Internet connectivity between parts of Asia, Africa, and Europe suddenly slowed on February 24 when three undersea cables were damaged in the Red Sea. This caused “a significant impact on communication networks in the Middle East,” according to Hong Kong telecoms company HGC Global Communications. The Red Sea is a choke point for global maritime trade—a fact Yemen’s Houthi rebels have taken advantage of by targeting global shipping with missile attacks in recent months. But the sea is also an internet and telecommunications bottleneck. An estimated 90 percent of communications between Europe and Asia and 17 percent of global internet traffic traverse cables under the 14-mile-wide Bab al Mandab Strait.
The Yemeni government warned in early February that Houthi rebels might target undersea cables. Although the rebels denied responsibility, it turned out they were in fact culpable—just not in the way many had expected. According to U.S. officials, the cables were cut by the anchor of the sinking ship the Rubymar, a UK-owned commercial vessel that took on water after it was struck by a missile fired by the Houthis on February 18. The ship then dropped its anchor and drifted for several days. It finally sank on Saturday.
This is the latest of several recent incidents involving high-profile damage and disruption to undersea infrastructure. Internet cables near Svalbard and the Shetland Islands were cut in 2022, the same year the Nord Stream gas pipelines were sabotaged. Last year the Balticconnector pipeline between Finland and Estonia was damaged along with two subsea cables when the Chinese-owned commercial ship the Newnew Polar Bear dragged its anchor across them. These episodes highlight the vulnerability of vital undersea infrastructure around the world. The NATO alliance was so concerned it opened a new center last year for securing undersea infrastructure.
Around 97 percent of global data runs through a few hundred undersea cables. These cables are vital to the global information economy, spanning over 1.4 million kilometers and connecting nearly every country in the world. This number is growing as big tech companies lay and operate their own cables. Amazon, Google, Meta and Microsoft alone now control around half of all undersea bandwidth worldwide.
But seabed cables and other undersea infrastructure, like oil and gas pipelines or ocean wind farms, are vulnerable. As the Red Sea incident highlights, they are fast becoming the soft underbelly of the world economy. The scale and nature of this infrastructure makes it difficult to protect. Undersea infrastructure also makes a good target for those operating in the murky gray zone of deniable attacks short of war. For example, over 70 percent of cable faults are not intentional. Damage can be caused by fishing nets, anchors, weather, shark bites—and now sinking cargo ships. This makes it difficult to distinguish between accident and attack, something potential saboteurs can take advantage of to avoid detection. Cables and pipelines are also easy to locate as companies make their location public to aid navigation and minimize accidents.
Recent incidents show what is possible with these tactics. The 2022 Nord Stream explosions transformed the European energy landscape and sent political shockwaves across Europe, yet more than a year of investigations has yielded no firm conclusions. The 2023 Balticconnector incident was deemed likely by Finland to be an “intentional” attack, although investigations continue. The most recent Red Sea incident was judged “an exceptionally rare occurrence,” but it is one that is becoming more common as more undersea infrastructure is at risk to proliferating conflicts around the world.
No state actors have been implicated in these incidents, but several have advanced capabilities to target undersea infrastructure. The United Kingdom warned of Russia’s threat to undersea cables in 2017. Russia has long operated advanced capabilities for seabed sabotage and has recently been caught mapping European maritime infrastructure. Iran’s submarine fleet is small but potent and capable of Red Sea operations. China’s navy is now the world’s largest, and U.S. officials have expressed concern over the Chinese firm Huawei’s involvement in scores of global seabed cable projects, which “could allow China to attach devices that divert or monitor data traffic—or, in a conflict, to sever links to entire nations.”
There are no easy solutions for securing undersea infrastructure. Deterring gray zone aggression is difficult but not impossible. However, International governments and companies can act now in two important areas: boosting resilience and enhancing maritime domain awareness. Both would be furthered by improving public-private coordination, especially given the security and financial risks from vulnerable undersea infrastructure.
The best way to prevent attacks on vital and vulnerable undersea infrastructure is to build more resilient systems. As the UN principles for resilience infrastructure emphasize, new projects can be protected from the start by ensuring systems are hardened, fail-safe, have sufficient redundancy and are quickly recoverable. Since the 9/11 attacks, government buildings in the U.S. have been surrounded with simple measures like concrete bollards to prevent truck bombs. Airliners are equipped with locking, reinforced cockpit doors, for example. Protecting undersea infrastructure may require the same shift in mentality to proactive resilience by design.
However, true resilience is costly and impractical for existing cables that runs thousands of kilometers along the seabed. If building resilience is a long-term endeavor, a short-term solution is to remove the cloak of ambiguity from hostile actors by enhancing maritime awareness. Much like the “you are being watched” signs under surveillance cameras, doing so would strengthen deterrence by detection—hostile actors are less likely to attack undersea infrastructure if they know (or suspect) they are being watched.
There are plenty of sensors out there to do this job. These are either owned and operated by governments—such as space-based satellite imaging, all-weather synthetic aperture radar, sensors on navy and coast guard vessels and aircraft, and even “secretive multidomain tech”—or by private actors, including commercial satellites, maritime surveillance companies, and undersea cable firms. This wealth of data needs fusing and analyzing so it can be used by authorities. The legal authorities to catch perpetrators in the act have existed for over a century (and were updated in the United States last month) but the technology has lagged behind. Now advances in artificial intelligence and quantum computing could make this possible in real time.
Finally, private-public coordination will be critical for both tasks. A recent NATO-EU joint resilience task force agreed to promote private sector engagement. Last year NATO set up a dedicated unit to coordinate this engagement as part of a new focus on undersea infrastructure. Other regional frameworks like the Joint Expeditionary Force are doing the same. Meanwhile, Italy’s largest internet provider agreed to share threat data with the navy while Norwegian gas transporter Gassco stepped up government cooperation after the Balticconnector incident to monitor pipelines.
The damage to the cables in the Red Sea demonstrate the vulnerability of vital undersea infrastructure. The difficulty of defending such vast networks and deterring ambiguous attackers means this threat is here to stay. While there are no easy solutions for protecting this soft underbelly of the global economy, public authorities and private companies can take practical steps to improve resilience and enhance maritime awareness. New technology and improved public-private cooperation can help governments, in the words of the U.S. Navy’s project PROTEUS, “collaboratively discover and investigate suspicious and illegal maritime activity throughout the world in ways never before possible.”
Sean Monaghan is a visiting fellow in the Europe, Russia, and Eurasia Program at the Center for Strategic and International Studies in Washington, D.C. Michael Darrah is a military fellow with the International Security Program at CSIS. Eskil Jakobsen is a visiting fellow in the Europe, Russia, and Eurasia Program at CSIS. Otto Svendsen is a research associate with the Europe, Russia, and Eurasia Program at CSIS.
The opinions expressed are those of the authors and do not represent the official position of the United States Coast Guard or Department of Homeland Security.