One important question that I'm unclear on is how long it takes to fix one of these cables. If it takes months then that is quite a wide window in which an attacker could incrementally take down cables.
In this particular case, it seems like the attackers were trying for plausible deniability (making it look like an accident with an anchor). A comprehensive series of "accidents" wouldn't fit that goal.
(And if they decide they don't care about plausible deniability, they could use sub-deployed timed mines to take out every cable at once.)
Even if these "accidents" are a state sponsored (or at least condoned) action, it seems certain states have realized they can happen over and over again without consequences[0].
The frustrating part of this kind of petty tactic is that bullies can do just enough to annoy and inconvenience their targets, while never quite doing enough to make it worth expending the political capital to hold them to account. From the bully's perspective there's no downside. And if legitimate accidents or rogue actions get portrayed as deliberate then all the better - that just reinforces the bully's reputation as an actor to be feared while further eroding trust in the international institutions that may one day challenge it.
True but ships and crews with the equipment to do the repairs are limited. It's possible to overwhelm the repair capacities. Also, it takes time to physically travel between cuts so while cuts in the Baltic might take a week or two to fix, a cut in the Atlantic and one in the Baltic may take a week or two just for travel.
Yeah, I wouldn't be surprised if Slack took up 50% of the bandwidth on those cables considering how many notifications and channels I alone get spammed with from work.
Can anyone explain why there wasn't any BGP activity on the Finland-Germany systems when the cable broke, while for Lithuania there was a massive spike?
Unfortunately it's been a long time since I learned about BGP, if anyone could help out here I'd be grateful.
Each BGP hop represents an ISP so when an ISP reroutes traffic internally there's no need for changes to external BGP announcements. Clearly ISPs in the Baltic region have multiple paths and don't depend on any one cable.
One important question that I'm unclear on is how long it takes to fix one of these cables. If it takes months then that is quite a wide window in which an attacker could incrementally take down cables.
This is a great video on undersea cables https://www.youtube.com/watch?v=AFt9le2ytW0
"Sabatoge" and repair is discussed at 11:45
Update:
> Finland, Sweden complete repairs on Baltic Sea cables
https://news.ycombinator.com/item?id=42273288
In this particular case, it seems like the attackers were trying for plausible deniability (making it look like an accident with an anchor). A comprehensive series of "accidents" wouldn't fit that goal.
(And if they decide they don't care about plausible deniability, they could use sub-deployed timed mines to take out every cable at once.)
Even if these "accidents" are a state sponsored (or at least condoned) action, it seems certain states have realized they can happen over and over again without consequences[0].
The frustrating part of this kind of petty tactic is that bullies can do just enough to annoy and inconvenience their targets, while never quite doing enough to make it worth expending the political capital to hold them to account. From the bully's perspective there's no downside. And if legitimate accidents or rogue actions get portrayed as deliberate then all the better - that just reinforces the bully's reputation as an actor to be feared while further eroding trust in the international institutions that may one day challenge it.
[0] https://www.taiwannews.com.tw/news/5677668
2 replies →
And then once they are fixed take them out again
2 replies →
They could even blow up all cables at once. Maybe the explosives have already been placed.
With timers ? because undersea communication is not as solved problem AFAIK
1 reply →
Generally it can be fixed in days. They raise it from the sea floor and splice in a new cable section.
True but ships and crews with the equipment to do the repairs are limited. It's possible to overwhelm the repair capacities. Also, it takes time to physically travel between cuts so while cuts in the Baltic might take a week or two to fix, a cut in the Atlantic and one in the Baltic may take a week or two just for travel.
3 replies →
Crazy that you can splice optical cable..
8 replies →
Certainly worth blowing up some russian ships to make sure it doesn't happen again
How would blowing up Russian ships stop Chinese ships doing it again?
1 reply →
Shhh, or somebody will realize how much slack there is in the system (for very good reasons, as evidenced here) and "optimize" it away...
Yeah, I wouldn't be surprised if Slack took up 50% of the bandwidth on those cables considering how many notifications and channels I alone get spammed with from work.
Can anyone explain why there wasn't any BGP activity on the Finland-Germany systems when the cable broke, while for Lithuania there was a massive spike?
Unfortunately it's been a long time since I learned about BGP, if anyone could help out here I'd be grateful.
Each BGP hop represents an ISP so when an ISP reroutes traffic internally there's no need for changes to external BGP announcements. Clearly ISPs in the Baltic region have multiple paths and don't depend on any one cable.
Exactly what the internet was built for!
[dead]