While the world worried on Wednesday about the implications of what may be the largest denial of service, or DDOS, attack ever — as two European groups feuded over what does and does not constitute spam — a much more serious Internet threat was averted when Egyptian police apprehended three individuals found hacking away at undersea Internet cables in an apparent attempt to cut off communications between Asia, Africa, and Europe.
According to Dr. Tal Pavel, CEO of MiddleEastNet, which catalogs intelligence about events affecting the Internet in the region, the chances that the three are affiliated with a terrorist group are “very high.”
Pavel referred to a recounting of the incident on the Facebook page of the Egyptian Navy, which described how sailors were called in to investigate suspicious activity off the coast of Alexandria. Divers were seen entering the water from a fishing boat about 750 meters off the coast — right atop the nexus of several Internet communication cables that connect India, the Middle East, and Europe. Sailors raided the ship and found cutting equipment and other proof that the divers were working to disrupt Internet service — with further evidence coming from the damage caused to the SEA-ME-WE-4 cable.
The three had apparently been at the hack job for a while, said Pavel; Egyptian officials reported a significant slowdown in Internet speed on Wednesday. The original complaint was filed by Egypt Telecom, responsible for Internet connections in Egypt, and responsible for the segment of the cable that passes through Egyptian territory.
Wednesday’s cable hacking attack was the second one off the Egyptian coast in a week. Days before, the SEACOM cable, which connects Africa and Europe, was partially damaged, causing a 60% reduction in Internet cable communications in Egypt, Pavel said.
It’s not clear if there is a connection between the damage to SEACOM and SEA-ME-WE-4, but Egyptian officials are investigating.
So far, there is no information as to the identity of the vandals, but Pavel said that it is very likely that they will turn out to be terrorists, affiliated with al-Qaeda or other radical Islamist groups. The attacks may be a new attempt by Islamists to cut off Internet access so as to prevent reports of increasing protests against the Egyptian government from getting out to the rest of the world.
That view was confirmed by Internet security expert Daniel Nisman, Middle East and North Africa Intelligence Manager for Max Security Solutions in Tel Aviv. Writing in the Huffington Post, Nisman said that “Anyone familiar with Egypt’s explosive post-revolution politics could easily point out a number of actors who would be more than ecstatic to cut off the country’s 80 million residents from the outside world. The most obvious candidate would be the Muslim Brotherhood, which has come under immense criticism from just about every corner of the political spectrum for the failings of the Morsi administration, whom it supports.
“At a time of growing political violence, police brutality, and economic doldrums, there are likely more than a few Brotherhood members would like to hinder their opposition’s proliferation of politically-damaging content over the Internet. It is also worth mentioning, that if anyone in Egypt knew the location of the country’s fiber optic cables, it would be the now Brotherhood-dominated Communications Ministry,” Nisman added.
According to Pavel, “Damage to any major undersea cable is very serious, as it is a one-time event that could significantly disrupt Internet communications for hundreds of millions of people.”
“The Internet includes a large number of such cables, some of which are redundant in order to provide backups in case of damage.” But the system is vulnerable, he said. “Many of the world’s most important cables crisscross at major intersections around the world, and the area of the Suez Canal near Alexandria is one such area.”
Thus, terrorists could cause a great deal of damage in a relatively short amount of time if they target a sensitive area, Pavel said.
“These two damage incidents illustrate the ease with which interested parties could impact negatively on the smooth running of the Internet, perhaps shutting the Internet down partially or even fully in a large part of the world,” said Pavel. “Taken with the news of the major DDOS attack that has been ongoing, it is clear that the there are many threats to the Internet, and that new security strategies to deal with these threats are needed.”