Küresel İnternet Altyapısı Tehdit Altında: Kim Koruyacak?

The world’s internet infrastructure is under threat – who is going to protect it?

The world’s internet infrastructure is under threat – who is going to protect it? The World Today iallan.drupal 8 June 2026 The Iran conflict has highlighted the vulnerability of data centres and seabed cables – these essential amenities need an international legal framework to safeguard them, writes Calum Inverarity. When Iranian drones struck three Amazon Web Services data centres in the United Arab Emirates and Bahrain on 1 March 2026, the disruption was immediate. Payment firms Alaan and Hubpay reported disruption to their services. Banks, including Emirates NBD and the Abu Dhabi Commercial Bank experienced intermittent failures in mobile and phone banking services. Careem, the region’s leading taxi and delivery platform, reported disruption before its chief executive confirmed services were fully restored 48 hours later. Most commentary has focused on what this means for technology investment in the Gulf, the legal implications of targeting military-commercial infrastructure and the physical security of data centres. These are worthy of attention, but they are not the most important question the strikes raise. Data infrastructure, including data centres, subsea cables and satellites, underpins fundamental aspects of modern society. Reliable digital systems depend on data quality, governance and how effectively and safely data can be shared. When it fails, the cost falls not only on cloud providers and banks but on the people who rely on public services vital for the functioning of daily life. The question missing from the coverage, however, is who, in the event of an attack, is responsible for protecting the physical foundations of this infrastructure and by what international framework? Undersea cables Data centres themselves are only part of the picture. The internet also depends on a network of fibre-optic cables laid on the ocean floor. It is estimated that $10 trillion worth of financial transactions are carried through undersea cables every day. Health records, electoral infrastructure, emergency services and energy grid management all depend on data flows that utilize these cables. $10 trillion worth of financial transactions are estimated to be carried through undersea cables every day. Many of these cables are concentrated in the Red Sea, which carry approximately 17 per cent of global internet traffic, and 90 per cent of traffic between Europe and Asia. A separate set of four cables traverses the Strait of Hormuz, serving Bahrain, Kuwait, Qatar and the UAE. The Strait of Hormuz has been virtually closed to commercial shipping traffic since Iran declared it shut on 3 March. But while the Gulf strikes have provided a vivid illustration, the pattern is not new. Since late 2023, Houthi attacks have made the Red Sea effectively impassable for most commercial vessels, forcing shipping to reroute around Africa. In March 2024, four cables in the Red Sea were severed, disrupting roughly a quarter of internet traffic between Asia, Europe and the Middle East, with connectivity losses of up to 90 per cent recorded in Ethiopia and Somalia. Doug Madory, director of internet analysis at Kentik, a network intelligence firm, has described the prospect of both passages being closed simultaneously as ‘a globally disruptive event’ and unprecedented. The consequence for undersea cables is that repair vessels cannot safely reach them if they are damaged in either of these straits. Currently, only one out of five vessels belonging to the UAE-based company ‘e-Marine’ is available to service cables inside the Gulf. In the Red Sea, no repair vessel can safely operate. Commercial interests Another major vulnerability revealed by the recent strikes is the role of the private sector. Over the past decade, a small number of private companies have become responsible for the world’s entire internet infrastructure. This network of subsea cables was designed for connectivity, not for protection in the event of conflict. The world’s network of subsea cables was designed for connectivity, not for protection in the event of conflict. Open Data Institute research published in 2023 documented how the four largest technology companies – Google, Meta, Microsoft and Amazon – went from owning a single long-distance undersea cable connecting the United States and Japan in 2010 to more than 30 such cables in 2024, which provided greater connectivity across the world, while three companies – Amazon Web Services, Microsoft’s Azure and Google Cloud – controlled more than half the world’s biggest data centres. In response to the Gulf strikes, analysts have suggested companies could accelerate investment in alternative locations such as India, which would not address this concentration but simply relocate it. The issue is that data centres and undersea cables are privately owned infrastructure that cross national borders and international water. When centres serving numerous countries are damaged in a conflict, it is unclear whether international obligations still apply and who should coordinate a response when repair vessels cannot operate. The international legal framework governing undersea cables was not built to respond to these questions. The foundational international agreement on their protection dates to 1884. The UN Convention on the Law of the Sea extended some protections in 1994 within exclusive economic zones, but beyond those boundaries, the responsibilities of states and private companies remain poorly defined. Private companies have no recourse against state attackers under existing law which has not been substantially updated since the 19th century. The private sector has typically responded to subsea threats by investing in technical solutions, including constructing new data centers to distribute storage and build redundancy. But this response doesn’t address the problem of concentrating the world’s data into the hands of several tech providers. Legal analysts have noted that private companies have virtually no recourse against state attackers under existing law and the governance framework has not been substantially updated since the 19th century. Given these gaps, Christian Bueger, a professor of international relations at the University of Copenhagen and a leading scholar of maritime security and ocean governance, has argued that submarine cables should be treated as critical maritime infrastructure requiring clearer international governance arrangements and stronger protection. Calls for protection The problem is that there are no clear-cut answers to what this protection should look like. A modernized framework would have to enforce state behaviour in a number of difficult circumstances, including in international waters where the cables are privately owned, in disputed conflict zones and when repair vessels have no safe passage. But calls for new regulations are growing. Even the tech sector, which has shown little appetite for international governance frameworks in the past, appears to have changed position in light of events in the Gulf. Since early April, US tech firms, have lobbied the government for ‘clear deterrence against attacks on commercial assets, and firm commitments for the US and other governments to defend those assets.’ This indicates the desire of the private sector for greater security guarantees for critical data infrastructure but falls short of concerted efforts to establish shared governance frameworks and how these should be owned and regulated. Related work Building tomorrow’s digital public infrastructure Recent initiatives, including the European Union’s Action Plan on Cable Security, offers some ideas of next steps. Adopted in February 2025, the plan establishes a framework built on four stages: prevention, detection, response, and repair, with €347 million new investment committed for 2026-2027, including funding specifically for cable repair capacity. Soon after the EU Commission published a report assessing the resilience of the EU’s subsea cable infrastructure, suggesting reasonable buy-in to the effort. Additionally, a 2024 joint statement on cable governance endorsed by Britain, the EU, Canada Japan, and the previous US administration, signals an existing coalition of like-minded partners on which a broader legal framework could be developed. This spells out the next steps to be taken, such as mandated transparency requirements on cable operators about infrastructure and vulnerabilities, coordinated deployment of repair vessels and corresponding international safe-passage corridors. Britain’s role Britain is keenly aware of the potential vulnerability of its offshore cable infrastructure. In April, the government took the unusual step of publicly condemning Russia for conducting ‘covert’ operations near its subsea cables and pipelines in the North Sea. Looking ahead, the UK could play an important role in international cable governance.