Tag Archive for: undersea cables

China’s shadow fleet threatens Indo-Pacific communications

China is using increasingly sophisticated grey-zone tactics against subsea cables in the waters around Taiwan, using a shadow-fleet playbook that could be expanded across the Indo-Pacific.

On 25 February, Taiwan’s coast guard detained the Hong Tai 58 after a subsea cable was cut in the Taiwan Strait. The vessel was registered to Togo but crewed entirely by Chinese nationals. It had Chinese characters on its hull and operated under multiple identities with conflicting markings, documentation and tracking data. In another incident in early January, the Shunxing 39—a Chinese-owned vessel flagged under both Cameroon and Tanzania—was implicated in damaging a section of the Trans-Pacific Express subsea cable, an important telecommunications link between Taiwan and the United States.

While China has targeted Taiwan’s undersea cables for years as part of its grey-zone operations, it has subtly shifted tactics. Previously, vessels involved in suspected acts of sabotage were registered to China. Now, they are increasingly operating under foreign flags, forming a shadow fleet. This strategy resembles Russia’s subsea cable tactics in the Baltic Sea.

States such as North Korea and Iran often use shadow fleets—ageing vessels registered under flags of convenience—to get around sanctions, to trade or transport illegal or prohibited goods, or to undertake illegal fishing. The vessels are operated through intricate corporate structures, with shell companies established in one country, management based in another and vessels registered elsewhere again, providing states with deniability. They use deceptive tactics including manipulating identification systems, turning off tracking systems and changing names and flags. If caught, vessels can be easily abandoned and their legal entities dissolved, rendering traditional countermeasures such as sanctions largely ineffective.

Since its invasion of Ukraine, Russia has relied on a large shadow fleet, not only to evade oil sanctions but also to conduct a campaign of hybrid warfare against NATO—including allegedly damaging European subsea cables and critical infrastructure. For example, in December, Finnish authorities seized the Eagle S after it allegedly damaged five subsea cables. The tanker was flagged under the Cook Islands but operated by a Dubai-based company with Indian management. Moscow denied any involvement, pointing to the vessel’s non-Russian links.

China has also surfaced in Russia’s operations. In November, the Chinese-flagged Yi Peng 3—which had departed from a Russian port—was suspected of severing two undersea cables, one linking Lithuania to Sweden and another connecting Germany to Finland. In 2023, the NewNew Polar Bear, a Chinese-flagged but Russian-crewed vessel, was responsible for damaging Baltic subsea cables and a gas pipeline. China admitted the vessel was responsible for the damage, but claimed it was accidental.

These cases highlight the value of shadow fleets as tools of hybrid warfare. Subsea cables are notoriously susceptible to accidental and environmental damage. Proving intent to sabotage and holding parties accountable is very difficult.

Despite this, NATO has been working to expose and deter Russia’s hybrid warfare tactics.

Taiwan has taken note. In January, it blacklisted 52 Chinese-owned vessels suspected of operating as its shadow fleet registered in countries such as Cameroon, Tanzania, Mongolia, Togo and Sierra Leone. Following the recent cable-cutting incidents, Taiwanese authorities publicised detailed evidence—including vessel ownership, flag state and tracking system manipulation details—to pre-empt China’s denial. They have also been tracking and boarding suspicious vessels. Taiwan recently raised the alarm about a Russian-flagged vessel lurking for weeks over a subsea cable, recognising the growing coordination between China and Russia in hybrid warfare operations.

While Taiwan has borne the brunt of these efforts so far, China is unlikely to be overly concerned about deniability over future subsea cable sabotage affecting Taiwan. After all, Beijing’s primary goal is to exert pressure on the island, not conceal its intentions.

However, what happens in the Taiwan Strait will not stay in the Taiwan Strait. China’s shadow-fleet tactics are likely to expand across the Indo-Pacific, where maintaining a level of deniability would be beneficial. China already deploys grey-zone tactics in the region, from intimidation of vessels in the South China Sea and targeted incursions in disputed territorial waters, to strategic infrastructure investments that create leverage over its neighbours. Targeting subsea cable infrastructure is another tactic in Beijing’s coercion toolkit—one that targets connectivity while maintaining plausible deniability and operating in the grey-zones of international law and accountability.

The Indo-Pacific—with its vast maritime distances, congested shipping lanes and uneven surveillance capabilities—is fertile ground for such operations. Frequent accidental cable damage and existing territorial disputes may further complicate attribution and response. The region’s economic ties with China would make coordinating any responses even harder.

From filing patents on subsea cutting technology to unveiling a powerful new deep-sea cable cutting device, China’s clearly gearing up to expand its subsea cable operations. As Taiwan works to protect its critical infrastructure, the rest of the Indo-Pacific should enhance regional cooperation and reassess existing deterrence strategies.

If recent incidents in the Baltic Sea and around Taiwan are any indication, disruptions in the Indo-Pacific are not a question of if, but when. The most effective counter to Beijing’s shadow-fleet operations is exposure through public attribution and communication. After all, a vessel cutting cables near a state’s shores may well be flying a neighbour’s flag but taking its orders from Beijing.

Australia should work with South Korea to secure undersea cables

South Korea and Australia should enhance their cooperation to secure submarine cables, which carry more than 95 percent of global data traffic.

As tensions in the Indo-Pacific intensify, these vital connections face risks from cyber intrusions, sabotage and state-backed interference, particularly amid China’s growing maritime influence. South Korea boasts advanced technical expertise, while Australia has strong maritime capabilities and intelligence connections and is geographically well-placed. The two countries should combine these strengths to secure undersea infrastructure.

South Korea’s digital expertise is highly valuable. Integrating South Korea’s AI-based threat detection with Australia’s intelligence-sharing networks will enable both countries to identify and respond to cyber threats more effectively. The geographic advantages of Australia—and, to some extent, South Korea—can facilitate joint maritime patrols to protect cables, as well as diversification of infrastructure, including alternative cable routes and land-based backups.

Legal reforms and stricter cybersecurity regulations for telecom operators are necessary, alongside public-private partnerships in encryption and threat detection.

Submarine cables are a strategic asset that could be targeted in times of crisis. China’s maritime expansion and technological capabilities heighten concerns over potential data interception and infrastructure disruption.

South Korea’s advanced position in telecommunications technology and cybersecurity is a strength in digital infrastructure resilience. Australia is in a key position in the global cable network because of its geographical position.

Currently, there is no comprehensive global governance framework to secure submarine cables. The United Nations Convention on the Law of the Sea (UNCLOS) provides some legal protection but does not adequately address emerging threats such as cyberattacks and hybrid warfare tactics.

Additionally, jurisdictional complexities and private ownership of most submarine cables mean there are gaps in coordinated response mechanisms. Furthermore, many regional states, including South Korea and Australia, have historically prioritised military security over digital infrastructure resilience, leading to insufficient attention to undersea vulnerabilities.

Existing security and economic partnerships could fill these framework gaps, facilitating intelligence-sharing, cyber defence initiatives and coordinated threat assessments. This would help facilitate preventative threat management, rather than relying on reactive measures.

Bilaterally, a South Korea-Australia cybersecurity pact could further enhance coordination on emerging threats. A comprehensive pact would include provisions for physical elements of cyber infrastructure, such as subsea cables. Collaborative projects, such as the development of regionally secured data hubs, could protect sensitive information flows from geopolitical disruptions.

Joint surveillance efforts through AI-based monitoring systems and satellite tracking could strengthen real-time detection of disruptions. Both countries’ navies should also expand maritime patrols along key submarine cable routes to deter adversarial interference. A regional submarine cable security task force could also be established to ensure ongoing coordination and rapid response to emerging threats.

South Korea and Australia must work together to build resilience through infrastructure diversification. They could, for example, support alternative cable routes, reducing dependency on single points of failure or a monopoly of control. Investment in land-based backup systems and secure satellite communication should also be prioritised. Governments should provide financial incentives to private sector companies investing in resilient cable infrastructure and establish joint research initiatives to develop advanced protective measures against cyber threats and physical disruptions.

Legal and policy advancements should accompany these efforts. South Korea and Australia must push for amendments to UNCLOS that address modern cyber threats and advocate for international agreements that criminalise malicious activities targeting undersea infrastructure. A bilateral treaty specifically focused on the protection of submarine cables in the region could establish clear rules and mutual obligations, setting a regional example.

At the national level, stricter regulations on private telecommunications operators, including mandatory cybersecurity protocols and compliance standards, would further enhance resilience. Both governments should also establish mandatory reporting mechanisms for cable operators to immediately share information on potential threats.

Public-private partnerships will be essential in this effort. Governments, technology firms and telecommunications providers should collaborate on encrypted data transmission protocols and conduct regular cybersecurity simulations to prepare for potential attacks. Joint research and development efforts in cable security technologies, including quantum encryption and automated anomaly detection, could position South Korea and Australia as global leaders in digital infrastructure protection.

Establishing a joint Indo-Pacific digital security forum would further institutionalise collaboration and knowledge-sharing on best practices. Increased investment in training programs for cyber resilience experts could also ensure that both countries maintain highly skilled personnel to respond to future challenges.

Securing submarine cables is not just a strategic choice but a necessity for economic stability and regional security. South Korea and Australia should create a long-term roadmap for continued investment in submarine cable security, ensuring sustained cooperation and adaptation to evolving threats.

Meta’s Waterworth cable project is about geopolitics and geoeconomics

Announced on 14 February, Meta’s Project Waterworth is not just proposed to be the world’s longest submarine cable but reflects ever-shifting geopolitical and geoeconomic landscapes. It presents a great opportunity for Australia to collaborate more with its regional partners, especially India and the Pacific countries, on technologies keeping us online.

For Meta, this addition to subsea infrastructure is slated to open a chance to monetise accelerating international data flows. In developing and running this cable, Meta also seeks to prioritise its own traffic and minimise latency for its and its partners’ infrastructure and services. No surprises there.

But what is different this time is the clear recognition of intense geostrategic competition featuring both state and non-state actors. Connecting five continents, the proposed route, longer than the circumference of the planet, avoids areas subject to malign influence or control, such as the Baltic, Red and South China seas. Meta plans to lay as much of the cable as possible in deep water, making it harder for malicious actors to spy on or sabotage it.

Perhaps an even bigger takeaway is Meta’s choice of locations for cable landing points: the coastlines of three BRICS countries (India, South Africa and Brazil) and three Quad countries (India, Australia and the United States). With India being in both groupings, the route particularly reflects India’s rise as a digital, geopolitical and economic power. Meta has specifically said the cable will support India’s continued rise in the digital realm. With the world’s largest population, India is both a massive source of data to train Meta’s AI products and an emerging hub for data centres.

More broadly, Meta is seeking to be a bigger player in the submarine cable industry, and thus in geopolitics, competing with fellow US hyperscalers Google, Microsoft and Amazon. Indeed, those three companies and Meta represent about three quarters of active submarine cable capacity worldwide. Meta seeks to go one better by, as it said, ‘opening three new oceanic corridors’ with Project Waterworth.

Meta knows how the geostrategic significance of submarine cables is causing the technology’s politicisation, reflecting an ongoing split between the anti-China and pro-China camps in telecommunications amid the larger Sino-US technological rivalry.

As a US technology company, Meta arguably seeks to reinforce its value as a member of the anti-China camp, alongside Google, Microsoft and Amazon. It would see Project Waterworth as a downpayment on support from Western and partner governments (such as finance, easier regulatory approvals and oversight, and more robust diplomatic and operational support) to help counter Chinese influence in digital infrastructure, especially in the Global South.

In this context, Meta must beware cyber supply-chain risks that can arise from its and its operating partners using: Chinese equipment at any point in the technology stack; and unvetted remote access applications, managed security service providers and managed network service providers.

Rising cyber threats around telecommunications infrastructure underline the importance of such cyber supply chain risk management. In 2022, cybercriminals attacked the servers of the operator of a submarine cable that connected Hawaii with the Pacific. Chinese state-sponsored hackers have compromised US terrestrial telecommunications infrastructure for espionage and pre-positioning malicious capabilities to be deployed during a major security crisis (such as a Taiwan contingency).

Indeed, such are the risks to submarine cables that the US  Federal Communications Commission has proposed reforms to its regulatory regime. These changes relate to: cyber risk management by operators; banning certain hardware or software from regulated cables and their infrastructure; risks from remote access solutions; and cable operators reporting their use of managed network service providers.

While Project Waterworth may seem like just another planned cable by another Big Tech company, Australia should be paying attention because a cable landing point in northern Australia has been proposed. Meta’s plan reinforces the extraordinary significance of the maritime domain for Australia, with more than a dozen submarine cables already connecting us with the world via the Indian and Pacific Oceans. India’s role as a landing site is also important as Australia seeks to continue boosting economic and technology ties with New Delhi.

Project Waterworth also allows for further cyber diplomacy with Pacific partners. The project could bolster Pacific connectivity and cyber resilience through branches to Pacific countries, complementing Google’s efforts through the Pacific Connect Initiative.

The project further offers Australia the opportunity to work with regional partners to tackle regulatory fragmentation and boost operational collaboration on submarine cables. For example, the Australian Communications and Media Authority should engage regional counterparts to identify opportunities to harmonise and expand regulatory regimes, such as for cable repair and by mandating transparency from operators around cable damage (as ASPI’s Jocelinn Kang and Jessie Jacob have recommended). Canberra should work with regional partners to also increase information-sharing on risks around cables traversing exclusive economic zones. The Cable Connectivity and Resilience Centre of the Department of Foreign Affairs and Trade could help mediate such engagement, while the Australian Cyber Security Centre and Cyber and Infrastructure Security Centre could provide expert advice to inform policy on the operational resilience of submarine cable infrastructure

Project Waterworth reflects our brave new world, especially its contested digital and maritime domains, and the opportunity for Australia to collaborate further with regional partners to keep us all online.

Baltic subsea sabotage: China gets away with non-cooperation

On Christmas Day, one of two cables connecting Finland’s electricity grid to Estonia, Latvia and Lithuania was cut. Four data cables—three linking Finland and Estonia and one between Finland and Germany—were broken at the same time.

This and two earlier instances have heightened concerns about the vulnerability of Europe’s undersea infrastructure, prompting calls for enhanced security measures and international cooperation to safeguard critical communication and energy links.

It’s also a timely reminder to Indo-Pacific countries to think about how their region is similarly vulnerable to subsea sabotage.

Once could be an accident, and twice might be a coincidence. But three instances look like a trend that we shouldn’t ignore or tolerate, especially since we know malign actors like Beijing and Moscow also have the capability to disrupt our critical infrastructure through prepositioned malware.

Finnish authorities are investigating the outage. On 26 December, Finland used heavily armed elite units to board and forcibly detain a tanker, registered in the Cook Islands but in fact Russian, suspecting its crew had deliberately severed the cables. Finnish authorities say the tanker, which was carrying oil, is part of Russia’s effort to avoid international trade sanctions. The ship is also reported to have been equipped for listening to radio transmissions as an intelligence gatherer.

Finnish authorities could board the ship and arrest its crew without the consent of its owner or the country of registration only because it was in Finnish waters. But doing so still required Finland to have the political will to take bold action.

Several data cables and a pipeline connecting Finland and other Nordic countries to the European mainland have been severed in the past year in suspected deliberate anchor-dragging incidents. Jukka Savolainen, a Finnish navy officer and director of the European Center of Excellence for Countering Hybrid Threats, a body established by NATO and the European Union, has suggested publicly the high number of similar cable breaks shows that the perpetrators are testing whether cheap civilian ships can cause disruptions of critical infrastructure.

The latest Finnish incident follows the simultaneous severing of two undersea data cables in mid-November. The BCS East-West Interlink cable, connecting Gotland to Lithuania, was severed around 17 November, causing substantial disruptions to telecommunications services.

The next day, the C-Lion 1 submarine telecommunications cable, linking Helsinki to Rostock, Germany, was also cut. The damage was detected near the southern tip of Sweden’s Oland Island. The operator, Cinia Oy, said an external force had severed the cable.

Both cables were restored by 28 November. Investigations are ongoing, involving authorities from Sweden, Finland, Lithuania and Germany. A China-flagged ship, Yi Peng 3, which was present near the disruption sites, has been a focus.

On 23 December Swedish authorities said China had denied a request for prosecutors to conduct an investigation on the ship. It left the area soon after. If, as seems very probable, the crew were saboteurs, investigators cannot now hold them accountable. Swedish authorities have criticised China for withholding full access to the vessel.

According to the United Nations Convention on the Law of the Sea, China, as the home state of the vessel, is not obliged to give other countries access to it. And only China holds the sole authority to prosecute. The ship was detained in international waters, so Swedish police could only observe the situation; they could not investigate. An accident commission could separately interview the crew and examine the anchor but could not prosecute. Legally, Sweden has limited options beyond seeking economic compensation from the ship’s owner.

Since China has persistently breached the same convention in the South China Sea, its disregard for the interests of other countries in the Yi Peng 3 case comes as no surprise.

The key point is the rest of the world, which does care about such rules, can’t afford to let malign actors continue to get away with it.

Beijing’s refusal to cooperate fully with investigations erodes trust and transparency. These are particularly crucial in incidents involving shared resources, such as undersea cables, which serve as critical infrastructure for multiple nations. A refusal to comply with international investigative norms also encourages other states to act similarly.

China is also ignoring its responsibility to assist in uncovering the truth and ensuring accountability, undermining cooperative norms that underpin a global rules-based order. Under international law, states must prevent and address harm caused by their vessels in foreign or international waters.

Furthermore, disruption of undersea cables not only affects regional communications; it also has significant economic implications and poses risks to broader economic stability. So, China’s non-cooperation exacerbates tensions in Europe and raises concerns about its commitment to preserving the stability of global infrastructure.

Good international citizenship requires states to act in a manner that supports global security. They should be transparent and accountable. China’s refusal to cooperate fully and Russia’s continued effort to break sanctions are at odds with these principles. These incidents show how the Russia-China axis is increasingly working in sync to the peril of the rules-based liberal order. Political will, and unity of purpose, is needed to make clear this is intolerable.

Darwin is key for undersea data links. We must promote their resilience there

Australia needs further investment into Darwin’s digital infrastructure to leverage the city’s proximity to Asia and support the resilience of international data flow through subsea cables.

Actions should include establishing an office to coordinate industry and government agencies, and it should build a substantial capability in Darwin to repair cables.

The importance of acting is underscored by Google’s November statement that it would lay a data cable from Darwin to Singapore via Christmas Island and by ongoing joint efforts by Australia, the United States and Japan to increase connectivity in the Pacific.

As subsea links, such as the existing Darwin-Jakarta-Singapore Cable, become Australia’s digital lifelines, their security and resilience become paramount. Disruption to them would have profound consequences for both Australia’s economy and national security.

Darwin’s role in the Indo-Pacific digital ecosystem is growing ever faster, making the city increasingly central to global data flows. Vulnerabilities come with dependence on such infrastructure. Incapacitation of these cables—whether through physical damage or cyber threats—would severely affect Australia’s economy, security, and geopolitical standing.

The government’s current approach to managing subsea cable security lacks the coordination needed to address the growing challenges in this space. With multiple agencies involved, from the Department of Infrastructure to the Australian Communications and Media Authority, Australia needs a more unified and proactive approach to safeguarding these assets.

Given the national security stakes, Australia must establish a dedicated domestic subsea cable coordination unit to oversee construction, maintenance and security. This unit should serve as a clearinghouse, working closely with key government stakeholders, telecommunications regulators and private sector players—including major tech firms, such as Google and Meta. By integrating their expertise, the unit could ensure that subsea cables were shielded from physical and cyber threats, coordinating national security efforts and fostering a unified response to emerging risks.

As Darwin continues to evolve as a data hub, Australia’s capacity to swiftly repair damage to its subsea cables is becoming increasingly critical. To maintain resilience, the government must establish a local repair hub. This includes building up domestic repair capabilities, which could be achieved through partnerships with international cable operators or by developing local expertise within the Northern Territory. A dedicated repair ship, staffed with a rapid-response team based in Darwin, would be invaluable, ensuring that cable damage was addressed quickly to minimise disruption. This approach would further strengthen Australia’s position as a reliable player in the global digital infrastructure arena.

To support this growing digital infrastructure, Darwin’s physical and digital capabilities must also be scaled up. This requires robust terrestrial backhaul connections and investment by large cloud-service providers in world-class AI data centres.  We also need a regulatory framework that supports the increasing volume of data while addressing potential physical and cyber threats.

The Northern Territory offers geological stability and an advantageous position for connections to Singapore, itself an important node in the global submarine cable network. These advantages make it an ideal place for increasing Australia’s overall telecommunications and subsea cable resilience by diversifying submarine cable landings from clogged areas like Sydney and existing areas like Perth.

As the volume of data flowing through the region rises, so too must the capacity to handle it securely and efficiently. Strong, resilient infrastructure will not only bolster Australia’s own security but position the country as a reliable alternative to higher-risk regions. It will also attract investment and foster deeper international partnerships, particularly with allies such as the United States and Japan, who are already deeply engaged in securing subsea cable infrastructure.

Australia must also step up its role in the global dialogue surrounding subsea cable security. Given the interconnectedness of these cables and their importance to international trade and security, it cannot afford to act in isolation. Active participation in global initiatives is essential. For example, in September, Australia endorsed the New York Statement on Undersea Cables, which calls for international cooperation to safeguard the links.

By engaging in these discussions, Australia can share insights on emerging threats, establish best practices for protection and help shape global responses to subsea cable disruptions. This leadership would further cement Australia’s position as a key partner in global digital infrastructure security.

The time for action is now. Australia’s government must move decisively to secure the subsea cable infrastructure of the Northern Territory, ensuring long-term resilience and reliability.

With its strategic location in the Indo-Pacific, Darwin is poised to be a cornerstone of global digital connectivity, not only serving as a gateway for Australia but also reinforcing regional security and economic stability. By securing subsea cable infrastructure, Australia will pave the way for a secure, resilient and interconnected future, reinforcing both its national interests and its partnerships with key allies.