If we didn’t know already, the COVID-19 pandemic has driven home the fact that data is the most important strategic asset of the 21st century. Never has the world depended more on digital data flows as when millions of workers and students switched to remote access and when online retail took the place of shuttered stores.
As much as our digital interconnectedness is powering innovation, commerce, and interaction, it is also generating new risks and vulnerabilities. This is because the digital systems on which we all depend — the internet, cloud computing, 5G telecommunications infrastructure — are insecure by design, poorly regulated, prone to abuse, and vulnerable to attack. With billions of new devices and hundreds of millions of people newly connected each year, the so-called attack surface — the myriad ways in which we are exposed via connected devices and ubiquitous services — is expanding exponentially.
Understanding the geography of digitalisation, including systemic vulnerabilities across public and private networks and dangerous weaknesses in supply chains, is more important than ever. Doing a better job to map the globe’s ever more pervasive digital networks — the satellites, submarine cables, and cell towers that distribute data and connect people and things to each another — can help identify systemic risks and ways to mitigate them.
Our digital footprint in the physical world — from the rare-earth elements that power our electronic devices to the infrastructure that directs each bit and byte — leaves a cartographic impression that can be tracked and mapped on a highly granular scale.
Rare earths
It is easy to forget that the basis of our digital world is physical. The fibre-optic cables, batteries, circuits, and devices that drive digitalisation are constituted of minerals. Copper, quartz, silicone, cobalt, lithium, and the rare-earth elements — a family of 17 metals — are used in virtually every electronic device on the planet. Yet most rare-earth production takes place in China, which controls well over 80% of the global supply, followed by the United States, Myanmar, and Australia.
Against a backdrop of rising demand for these elements, China is trying to secure its dominance over the global supply chain, while other countries are increasingly recycling electronic waste and extracting base materials to reduce their dependence on others. Rising tensions with China have propelled efforts by the US to shake up China’s near-monopoly in rare earths and strengthen self-reliance.
Rare earth bottlenecks
Rare earth elements consist of 17 silvery-white heavy metals often found together. In the 1950s, global production was concentrated in Brazil, India, and South Africa. Today, China produces more than 80% of the global supply. There are close to 800 reported rare-earth mines and deposits, with most production occurring in places such as Inner Mongolia and Western Australia.
The risk of supply chain disruptions, including in the mining, processing, and shipping of rare earths, is very real. For example, China has imposed restrictions on its supplies in the past, including to Japan, which drove up global prices for a range of manufactured technologies. Japan has since expanded its strategic stockpile.
Hacking and ransomware threats to production and processing facilities are also rising.
Meanwhile, the mining of rare earths is wreaking ecological havoc. While rare earths are actually quite abundant, their extraction and separation are expensive and environmentally destructive. China has steadily expanded production both at home and in Africa, where it is less encumbered by environmental and labour regulations. Chinese-run mines have generated massive leaching pools of ammonium sulphate and ammonium chloride, contaminating water supplies and cropland.
Satellites
Many of the systems powering the planet’s digital networks are not on Earth but in space. The first satellites were launched in the 1950s, and today there are more than 6000 of them orbiting the planet, of which more than 2600 are operational.
Some of them generate information on the weather or the Earth’s surface, while more than 1000 communication satellites facilitate internet, cellular, television, and radio access. A host of satellite constellations in low Earth orbit are offering low-latency internet access from space.
Threats against satellites from nation-states, including the intentional disruption of their signals, are hardly new. Yet there are growing concerns about the expansion of ground- and space-based capacities to spoof, jam, damage, and destroy satellite systems.
China, Russia, and the US are all moving rapidly towards the weaponisation of space, mostly with the argument of deterring threats from rivals. Russia and China have tested several satellite-destroying systems — both ground-to-space ones and space-based ones known as “killer satellites”. Satellites are also surprisingly vulnerable to hacking.
Meanwhile, satellite images are increasingly exposed to generative adversarial networks that manipulate remote sensing images. Deepfakes — extremely convincing false images and videos — are now a problem in outer space, too.
Undersea cables
Digital infrastructure isn’t expanding just in the heavens above but also in the seas below. There are more than 420 submarine cables transporting about 95% of cross-border data and voice traffic.
The first undersea cable was laid in 1858 from Ireland to Canada, allowing users to share a few words an hour. By 1900, there were more than 130,000 miles [210,000km] of cable stretching around the world. Fibre optics only appeared in 1988, and today there are more than 700,000 miles of cable transmitting close to 160 terabits per second.
With the voracious data transmission needs of cloud computing, large tech companies are driving most new investment in submarine cables. Amazon, Facebook, Google, and Microsoft alone have invested more than $20 billion in new cables over the past few years. One of Google’s latest, a submarine cable linking Europe and the US called Dunant (named after Henry Dunant, the Swiss founder of the Red Cross and first recipient of the Nobel Peace Prize), can transmit a record-breaking 250 terabits per second.
Vulnerable submarine cables
There are at least 426 submarine cables in operation around the world transporting about 95% of cross-border data and voice traffic. Their total length is an estimated 1.3 million kilometres, ranging from the 130km CeltixConnect cable linking Britain and Ireland to the 20,00km Asia America Gateway cable.
The strategic importance of undersea cables and the operating stations connecting them to terrestrial networks cannot be overstated. They are one of several battlefronts in the ongoing information wars. They can be tapped to gain intelligence, snipped to slow communications, or implanted with backdoors to siphon raw data.
China, Russia, and the US each have the capability to sabotage cables with specially designed spy submarines, for example, a strategic vulnerability that is widely acknowledged among defence experts.
There are very few manufacturers with the ability to lay such cables. Huawei Marine Networks, until recently a subsidiary of the Chinese telecommunications giant, has built or repaired almost a quarter of the world’s cables.
Vulnerable networks
Cellphone towers are the nervous system of the digital world. They are also ubiquitous. Groups such as OpenCelliD have located more than 36 million unique GSM cell towers globally.
Typically located in highly populated areas, these towers primarily receive and transmit voice and data from and to cellphones and other devices. Some are camouflaged as flagpoles, while others are mounted on buildings.
Their density varies: 3G and 4G towers can be spaced between 30 and 90 miles apart, while 5G towers are often clustered more closely together, with distances varying between 800 and 1000 feet (240-305 metres).
Proliferating cell towers
The tens of millions of telecommunications towers documented by OpenCelliD are not evenly distributed. The redder the cluster, the more towers. Fewer towers are observed in China because of reporting biases.
Despite our overwhelming reliance on them, cellular networks are virtually impossible to protect from hacking, and few carriers have the practical means to defend themselves.
Most data traffic is unencrypted, and the systems that power the networks are unable to distinguish between legitimate and malicious commands. This is because the underlying protocol for most systems is outdated, which means systems can be easily breached. (The black market is rife with offers.)
There are also devices that can simulate cell towers — known as IMSI catchers or Stingrays — that can ensnare unsuspecting users by intercepting or eavesdropping on calls.
Data centres
These are the nodes that power communications around the world. First appearing during the 1940s, they are now critical to sustaining public and private cloud platforms, including those of Alibaba, Amazon, Facebook, Google, IBM, Microsoft, Oracle, and Twitter.
A data centre is essentially a dedicated space to house computer systems, including for telecommunications and data storage, much of it redundant.
A large centre can use as much electricity as a decent-sized city. Since the start of the internet boom in the late 1990s, data centres have exploded in number, as have their scale and environmental impact — including about 1% of global electricity use.
Today, there are millions of data centres around the world, including more than 540 hyperscale centres with tens of thousands of computer racks. Range International Information Group in Langfang, China, is reportedly home to the largest centre, spanning more than 6.3 million square feet.
The vast majority are in the US, followed by China, Japan, and parts of Western Europe. Hackers are increasingly targeting data centres to hijack systems, pilfer accounts, and steal industrial secrets. One reason data centres are getting hacked is because they are often easy targets due to the fact that they are often poorly defended against digital malfeasance, the persistence of legacy systems that are easily breached, and the growing sophistication of cyber arsenals.
Connected societies
The COVID-19 pandemic and accompanying lockdowns accelerated the dependence of governments, businesses, and entire societies on digital technologies.
Countries, states, and cities with adequate mobile networks, decent broadband, and digitally literate populations tended to fare better than those without them. Some societies are more digitally connected than others: there are still more than 3.7 billion people without basic internet access. In the developed world, more than 87% of the population has direct access to the internet compared to just 47% in developing countries and 19% in the least developed nations.
In a digitally interdependent world, the ability to access telehealth, take classes online, or work remotely is not just critical to thrive but to survive. People who do not have robust broadband access are being left behind. In sub-Saharan Africa, for example, more than 60% of the population still lacks access to 4G networks, with 2G the norm in rural areas.
Ensuring affordable digital services for education, work, and health that are safe and resilient will be fundamental to weather crises, including future pandemics.
Wired world
There are more than 4.6 billion active internet users today, up from roughly 4 billion in 2019. That means that about 60% of the world is connected to at least one device — and some of them to many more. According to industry experts, at least 93 million new phone users, 316 million new internet users, and 490 million new social media users went online between January 2020 and January 2021.
Yet waves of hacking and malware attacks are a constant reminder that most governments, companies, and citizens are digitally exposed. The ransomware epidemic, alongside the colossal Solar Winds and Kaseya supply chain attacks, is not just threatening public infrastructure, government services, and financial institutions, but also the basic trust needed to sustain the digital economy.
The exposure of internet users to digital malfeasance involving their physical devices is far-reaching. In recent years, cybersecurity researchers have detected compromises in more than 100 million smart devices around the world. These kinds of gaps can expose corporate servers and IT systems, medical and financial data, and the control systems of factories and utilities.
As the world rapidly moves toward the Internet of Things, where everything around us is always connected, these risks have only grown more serious. By 2025, there will be more than 32 billion wirelessly connected devices (up from 14 billion in 2021), most of them lacking even basic security features.
One way to more safely navigate a rapidly digitalising world is by mapping it out in a way that is actionable — and quantifying what’s at risk. By illuminating the interdependencies and vulnerabilities across physical and digital infrastructures and supply chains, maps can help governments, businesses, and civil societies bolster their defences.
In a world where digital devices are easily infiltrated, manipulated, and weaponised, awareness is essential. It is only by better understanding the risk that we can more readily reduce it.
Robert Muggah is a principal at the SecDev Group, a co-founder of the Igarapé Institute, and the author, with Ian Goldin, of Terra Incognita: 100 Maps to Survive the Next 100 Years. He tweets at: @robmuggah.
Crikey is committed to hosting lively discussions. Help us keep the conversation useful, interesting and welcoming. We aim to publish comments quickly in the interest of promoting robust conversation, but we’re a small team and we deploy filters to protect against legal risk. Occasionally your comment may be held up while we review, but we’re working as fast as we can to keep the conversation rolling.
The Crikey comment section is members-only content. Please subscribe to leave a comment.
The Crikey comment section is members-only content. Please login to leave a comment.