A Russian Spy Ship Might Have Tapped Syria’s Internet
‘Yantar’ has been acting … weirdly
by BEN SULLIVAN
If you think some conspiracy theories are just too coincidental to be wrong, you’re going to love this one. An internet outage expert at U.S. internet monitor Dyn, along with several Twitter users and bloggers, believe that a secretive Russian navy spy ship may be tapping and disrupting underwater cables in the Mediterranean Sea that feed internet to Syria.
While telecommunications experts argue that this isn’t likely, several factors have aligned that seem to support this theory.
The story starts in September 2015, when the Russian naval vessel Yantar was suspected of spying on a U.S. nuclear submarine fleet off the coast of Cuba. U.S. intelligence believed the ship was collecting data from underwater cables in the Caribbean whilst also spying on the submarine fleet, and according to The New York Times, Yantar — officially, a Russian navy oceanographic vessel — was also equipped with two autonomous submersible craft.
Fast forward to October 2016, and that same ship is moored off the coast of Syria, amidst ongoing internet outages in the country reported by Dyn. Both Syria and Lebanon have recently been experiencing internet routing instability, according Dyn, and some believe the problems can be traced back to the Russian ship.
Doug Madory, an analyst at Dyn, said that he has noticed a recent uptick of internet instability in Syria, and a source of his from within state telecommunications provider Syria Telecom pointed to Syria’s underwater internet cables as being the cause of the problems.
This, along with Twitter speculation and a previous history of internet outages in Syria linked to combat offensives by forces loyal to Pres. Bashar Al Assad, suggest something of a conspiratorial nature may at hand.
Yantar’s movements in the Mediterranean Sea have been logged over the past few weeks here in this publicly available Google Maps document, and there is an active community of Twitter users also tracking every movement of the ship.
“I’m not automatically someone who subscribes to this, but having said that, this ship is off the coast of Syria, it’s ostensibly for research purposes, it seems reasonable,” Madory said.
“There are two different threads of facts that are reliable. I’ve got data that shows there is routing instability in both Syria and Lebanon in the past week. And I’ve got a source in Syrian Telecom who said it was submarine cable related. Those are facts. Then there’s all this stuff about this ship. It’s awfully coincidental.”
Maritime blog Hisutton.com has also been tracking Yantar, and is using publicly available shipping data to monitor its proximity to Syrian underwater internet cables. The website shows Yantar’s position in relation to the subsea cables, routed from Cyprus to Syria.
While the coincidences of the outages and the vessel’s location are enough to fuel theories about Russian involvement, Madory said that experts in the submarine cable industry say this kind of tapping and disruption isn’t possible. “They dismiss out of hand any kind of technology that could tap submarine cables underwater, they don’t believe it’s possible at all,” he said.
Alan Mauldin, a research director at telecommunications research firm TeleGeography, said that it seems unlikely submarine cables could be tapped. “I can’t say for sure,” he explained, “but seems a bit far fetched. Even if you attach a tap. How do you transit the take back to be processed? Seems too crazy to me but anything is possible. I can’t say for sure but tapping on land is a lot easier.”
Julian Rawle, a subsea cable consultant, said that it would be “practically impossible” to tap into an underwater fiber-optic cable. “You would physically have to break through the considerable amount of protective layers and then splice into the fibers. Doing this underwater would inevitably lead to water ingress which would seriously impair the cable’s performance,” he said. “I think someone would notice if a vessel this close to the coast actually picked up a cable.”
Rawle suggested that instead of the Russians, it could be seismic activity to blame for the disruption, as the eastern Mediterranean is an active seismic area.
Still, according to Madory, “it does seem kind of suspicious.” Thankfully, for those eager detectives among you, there’s a wealth of data to stalk online regarding the whereabouts and actions of Yantar. “Apparently there is a cottage industry of posting photos of Yantar to Twitter and tracking its location,” Madory said, pointing to another recent sighting of the ship.
Originally published at motherboard.vice.com.