Sejong Policy Briefs

(Brief 2024-10) Undersea Cables – A Potential Maritime Security Flashpoint

Date 2024-08-30 View 1,236 Writer LEE Sung-Won

File Brief-10 Writer Sungwon Lee

 

Undersea Cables – A Potential Maritime Security Flashpoint:

Growing Threats, Security Implications, and Key Takeaways for South Korea

 

Sungwon Lee

Research Fellow 

 

 

1. Introduction

With advances in communication and technology, the strategic significance of the oceans has expanded beyond the surface to the ocean floor, where an invisible but intense battle between nations is unfolding. Undersea cables, which form the backbone of digital networks, now carry significant geopolitical and geo-economic implications.

As of 2024, approximately 485 undersea cables are in operation worldwide, with plans for the installation and operation of 70 additional cables. Around 99% of international data communications are transmitted through these undersea cables, clearly highlighting that the oceans have become a critical hub for increasing digital interconnectivity in addition to the physical exchange of goods and people.

Because countries rely on undersea cables to transmit and receive critical data, including military, diplomatic, and financial information, ensuring sovereign control and stable operation of these communication networks is a direct national security concern.

Any physical damage to undersea cable infrastructure could disrupt or paralyze the flow of information between countries, leading to widespread economic losses for affected industries.

While most instances of damage to undersea cables have been attributed to accidental contact during fishing activities or other natural events like earthquakes and tsunamis, there are a growing number of cases where the cause cannot be identified or is believed to be a deliberate attack.

With the increasing number of undersea cable attacks, there is a growing global trend toward the securitization of undersea cables. Despite this, discussions on undersea cable attacks and potential response measures have not received much attention in South Korea. However, given Korea’s heavy reliance on data and communications, its limited control over undersea cables, and the potential threats posed by geopolitical shifts, it is essential to discuss the protection of undersea communication network infrastructure and establish response measures.

 

2. Objectives and Characteristics of Undersea Cable Attacks

Table 1 below provides a brief analysis of the suspected intentional sabotage incidents since 2020, highlighting the background, impact, cause, and suspected perpetrator for each case. Amid the escalation of geopolitical tensions in every region of the globe, the strategic importance of undersea cables continues to grow, contributing to the rise in deliberate attacks.

 

Table 1. Suspected Undersea Cable Attacks Since 2020

 

 

Incident (Location)

Date

Background and Damaged Cable(s)

Impact

Cause

Suspected Perpetrator

Strait of Malacca

Apr. 2024

A cable (SeaMeWe-5) connecting Asia, the Middle East, and Europe was damaged using a submersible or cutting tools.

- Major internet disruptions and outages across South and Southeast Asia.

- Estimated economic losses of $50-70 million.

- Internet services disrupted for several weeks.

Likely an intentional attack.

China

Red Sea

Mar. 2024

Houthi rebels suspected of cutting cables (AAE-1, EASSy, SEACOME/TGN_EA) using a ship anchor.

- Direct impact on Saudi Arabia, Egypt, and Djibouti.

- Affected 25% of data traffic, causing severe outages.

- Repairs and rerouting took over a month, costing millions of dollars.

Likely an intentional attack.

Houthi rebels

Gulf of Finland

Oct. 2023

A 1,000-km-long Russian-owned communications cable (Baltika telecommunications) connecting St. Petersburg to Kaliningrad was damaged.

- Russian communications disabled.

- High tensions between Russia and NATO in the Baltic Sea.

- Incident occurred around the same time as damage to a gas pipeline and communications cable connecting Finland and Estonia, suggesting a possible connection.

- Possibility of retaliation due to geopolitical tensions.

Cause unknown.

Possible accident or Western countries/

NATO

Baltic Sea

Apr. 2023

Undersea cables (NordBalt, Baltic Connector, Sea Lion) repeatedly sabotaged and damaged amid geopolitical tensions.

- Weeks of internet disruptions, slowdowns, and outages in surrounding countries, including Lithuania, Latvia, and Estonia.

- NATO military operations hindered by communication disruptions.

- Estimated economic losses of $20-30 million in the Baltic states.

Under investigation; suspected intentional attack.

Russia

West Africa

Feb. 2023

Natural events - Undersea cables (ACE, WACS) were damaged by an undersea landslide.

- Internet communication services delayed or disrupted across the affected region.

- Estimated economic loss of $10-15 million.

Likely caused by a natural disaster.

N/A

Taiwan Matsu Islands

Feb. 2023

Undersea cables (TPE, APCN-2) connecting Taiwan’s main island to the Matsu Islands were damaged by Chinese fishing ships.

- Internet communications disrupted for 50 days.

Repeated incidents of cable damage by Chinese fishing ships; suspected intentional attack.

China

South of France

Oct. 2022

Suspected intentional attack on fiber optic cables (SeaMeWe-4, SeaMeWe-5) near Aix-en-Provence using specialized cutting tools.

- Internet routes impacted, resulting in network latency and packet loss in areas such as Marseille, Lyon, Milan, and Barcelona.

- Temporary slowdowns and connectivity issues due to rerouted traffic.

- France will invest 11 million to develop advanced unmanned underwater surveillance equipment to strengthen surveillance and protection of key undersea facilities

Suspected intentional attack; lacking conclusive evidence of an attack.

Unknown

Norway

Jan. 2022

Damage to undersea cables (TAT-14, NO-UK) suspected to be caused by a submersible or sabotage equipment.

- Disruptions, delays, and outages in internet and smartphone communications in Norway, Denmark, and parts of the UK.

Suspected intentional attack; lacking conclusive evidence.

Russia

Mediterranean Sea

May 2021

Technical error by private fishing boat caused anchor damage to cables (SeaMeWe-3, SeaMeWe-4).

- Communication service disruptions in the Mediterranean region.

- Temporary internet outages.

Suspected intentional attack; investigation found damage was caused by technical failure.

Unknown

Source: Author’s Summary Using Internet Resources

 

These incidents raise some key questions: Why do undersea cable attacks continue? What methods are used to carry out these attacks, and are they effective? Professor Sean O'Malley identifies three primary target points for undersea cable attacks: 1) the cables themselves, 2) cable landing stations, and 3) network operations centers. Attacks can be broadly categorized into two types: 1) physical tampering and 2) digital hacking. Physically destroying or cutting cables at any of these target points is meant to disrupt or sever communications. Cables can be cut using ship anchors, submarines, manned or unmanned submersibles, surface vessels, or divers. Landing stations and network and power facilities can be attacked in various ways using army, navy, or air force equipment, including drones. The main driver of the securitization of undersea cables is that they are vulnerable to cyberattacks at all these target areas. For example, Colin Wall and Pierre Morcos, researchers at the Center for Strategic and International Studies (CSIS), note that a key feature of recent attacks is that they increasingly aim not only to physically damage undersea cables but also disrupt data flows, wiretap and copy data, and hack into network operating systems.

 

It is important to note that data theft can occur not only during an attack, but also during repair of undersea cables. Recently, the U.S. State Department warned major telecommunications companies, including Google and Meta, which are increasingly investing in undersea cables, to be aware of potential threats during operation and repair of U.S.-owned cables. The main concern raised by the State Department was about the state-controlled Chinese company S.B. Submarine Systems, which operates and repairs undersea cables. The company was found to have repeatedly and intentionally disabled satellite tracking of its repair ships for several days at a time. The State Department stressed that due to the inability to track the location of the ships, they pose a potential security threat as they could engage in wiretapping of U.S. military communications, mapping of the ocean floor, theft of intellectual property used in cable equipment, and laying cables for the Chinese military. There are also concerns that the development of AI technology could facilitate the collection and analysis of communication data transmitted through undersea cables, transforming it into a tool for attacks. The advancement of AI analysis technology could significantly improve the effectiveness of threat detection as well as data collection and analysis, potentially increasing the frequency and scope of conflicts related to undersea cables.

 

Another security concern related to undersea cables is their vulnerability to gray zone tactics and hybrid warfare. Due to their geographical location and operational characteristics, undersea cables are particularly susceptible to gray zone tactics, where strategic objectives can be achieved without the use of large-scale military force. In addition, even when suspected perpetrators are identified, securing conclusive evidence and proving intent remains challenging. Moreover, the ambiguous legal status of underwater spaces, combined with the variety of potential attacksranging from simple wiretapping to destruction and hacking using submersibles and advanced equipmentmakes immediate military response difficult. Due to the legal ambiguities and indirect nature of these threats, undersea cables can be attractive targets for hybrid warfare.

 

U.S.-China hegemonic competition is expanding beyond traditional security concerns into the realm of economic security, with a focus on securing stable supply chains and critical raw materials for high-tech industries such as rechargeable batteries, batteries, and biotechnology. According to Nikkei Asia, China is estimated to own around 11% of global undersea cables. Moreover, the Atlantic Council, a U.S. think tank, predicts that China’s dominance in the undersea cable industry could reach 20% by 2030. Matthew Goodman and Matthew Wayland, researchers at the Center for Strategic and International Studies (CSIS), note that China is making significant investments through Chinese state-owned enterprises, such as China Telecom, China Unicom, and China Mobile, to significantly expand its ownership and supply of international undersea cables. Particularly notable is China’s expansion of undersea cable ownership in developing regions like Africa, where profitability is not guaranteed. For example, China has invested $80 billion to construct an 18,000-km-long intercontinental undersea cable linking France, Egypt, South Africa, Pakistan, and Singapore. Concerns have been raised that because China, as the primary owner, will have dominant control over investment and operation, countries using and transmitting data through this cable could be exposed to the threats of data collection and information infrastructure control.

 

3. Incidents of Undersea Cable Attacks and Potential Threats

A good example from Table 1 is the Matsu Islands case in Taiwan. In February 2023, amid heightened military tensions between China and Taiwan, two major undersea cables connecting Taiwan's main island and the Matsu Islands, which are located closer to mainland China than to Taiwan, were cut on two separate occasions by private Chinese fishing boats. As a result, around 14,000 residents of the Matsu Islands experienced internet outages, communication disruptions, and various service interruptions for around 50 days. The cables in this area have been damaged frequently over 20 times in the last decade with most incidents attributed to private Chinese fishing vessels. However, speculation persists that the Chinese government may have played a role in these recurring incidents. As previously mentioned, the use of civilian vessels in such attacks makes it difficult to assign legal and military responsibility and determine the true intention of an attack, complicating the affected country’s ability to respond effectively. Intentional attacks on undersea cables thus heighten security concerns as they can be used as tools or grounds for escalating crises by deepening existing conflicts.

 

Many European countries are closely monitoring the potential threat of undersea cable attacks by Russia. The Olenya Guba Base, home to the Russian Northern Fleet, is a critical hub for Russia’s maritime defense research. It has been reported that high-performance vessels conducting marine research and reconnaissance missions operate from this base. Notably, it has been revealed that the Yantar, a special-purpose ship, can be used not only for cutting cables but also installing wiretaps and carrying out other specialized tasks. The Yantar has spent extended periods near undersea cables in Portugal, the Mediterranean, and the eastern coast of the United States, becoming a point of concern among Western nations. NATO’s Assistant Secretary General for Intelligence and Security, David Cattler, has noted that Russia’s undersea reconnaissance activities in the Atlantic, North Sea, and Baltic Sea have become more active in recent years. Furthermore, a 2024 report by the NATO Energy Security Centre of Excellence raised concerns that, in the event of a political crisis, Russia could use its naval forces to launch multiple simultaneous attacks on power cables in the Baltic Sea with the aim of causing supply disruptions and grid failures. Although it can be difficult to identify the exact cause and perpetrators of undersea cable damage, many Western countries suspect that Russia is behind several of these incidents. Given the heightened tensions due to the Russia-Ukraine war, the possibility of reciprocal undersea cable sabotage cannot be ruled out.

 

4. Legal Responses to Undersea Cable Attacks and Their Limitations

Attacks on undersea cables often involve the use of gray zone tactics, making it difficult to clearly assign responsibility. In cases where the identity of the perpetrator remains unclear, military responses carry significant legal risks. The difficulty of taking appropriate legal action is likely a key reason threats to undersea cables persist. The United Nations Convention on the Law of the Sea (UNCLOS) stipulates that coastal states are responsible for the protection and management of marine resources. However, a military response to the various security threats outlined above is complicated by a wide range of legal considerations. While a state may exercise rights of protection and apply it’s own laws to cables within its territorial sea, in exclusive economic zones (EEZs) and international waters, which are considered pat of the "global commons," a state’s legal authority is limited. As a result, a legal or military response to undersea cable sabotage outside the jurisdiction of any single state is challenging.


5. Expanding Threats to Undersea Cables and Security Implications for South Korea

Is Korea safe from potential threats? How should Korea prepare and respond? In terms of communication network stability, South Korea is in a highly vulnerable geographic location. Due to the ongoing ceasefire with North Korea, South Korea’s communication infrastructure is heavily reliant on undersea cables. Most of the undersea cables supplying South Korea are concentrated along the southern coast between Korea and Japan. Here, the distance between landmasses is relatively short, and the water is relatively shallow (less than 100 meters). South Korea’s geographical position makes it highly vulnerable to undersea cable attacks aimed at disrupting, destroying, or paralyzing communications infrastructure during periods of heightened geopolitical tensions. Moreover, South Korea shares maritime borders with Russia, China, and North Korea, which are some of the main actors suspected of undersea cable sabotage and cyberattacks. Considering Korea’s geographical location and vulnerability to attack, the security of its undersea cables is questionable. Despite this, South Korea has experienced a relatively low number of incidents involving attacks or damage to its undersea cables. This discrepancy can be attributed to the limited strategic gains that an attack on South Korea’s undersea cables would yield.

 - China: While Korea shares undersea communication network routes with China, it has not been a target of direct Chinese attacks. China’s strategic interests in terms of diplomacy

             and security surrounding undersea cables have been primarily focused on the Taiwan Strait and the South China Sea.

 - Russia: While an attack from Russia, as another neighboring country, is possible, Russian attacks have been primarily concentrated in Europe,

             where it has more significant strategic interests.

 - North Korea: Direct attacks by North Korea on South Korea’s undersea cables, which are located at a considerable distance from the Northern Limit Line (NLL), have been limited.

 

Currently, the likelihood of direct, armed attacks aimed at severing or intercepting military and security data transmissions is low due to the high opportunity costs. However, undersea cables remain vulnerable as disabling or disrupting the transmission of sensitive economic and commercial trade data could trigger severe national unrest. It is important to note that indirect sabotage, carried out without military force, makes it difficult to determine a clear perpetrator. Such an attack could create an asymmetric situation where social unrest and economic losses in South Korea are escalated even in the absence of full-scale armed conflict. In particular, considering the formalization and deepening of security cooperation between Russia and North Korea, concerns are rising over potential undersea cable attacks, data analysis technology transfer, and the diversification of cyberattack routes. Moreover, amid the clear intensification of the U.S.-China hegemonic competition, there is a risk that China could use cyberattacks targeting undersea cables linking South Korea, Japan, Australia, and the United States, as well as gray zone tactics, as tools to escalate tensions if the situation surrounding Taiwan worsens.

 

6. International Efforts to Protect Undersea Cables and Key Takeaways for South Korea

​ The Need for an Integrated Approach and Ongoing Dialogue

Given the growing geopolitical significance of the Korean Peninsula, the risk of maritime sabotage in the form of hybrid attacks, including attacks on undersea cables, is expected to increase in the region. South Korea should prioritize dialogue focusing on proactive identification of potential threats and the establishment of systematic response protocols as well as mid- to long-term technology and capital investments. In this way, Korea can develop effective risk mitigation measures to minimize damage and ensure rapid stabilization in the event of a crisis.

 

​ Establishment of an Integrated Command System

In the event an undersea cable is damaged or attacked, it is necessary to establish a clear division of roles and response mechanisms for the public and private sectors and across various government ministries based on a systematic manual. Efforts must be made to conduct simulations of various attack scenarios to determine the scale of potential damage and solidify interministerial cooperation and response protocols through drills and exercises. *At present, in the event of an undersea cable attack, confusion due to an absence of clear guidelines could be a more serious problem than a lack of response capabilities.

 

​ Strengthening Participation and Cooperation in Global Governance

South Korea should expand and strengthen its participation in cooperative efforts related to the protection of undersea cables with like-minded countries in the region. In addition to technical collaboration on surveillance and defense with like-minded countries and cooperation for global governance, South Korea should also share the importance of mutual interests and interdependence in the maritime domain with neighboring countries such as Russia, China, and North Korea, while engaging in threat management diplomacy to prevent potential conflicts. Efforts to reduce the likelihood of retaliatory attacks on maritime assets by avoiding unnecessary diplomatic provocations will also be crucial.

 

​ Public-Private Partnerships and R&D

Through partnerships between government agencies and companies that own and operate undersea cables, it is essential to cooperate with private companies to establish a risk evaluation framework and promote joint investment. It is also necessary to foster cooperation between academic institutions, research centers, and the private sector to expand funding and subsidies for research and development (R&D) focusing on the development of new technologies to protect undersea cables.