Skip to main content


Protecting Employee Data is an Organization’s Legal Obligation or Is It?

In today’s world, countless organizations fall victim to data breaches that involve employee data. In 2014, I was engaged to lead the remediation efforts of a data breach for a Pennsylvania-based client.  Hackers gained access to the company’s employee payroll information containing the salaries, social security numbers and other Personal Identifying Information (PII) through an insecure email system. It was crucial to develop and execute a corporate security strategy along with the tactical tasks of remediating the breach.

During 2013 and in 2014, infamous cyberattacks resulting in significant data breaches occurred against notable companies such as Target Corporation, Home Depot, JP Morgan Chase, along with many others.

The legal repercussions from those events set off an avalanche of employee and customer lawsuits. Many banks subsequently filed suits against the afflicted organizations citing negligence and other allegations. Organizations did not view protecting employee data was…

Can the Internet Collapse?

Not exactly a doomsday scenario since most of the global baby boomers and all prior generations living before them enjoyed life without the Internet. To those adapting without it is a straightforward proposition going back to the old school with the radio, telephone and telegraph technologies of the past. Nowadays the civilized world has advanced to the Internet age, and it has become a global reliance interconnecting the global population, businesses of every size and the Internet of Things. The Internet is a vast global complex, the most massive network ever built by mankind. Yet virtually all of its data moves through a mere 321 (in use or under construction as of 2016) undersea cable system spanning the globe. Cables that are no larger than a beer can in diameter tapering off to the width of a quarter in the vast depths of the oceans. Add to this complex are about 20 known choke points most of these cable systems converge in landing stations on continents.

The vulnerability of the Undersea Telecommunication Cables

The global telecommunication cables are the arteries and veins where 99% of all Internet traffic flows through. The role of the worldwide cable system is critical where business worth more than $10 trillion a day flow through it, that’s extraordinary and unprecedented. The volume includes those from all financial institutions that settle transactions on them every second. Adversaries with a global reach and a taste for the jugular can attack these fragile cables with significant proportion. Should that occur, it would cut the flow of capital and instigate a partial or total collapse of the Internet where the vast majority of our cloud-based initiatives such as with Amazon, Google, Microsoft and all industries using the cloud would collapse with it. These cables are difficult to repair in the depth and vastness of the global oceans which are impossible to patrol. Adversaries with deep ocean submarine technologies can sever the wires in multiple locations that are hard to locate. Also, repairing and/or replacing these transoceanic cables is slow, tedious and very expensive. The repair ships themselves can become sitting ducks for an adversary to attack preventing the repair, or additional locations can be severed along the cable’s route.
The 321 communications cables at the bottom of the oceans have about 20 global choke points where the wires congregate to the landing stations or traverse narrow seaways. For example, Egypt is a strategic chokepoint connecting Europe, Indochina India. The major choke point locations in the United States are situated along the New York/New Jersey and Miami area coastlines on the Atlantic Ocean. Along the Pacific Ocean are the Washington/Oregon and Los Angeles area coastlines all designated as vital infrastructures. These global cable routing locations are well known and established with treaties with other nations years ago. The first cable constructed dates back to 1854 between Newfoundland and Ireland. There are secret cables laid on the ocean floors by governments for sensitive military communications and are highly sought after by adversaries. The locations and capacities of these cables are of course classified. Russian surveillance ships and submarines are known to lurk on the surface and under the ocean floor in search and to map the strategic cable locations. It is also noted the continual modernization of adversarial navies (Russia and China) with increased technological prowess makes the gravity of securing Internet transmission lines of grave concern. Likewise, it is fair game for state-sponsored activities to tap and spy on these cables or destroy them in time of conflict.
Most significant lines of data tend to cross within the borders and territorial waters of the United States, making wiretapping a simple practice. When documents stolen by former NSA analyst Edward Snowden were revealed, many countries were outraged to learn the extent to which U.S. spy agencies were intercepting international data. As a result, some states are reconsidering the infrastructure of the Internet itself. Brazil, for example, has deployed its own submarine communications cable to Portugal that not only bypasses the United States entirely but also excludes U.S. companies explicitly from involvement.
These cables are not only vulnerable to deliberate attacks but to naturally occurring events such as deep sea earthquakes, marine animal tampering, ships dropping anchors near cable landings, etc. The most vulnerable areas are near the shorelines thus the landing points are usually at seaboard localities where little ship traffic or other marine activities minimize the risk of damage. Coastline areas where there are gently sloping sea shelf, low currents, adequate sand and silt allowing the cables to be quickly buried are the prime locations.

Undersea Cable Design

Most undersea cables are designed to last 25 years to withstand harsh conditions and depths of the oceans they traverse before replacement is required. Since the inception of fiber optic cables in the late 1980’s, more than 1 million kilometers (621,371 miles) of cable has been laid. One of the most extended wires is the Sea-Me-We 4 (South East Asia to Western Europe) spans over 40,000 kilometers some 24,854 miles end to end, spanning four continents of Europe, Asia, Africa and Australia with many landing points in the various countries situated along the route.
A fiber optic cable consists of an inner optical core encased within a high tensile steel strength member, clad within a copper power conductor then insulated with polyethylene. This is the basic deep water cable design (water depths greater than 2,000 meters – 6,562 feet) and is usually 17 – 21mm diameter and have to withstand the pressure of 8 km (5 miles) of water on top of them. The cables are heavily shielded when they are near shore and at specific locations encased in pipes in areas of heavy surf where they make landfall. At the deepest levels of the ocean, they are thinner, roughly around the diameter of a quarter. That difference in size is because the cables actually face more threats in shallow waters, including everything from ships to marine life. Not much can happen to it in the vast depths of the oceans unless severed by deep-sea submarines and robots.

Examples of Deliberate Cable Cuts

We can forget about cyber-warfare as all one needs is scuba gear and knowing how to use underwater explosives to blast apart these cables in multiple locations. These cables, although are fiber optic carry high voltage and are best severed using bombs and not heavy wire cutters. In 2013 two significant wires were cut just north of Alexandria Egypt, men in scuba gear were arrested having sliced through the South-East-Asia-Middle-East-West-Europe 4 cable (Sea-Me-We 4) cable that connects four continents. Internet speeds in Egypt were crippled by 60% until the line could be repaired. The wire cut severely affected India’s outbound traffic resulting in a loss of approximately 50% of data transmission. The Mediterranean and Middle East regions are home to significant choke points that have crippling effects on many nations should adversaries cut the cables. Not only is Egypt a choke point but the southern reaches in the Gulf of Suez where all significant wires traverse in narrow straights between Yemen and Djibouti are located.

To understand the severity two of the three primary communication arteries were severed one that is owned by a subsidiary of India’s Reliance Group. That cable stretches a distance of 17,000 miles in the ocean depths connecting Europe and China. The second cable severed was the Sea-Me-We 4 one of the most extended wires extending some 24,854 miles (40,000 kilometers) and owned by a consortium of 15 various telecommunications companies that connected locations from Spain to Singapore. Both of these cables traversed the Mediterranean Sea going down the Gulf of Suez through Egypt and into the Indian Ocean. Another critical choke point where significant wires connect to the Atlantic and Indian Ocean system are at the straights of Gibraltar along with the northern and southern portions of the Gulf of Suez making these single points of failure.

Physical Threats Against Transoceanic Cables

Military Conflict
The most common thought on this is obviously state-sponsored military activities in times of conflict that would instantly cut off all Internet traffic by simultaneously severing most significant cables at choke points, in the open sea that lead to them, and/or in conjunction by attacking the opposite end of the cable network at other global choke points. Of high value are all the known commercial cables and those that are secretly operated by the military complex. The U.S. military has the worries of tracking advanced adversarial ships and submarines that lurk near its choke points on its shores primarily those from Russia. China’s navy has also expanded and can pose threats against cable infrastructures in the Pacific especially within their so-called nine-dash line.
Few global powers can effectively unleash an effective offensive Internet blockade against an adversary. The U.S. military complex is known to have such abilities through cyber and physical methods. Russia’s military complex has shown it is also competent as are the Chinese.

Terrorism, Islamic State, and Al-Qaeda

These organizations are dependent upon the Internet for their communication and data needs to wage their style of war campaigns. Without a reliable, redundant means to communicate to other parts of the globe, it would shut down their reach to inflict damage in other parts of the world. In essence, shooting themselves in the foot eliminating their modern necessities such as cell phones let alone their Internet access throwing them back into the stone ages.

Political Instabilities, Escalation of Costs and Other Barriers

Several telecommunication providers are seeking cable routes around critical choke points such as Egypt. Often, cable projects are delayed by years because access to crucial areas is prohibited by political instabilities, in particular, the middle east region. Alternate routes can prove too costly unsuitable for a return on investment delivered by the project itself. It is the cost factor alone that would drive a consortium of telecoms together to share the costs of projects on such a massive scale. Add to that the complexities if the cables traverse the territorial waters of a nation (no other route choice) that demands exorbitant royalties for the right of passage. Once infrastructure costs escalate the impact of Internet services will substantially increase as well.
The key is redundancy in the cable network, yet regional political instabilities can hold the cables traversing a choke point hostage. In the Egyptian cable cut, the effect along the East African coast was devastating. Internet service beyond the borders of countries from central Africa to South Africa was virtually nonexistent for nearly a week by the time the cable was repaired.
It’s all security through obscurity, a primitive method of protecting our undersea cable system that carries the Internet which makes it surprisingly vulnerable. Satellites orbiting the earth cannot match the heavy lifting and back-haul capabilities that the submarine cable system provides points around the globe. Satellites offer access to remote areas of our planet where cable has not been practically laid. Even then the massive latency and limited bandwidth prevent them from being a viable solution carrying the bulk of Internet traffic. Consider that nobody gave security of our global undersea cables much thought.
Interactive global map updated continually: