Palantir is moving its UK security operation on-shore as fears mount that Russia could attack the undersea cables that transfer data around the world. The move is a prudent one, analysts say, as these cables have low security and could easily be sabotaged or hacked.
Previously run from the US, Palantir’s security operation will now be based on UK soil, meaning security updates and threat monitoring will be carried out locally. “With geopolitical tensions rising, protecting the UK’s most vital public and private organisations has never been more important. That’s why we’re going above and beyond, offering the certainty that they require and ensuring that they can continue to operate with confidence in a heightened-threat environment,” Louis Mosley, Palantir’s UK head, told The Telegraph.
Co-founded by billionaire investor Peter Thiel, Palantir works with the UK government on multiple contracts, and was instrumental in setting up the Covid-19 data store, which allowed researchers to track the spread of the virus. Earlier this month it agreed a £10m contract with the Ministry of Defence, and is reportedly bidding on a £240m contract to create a “federated data platform” for the NHS. With such valuable contracts in play, it is no surprise the company is taking no risks when it comes to security.
Why is Palantir moving its security operation?
It is likely Palantir is reacting to the heightened risk of data espionage or destruction, highlighted by the attack on the satellite communications network Viasat, which last week was attributed to Russia by security agencies in the UK and US.
The Viasat attack will have put companies on heightened alert about the possibility of Russian hackers targeting internet and communications infrastructure. “Targeting communications systems has been within the playbook of Russian forces since the start of the invasion, illustrated by the attack on Viasat on the first day of the invasion of Ukraine,” says Toby Lewis, global head of threat analysis at security company Darktrace. “Targeting major links relied upon by non-Ukrainian forces could be the first indication of an escalation outside of Russia’s direct conflict with Ukraine.”
Submarine cables, which carry 99% of all international telecoms traffic, are at even greater risk than satellite networks. There are currently 450 subsea cables, which together span 1.35km. The security of these cables need to be improved, a report by The Atlantic Council states, due to the heightened geopolitical tensions between the US, Russia and China, as well as the increasing number of companies controlling the cables themselves. This brings added operational security risks because more management software than ever before is being used to monitor and maintain the cables, and this could become a target for hackers.
This has big implications for US businesses with customers in Europe says Chris Hauk, consumer privacy advocate at Pixel Privacy. “US companies should reconsider how they operate in Europe, perhaps localising their operations, at least for the foreseeable future,” he says. “Any attacks on the undersea infrastructure snaking its way around the world could deprive large amounts of the globe to go without internet access.”
Is Russia cable attack likely?
Before the war in Ukraine broke out, head of the UK armed forces, Sir Tony Radakin, noted an increase in Russia’s submarine activity. Etay Maor, senior digital security strategist at Cato Networks, believes a Russia cable attack could happen, and says there have been indications in the past that this is something considered by the Russians. “I think the danger is that it’s very easy to do,” Maor says. “There are no submarines patrolling miles and miles of cables. All you need to do is play pretty simple sabotage, and it’s going to take a while to fix something like that.”
Sabotaging the cables might not even be necessary. “You could send a team to put something on one of the cables that just listens to the channel, and you can get a lot of information,” Maor adds. “So it doesn’t have to be destruction. It can be eavesdropping.”