The Critical Infrastructure Beneath the Sea: What Risks Make Your Business Vulnerable?

Though much about subsea cable networks is outside of your organization's control, it’s still important to understand where your data flows and the risks it may be exposed to so you can better anticipate how future outages could affect your business.

Though much about subsea cable networks is outside of your organization's control, it’s still important to understand where your data flows.
(Credit: David Fleetham / Alamy Stock Photo)

Earlier this year, damage to subsea cables in the Red Sea caused by military conflict significantly disrupted internet and mobile connections between Asia, Europe, and the Middle East. More than a quarter of telecommunications traffic in the region was rerouted after a cargo ship was attacked, and its dragging anchor severed three cables. Months later, the cables haven’t been fully repaired due to permit delays stemming from regional political disputes.

The Red Sea conflict is just the latest event to expose the fragility of the world’s telecommunications infrastructure, highlighting the urgent need for businesses, telecoms, and governments to secure and diversify their networks. As organizations increasingly rely on digital technology and global workforces to drive growth, they must plan for inevitable infrastructure disruptions and implement robust contingency measures to maintain operational continuity.

Opportunities for failure are prolific

There are more than 500 subsea cables traversing the globe, carrying 99% of intercontinental internet data. That is estimated to include $10 trillion in financial transactions every day.

Unfortunately, there are countless opportunities for these cables to become damaged, causing costly latency issues and outages:

  • Military and political conflict: As we’ve seen in the Red Sea conflict, subsea cables can become collateral damage during military engagements. Another example: In 2023, an underwater gas pipeline connecting Finland and Estonia was sabotaged in a presumed attack, taking out the telecommunications cable it contained in the process.

  • Natural disasters: The 2006 Taiwan earthquake cut several subsea cables, causing phone and internet outages across East and Southeast Asia and impacting connections between Asia and the U.S. and Europe. More recently, an underwater rockslide was responsible for major outages across Africa.

  • Cyberattacks: Cyberattacks on critical internet infrastructure are on the rise globally, like the one targeting subsea cables serving Hawaii in 2022. Subsea networks where alternate capacity routes are already limited are particularly vulnerable to distributed denial of service (DDoS) attacks.

  • Fishing and maritime activity: Anchors dragged across the ocean floor and fishing equipment used to catch bottom-dwelling seafood are responsible for about 60% of subsea cable disruptions. Though fishers have access to maps plotting cable locations, many say the rapid expansion of these networks makes them increasingly difficult to avoid.

  • Animal and environmental damage: Sharks and fish have been known to chew on cables, though they are responsible for only 0.1% of disruptions. Animals and exposure to the elements may also cause damage to the equipment and platforms on land that connect to subsea cables.

Communications infrastructure providers already employ a number of tactics and advanced technologies to minimize vulnerabilities. For example, advancements in transceiver technology have moved optical-to-electrical conversions off of beach landing stations and into data centers, protecting electronic equipment from physical damage.

Additionally, hyperscalers and social platforms like Meta, Amazon, Google, and Microsoft, which are the main investors in subsea networks, are increasingly interested in point-to-point connections. These cables avoid regional connection hubs and instead take direct paths between data centers, reducing latency and potential points of failure.

Point-to-point connections also make it possible to bypass potential conflict zones and countries where political relations with the U.S. are strained. And as new technology options come to market and new routes become available, adding cables can shave off additional milliseconds of latency.

Considerations for guarding your business against subsea disruption

On average, damage to undersea cables occurs about 100 times each year. Built-in redundancies and agreements between cable operators that allow them to divert traffic make complete outages rare. Still, there are consequences for businesses and everyday internet users.

When communications traffic is forced to detour through alternative routes — which are typically longer or more congested — you’re apt to experience latency issues that can delay your business transactions and cause service delivery glitches for your customers. For example, if your organization uses an offshore customer support center, a cable outage could delay your customers getting through to your help desk, eroding satisfaction and trust.

Though much about subsea cable networks is outside of your organization's control, it’s still important to understand where your data flows and the risks it may be exposed to so you can better anticipate how future outages could affect your business.

Ask yourself:

Where are your most vulnerable workloads? Talk to your communications infrastructure provider about the paths your data takes from point to point, especially for your most business-critical operations. Remember to evaluate where your workers are located — think of that offshore help desk — as well as where your data is processed. In addition, consider how your organization uses mobile communications because mobile platforms ride over terrestrial networks for voice/data traffic.

How is your network secured? Your infrastructure partner can also provide specifics on the security measures they have in place to protect against DDoS and other types of cyberattacks. You should look to them to provide comprehensive threat detection and mitigation strategies as well as robust encryption protocols.

Do you have access to backup routes? Though the vast majority of intercontinental traffic flows through subsea cables, satellite uplinks are growing in importance as an alternative. That’s a positive step because network diversification makes you less vulnerable to disruption. Even if your communications infrastructure partner doesn’t have satellite routes in place yet, they should be able to advise you on how your data will be rerouted if an outage occurs. In addition, evaluating connectivity globally should be a key part of your disaster recovery or business continuity plan. Ensure updates are captured as your providers and vendors change.

It’s essential to identify potential points of failure in your network so you can guard against future disruption, whether it stems from a dragging anchor or a cyberattack. Work with your communications infrastructure partner to ensure your organization is equipped with robust failover mechanisms, comprehensive monitoring systems, and effective incident response plans. This proactive approach will help minimize downtime, maintain operational continuity, and protect your critical data and services as they travel around the globe.

Related articles:

About the Author(s)

Jason Carolan, Chief Innovation Officer, Flexential

Jason Carolan is the Chief Innovation Officer at Flexential. There, he leads Flexential’s customer-driven innovation and advisory programs office, providing leading insights into product and technology evolution in a dynamic industry. Operationally, Jason keeps grounded by leading our information technology and security teams, enabling new products and services. Jason has more than 25 years of experience in leadership positions in product architecture, software engineering, technical sales, and support across a variety of companies, including Sun Microsystems, where Jason was honored as a Distinguished Engineer, VMware, and the Mayo Clinic. Additionally, Jason was the lead author of “Building N1 Grid Solutions,” one of the first books highlighting the combined use of virtualization and automation. He also has several patents in networking, data center resource management, virtualization and security.

Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like

More Insights