Today's cyber-physical systems face diverse threats that endanger global communications, including accidental damage, geopolitical sabotage, DDoS attacks, and natural disasters. Network operators are battling a many-headed hydra, with each threat requiring a unique mitigation strategy. Whether this amounts to proactive DDoS mitigation, physical security, or network weatherproofing, Internet carriers have their hands full. Transparency is also particularly challenging as today’s digital and physical battlegrounds become increasingly intertwined. The delicate balance of transparency compounds existing security problems because network operators must keep essential parties informed on network cable locations while keeping them hidden from malicious actors.
The DDoS Landscape, Then and Now
The DDoS landscape has shifted massively over the past few years, coinciding with evolving network threats. Botnets became more sophisticated in 2020, with hackers targeting and infecting vulnerable systems, often IoT devices, due to their lack of safeguards. Operators developed defenses against volumetric attacks, with DDoS attacks becoming smaller yet more intelligent in response. Since 2022, DDoS attack trends have reflected geopolitical tensions, with state-sponsored attacks becoming primary weapons of hybrid warfare.
DDoS mitigation is like trying to hit a moving target. So, where do we go from here in this cat-and-mouse game? Companies can implement a multi-faceted network security strategy to stay proactive. Network segmentation is crucial, helping companies separate their critical services from public-facing systems. Additionally, Domain Name System (DNS) resilience helps operators distribute DNS queries across multiple servers in various locations to balance traffic loads. Dedicated DDoS defense in the cloud is also helpful in preventing on-premises systems and access links from being overwhelmed during a sustained assault. While these and other cyber safeguards are essential, increased collaboration between network operators and authorities is equally important. Industry cooperation can help IT infrastructure owners and operators collaboratively close the network’s weak spots while responding more decisively to threats.
Accidental vs. Intentional Damage
Geopolitical sabotage consistently makes headlines. We saw this recently when Houthi rebels shot down a cargo ship, which then dropped its anchor to keep itself from drifting and sliced three Red Sea cables, subsequently affecting 25% of traffic between Europe, Asia and the Middle East. Accidental and intentional damages reflect the tenuous balance of transparency in the telecommunications industry. Network operators strive for total transparency when providing fiber cable locations to customers and essential workers, but they must balance this with keeping these locations unknown to bad actors.
However, this balance is challenging. For example, we could surround terrestrial sites with barbwire fences, but that may draw even more attention to the buildings these fences protect. Amid these difficulties, increased communication and standardization between network operators and local authorities is crucial for improving information disclosure. This can help the telecommunications industry be more cautious about the infrastructure maps it shares and, ideally, establish more rigorous vetting processes for information sharing. Global cooperation is essential here, as network security is often a matter of national security.
Weathering the Storm
Natural disasters, such as Hurricane Milton, have continuously disrupted physical network infrastructure in 2024, preventing communications between affected people and their loved ones. Arelion experienced this recently when a landslide in San Diego resulted in fiber cables falling into the Pacific Ocean. While this incident did not impact downtime directly due to the availability of an alternative path, it resulted in limited redundancy and higher risk. For example, if the alternative path also went down, then service would have been drastically impacted across the San Diego area. Physical damage is especially challenging because it is more difficult and costly to mitigate and repair than cyber threats like DDoS attacks. The industry must begin to implement effective network weatherproofing strategies, as these incidences will only become more common and severe as climate change escalates. As the weather becomes more volatile, deeper collaboration with government officials and weather authorities will prove critical to creating comprehensive disaster response plans.
This collaboration may eventually enable Internet carriers to leverage information from these agencies’ advanced geospatial monitoring systems, helping operators decide whether they need to bury certain cables deeper or build additional routes in susceptible regions. Another method that will prove crucial is building networks with advanced weather-resistant materials, including seismic bracing, flood-proof enclosures, wind-resistant structures and more. Additionally, network redundancy is vital for mitigating the effects of natural disasters, helping Internet carriers eliminate a single point of failure by ensuring they have multiple diverse pathways for Internet traffic if one route is compromised.
Collaboration to Protect Global Communications
While the cyber-physical threat landscape is daunting, network operators are progressing in several areas to improve resilience. There’s still much work to do, with industry collaboration as the underlying thread uniting these mitigation strategies. By leveraging each other’s insights and strengths, industry stakeholders can enhance resiliency and slay -- or at least subdue -- the many-headed hydra of cyber-physical threats.