A critical but invisible element of physical internet infrastructure is cables laid across the ocean floor. Over 95% of intercontinental internet traffic is carried through these submarine cables, and their security is of global importance. Three growing risks are outlined, and specific recommendations are made to the United States government and telecommunications sector. The first risk is growing authoritarian influence on cables, as state-controlled infrastructure companies can determine the landing stations and location of sub-sea cables. Significant leverage can be gained by the control and rerouting of traffic, which is largely determined by physical infrastructure. The second risk is “remote network cable management systems,” which are used to monitor subsea cables, because the cables become exposed to cyberattacks such as signal disruption. While on-site monitoring is more costly, attackers would have to breach a secure location instead of a remote network with minimal security requirements. The third risk is the recent surge of sensitive data being sent over subsea cables, making the cables a bigger target and their resilience more critical. Increased resources for the Committee on Foreign Investment in the United States (CFIUS) and Committee for the Assessment of Foreign Participation in the United States Telecommunications Services Sector (f/k/a Team Telecom) is suggested to address these outlined risks. Other suggestions include increased State Department oversight of submarine cable threats, and international threat-sharing between states and commercial entities.
