  They should not be an expensive or complex solution to a problem that, as mentioned earlier, may not primarily fall to defence to solve.

Commander Alex Westley RN

Cdr Alex Westley RN is a First Sea Lord Fellow at the Royal Navy Strategic Studies Centre. A graduate of the Ecole de Guerre, Cdr Westley is currently British Exchange Officer to the French Navy.

The views expressed in this Paper are the authors’, and do not represent those of MOD, the Royal Navy, RNSSC, or any other institution.

This author does not have any more posts.

1. BBC News, ‘New Royal Navy ship to protect ‘critical’ undersea cables’, BBC (March 21, 2021). Accessed August 24, 2023: https://www.bbc.co.uk/news/uk-56472655
2. Anna Gross, Alexandra Heal, Chris Campbell, Dan Clark, Ian Bott and Irene de la Torre Arenas, ‘How the US is pushing China out of the internet’s plumbing’, The Economist (June 13, 2023). Accessed August 24, 2023: https://ig.ft.com/subsea-cables/#:~:text=There%20are%20more%20than%20500%20active%20and%20planned,transactions%20are%20transmitted%20via%20these%20cables%20every%20day
3. Convention for the Protection of Submarine Telegraph Cables, Paris, 1884.
4. Michael Sechrist, “New Threats, Old Technology: Vulnerabilities in Undersea Communication Cable Network Management Systems.” Discussion Paper, 2012-03, Belfer Centre for Science and International Affairs, Harvard, 2012. Accessed August 23, 2023: https://www.belfercenter.org/publication/new-threats-old-technology-vulnerabilities-undersea-communication-cable-network
5. The Rt Hon Rishi Sunak MP. Undersea Cables: Indispensable, insecure, Policy Exchange (London, 2017). Accessed August 23, 2023: https://policyexchange.org.uk/wp-content/uploads/2017/11/Undersea-Cables.pdf
6. ibid
7. Publicly known communications systems (power, research and government use excluded).
8. Lane Burdette, ‘How many submarine cables are there, anyway?’, Telegeography (June 1, 2023). Accessed September 11, 2023:  https://blog.telegeography.com/how-many-submarine-cables-are-there-anyway
9. Stephen Chen, ‘Beijing Plans an AI Atlantis for South China Sea – with No Humans in Sight’, South China Morning Post, ( November 26, 2018).
10. Jill. C. Gallagher, ‘Undersea Telecommunication Cables: Technology Overview and Issues for Congress,’ Congressional Research Service (September 13, 2022). Accessed September 11, 2023: https://crsreports.congress.gov/product/pdf/R/R47237
11. BBC News, ‘Egypt arrests as undersea internet cable cut off Alexandria’, BBC (March 27, 2013). Accessed September 11, 2023: https://www.bbc.co.uk/news/world-middle-east-21963100
12. Colin Wall and Pierre Morcos, ‘Invisible and Vital: Undersea Cables and Transatlantic Security’, CSIS (June 11, 2021). Accessed September 11, 2023: https://www.csis.org/analysis/invisible-and-vital-undersea-cables-and-transatlantic-security
13. Douglas R. Burnett, ‘Cable Vision’, Proceedings – United States Naval Institute (August, 2011). Accessed September 11, 2023: https://www.usni.org/magazines/proceedings/2011/august/cable-vision
14. ICPC, ‘Frequently Asked Questions’ ICPC (September 29, 2014). Accessed July 26, 2023: https://www.iscpc.org/information/frequently-asked-questions/
15. Sunak, ‘Undersea Cables: Indispensable, Insecure’.
16. John Brandon, ‘Protecting the Submarine Cables That Wire Our World’, Popular Mechanics (March 15, 2013). Accessed September 11, 2023: https://www.popularmechanics.com/technology/infrastructure/a8773/protecting-the-submarine-cables-that-wire-our-world-15220942/
17. Capt Douglas R Burnett USN (Ret’d), ‘Repairing Submarine Cables Is a Wartime Necessity’, USNI Proceedings, Vol. 148/10/1,436 (October, 2022). Accessed September 20, 2023: https://www.usni.org/magazines/proceedings/2022/october/repairing-submarine-cables-wartime-necessity.
18. Robert. K. Massie, Castles of Steel, (New York: Random House, 2003).
19. Conversation with Ben Ashwell, CEO Cygnus Resilience, 10 August 2023.