Modern society depends on a vast, mostly unseen network under the oceans. Over 1.5 million kilometers of submarine cables carry more than 95 percent of intercontinental data and about $10 trillion in financial transactions every day. About 20,000 miles of subsea pipelines also move oil and gas (Center for Strategic and International Studies [CSIS], 2026). For a long time, this infrastructure was largely ignored and unprotected. That changed after Russia invaded Ukraine in 2022. Since then, incidents like the Nord Stream pipeline explosions and suspected cable cuts in the Baltic Sea and Taiwan Strait have made governments and security agencies pay close attention. This essay argues that state-backed attacks on subsea infrastructure, especially by Russia and China, are now some of the most urgent and overlooked threats in maritime security. Current legal, operational, and technological systems are not strong enough to handle this risk.
Modern society depends on a vast, mostly unseen network under the oceans. Over 1.5 million kilometers of submarine cables carry more than 95 percent of intercontinental data and about $10 trillion in financial transactions every day. About 20,000 miles of subsea pipelines also move oil and gas (Center for Strategic and International Studies [CSIS], 2026). For a long time, this infrastructure was largely ignored and unprotected. That changed after Russia invaded Ukraine in 2022. Since then, incidents like the Nord Stream pipeline explosions and suspected cable cuts in the Baltic Sea and Taiwan Strait have made governments and security agencies pay close attention. This essay argues that state-backed attacks on subsea infrastructure, especially by Russia and China, are now some of the most urgent and overlooked threats in maritime security. Current legal, operational, and technological systems are not strong enough to handle this risk.
The global network of subsea cables is mostly out of sight but extremely important. CSIS describes it as the “soft underbelly of the world economy” because it is huge, essential, and difficult to protect (CSIS, 2026, para. 3). By April 2025, there were 597 submarine cables in use or under construction, up from 559 in 2024, showing the growing demand for digital connections (Recorded Future, 2025). These cables carry not only internet traffic, but also military communications, intelligence, financial data, and command links for NATO and its allies. Rear Admiral (Ret.) Mike Studeman, former Commander of the Office of Naval Intelligence, says adversaries are targeting this infrastructure for both physical attacks and intelligence gathering. He calls these “inside-out” attacks, where malware hidden in cable hardware can be triggered remotely to intercept or disrupt data (The Cipher Brief, 2025).
The massive scale of undersea infrastructure makes it very hard to protect. Over 1.7 million kilometers of cables and pipelines stretch across the world’s oceans and seas (Windward AI, 2025). Watching over such a large area is challenging, especially because threats often look like regular commercial activity. Traditional patrols cannot keep up, and attackers use this to their advantage.
The number of incidents in the past three years is far beyond what could be explained by chance. It began in September 2022 with the sabotage of the Nord Stream 1 and 2 natural gas pipelines in the Baltic Sea, which took out a large part of Europe’s gas infrastructure in a single operation (Bulletin of the Atomic Scientists [BAS], 2026). After that, the attacks continued. In October 2023, the Balticonnector gas pipeline between Estonia and Finland was damaged, as was the EE-S1 data cable linking Sweden and Estonia. This incident was traced to the Chinese-flagged ship Newnew Polar Bear, which was later found in the Russian port of Arkhangelsk with its port-side anchor missing. The same anchor paint was found on the cut cable (CSIS, 2026; Fox News, 2025a).
In November 2024, two more Baltic cables, the BCS East-West Interlink and the C-Lion1, were cut. AIS tracking data showed that the Chinese-flagged ship Yi Peng 3 slowed down near both cables when they were damaged, and sonar images showed anchor drag marks stretching up to 160 kilometers across the seabed (Stockholm International Peace Research Institute [SIPRI], 2025). Even with this evidence, European investigators faced a diplomatic barrier. Because the ship flew a Chinese flag and was in international waters, authorities could not board it without permission from Beijing, which was slow to arrive (SIPRI, 2025). This incident highlighted a major legal weakness that adversaries have continued to use.
On Christmas Day 2024, the Estlink 2 power cable between Finland and Estonia was badly damaged, and at least four telecom cables were also cut that day. Finnish and Swedish authorities named the Cook Islands-flagged tanker Eagle S, suspected to be part of a Russian shadow fleet, as the main suspect. Investigators later found a missing anchor on the Gulf of Finland seabed with evidence matching the damage (Jamestown Foundation, 2025). On the last day of 2025, the cargo ship Fitburg, which had just left St. Petersburg, dragged its anchor along the Baltic seabed and damaged a fiber-optic cable between Helsinki and Tallinn. Finnish special forces boarded the ship from a helicopter, and the dramatic footage was shown internationally (BAS, 2026).
Fox News reported in January 2025 that EU High Representative Kaja Kallas described these incidents as part of an ongoing Kremlin “hybrid campaign against Europe,” saying that “since Russia’s full-scale invasion of Ukraine, these efforts have intensified dramatically” and that Russia was “not the only challenge we face,” clearly referring to Chinese involvement (Fox News, 2025a). The Jamestown Foundation, looking at incidents near Taiwan in early 2025, found that the actions of Chinese and Russian-operated ships suggested active cooperation between Moscow and Beijing on undersea sabotage. This partnership targets both European and Indo-Pacific infrastructure at the same time (Jamestown Foundation, 2025).
Perhaps the most consequential vulnerability exposed by this wave of incidents is not physical but legal. The international legal framework governing the protection of subsea cables is, in the assessment of most experts, dangerously inadequate for the current threat environment. The primary treaty instrument — the 1884 Convention for the Protection of Submarine Telegraph Cables — is a relic of the telegraph age, with limited state party membership and no enforcement mechanism suited to modern hybrid warfare (Marine Technology News, 2025). Its successor framework under the 1982 United Nations Convention on the Law of the Sea (UNCLOS) requires states to criminalize willful cable damage but leaves enforcement authority almost entirely with the flag state of the offending vessel — precisely the states whose vessels are conducting the operations (SIPRI, 2025).
As Pierre Thévenin, a law of the sea expert at SIPRI, has explained, a coastal state currently has no automatic right under UNCLOS to board and search a foreign vessel suspected of cable damage within its own Exclusive Economic Zone without the cooperation of the flag state (SIPRI, 2025). This means that Russia and China can effectively shield their vessels from investigation simply by flying their own flags or using shadow fleet vessels registered in compliant third countries. The Yi Peng 3 case demonstrated this constraint in real time: despite compelling physical and electronic evidence of culpability, European investigators could not compel boarding. It was weeks before any meaningful access was granted, and no prosecutions followed.
Legislation is slowly catching up. The U.S. Senate introduced the Strategic Subsea Cables Act of 2025, which would strengthen criminal penalties for cable damage and require the president to impose sanctions against foreign individuals found to have intentionally damaged subsea fibre-optic cables (CSIS, 2026). The Federal Communications Commission has also updated rules on submarine cable landing licensing with an explicit national security focus (CSIS, 2026). At the European level, the European Commission adopted an EU Action Plan on Cable Security in early 2025 focused on prevention, detection, response, and recovery (University of Washington, Jackson School, 2025). These are meaningful steps, but analysts at the Foundation for Defense of Democracies (FDD) have noted that without faster permitting, stronger allied naval coordination, and diversified repair capacity, legislative progress will outpace operational capability (FDD, 2025).
Protecting subsea infrastructure is even more difficult because state actors are good at hiding what they do. Recorded Future’s Insikt Group found that ships suspected of sabotage often give believable reasons, like saying anchor drag was accidental, blaming weather delays, or changing their tracking data to hide their location (Recorded Future, 2025). Windward AI’s analysis shows that certain behaviors, such as slow passes over cable routes, long stops above important points, and small tracking changes that put ships over cables, can be spotted with advanced monitoring—but only if the right systems are in place (Windward AI, 2025).
Limited repair capacity makes the problem even worse. Fewer than 100 cable repair ships are available worldwide to maintain a network that is 1.5 million kilometers long (University of Washington, Jackson School, 2025). Fixing a damaged cable usually takes about 40 days, and it can take much longer in conflict areas because of permit delays and access problems (Recorded Future, 2025). The Chinese company HMN Technologies controls much of the cable repair and manufacturing market, making the United States and its allies dependent. Only recently have they begun investing in their own repair and manufacturing programs (University of Washington, Jackson School, 2025).
NATO has responded with meaningful but still-developing institutional measures. In January 2025, the alliance launched Baltic Sentry, a multinational naval operation specifically designed to deter attacks on critical undersea infrastructure in the Baltic Sea, adding vessels, patrol aircraft, and staff to the existing Combined Task Force Baltic framework (Atlantic Council, 2025). NATO’s Joint Force Command Norfolk has been assigned to monitor undersea threats, and a Maritime Centre for the Security of Critical Undersea Infrastructure has been established in the United Kingdom (FDD, 2025). The United States, Japan, Australia, and India have also launched the Partnership for Cable Connectivity and Resilience in the Indo-Pacific, specifically targeting Chinese security challenges to undersea networks (FDD, 2025).
However, the Atlantic Council’s analysis of Baltic Sentry operations points out that even with more patrols, this is only a partial deterrent. “The question remains how the coastal states and NATO would respond” to a confirmed act of sabotage, especially if it happens in international waters (Atlantic Council, 2025, para. 7). CSIS has suggested deterrence by detection—using AI-powered satellite surveillance and vessel analytics to spot and publicize suspicious behavior before attacks happen—as a complementary strategy. This approach is based on the legal example set by Google’s civil litigation against undersea network sabotage, which serves as a model for non-criminal accountability (CSIS, 2026).
Targeting subsea infrastructure brings together several key features of modern great power competition. It is asymmetric because cutting a cable costs little but causes huge economic and strategic harm. It takes advantage of plausible deniability, since anchor drag and accidental damage are common at sea, and it is very hard to prove state involvement. Legal gaps in international rules protect these actions, and adversaries have learned to use them. These attacks also happen mainly in places like the Baltic Sea, the Taiwan Strait, and the Red Sea, where tensions are already high.
Benjamin Schmitt from the University of Pennsylvania has warned that “it is vital that global democracies mount a significant response to deter future attempts by Russia and China to disrupt Western critical subsea infrastructure,” and that without stronger action, these attacks are “likely to grow” (as cited in Straight Arrow News, 2025). Finland’s intelligence service, Supo, has advised caution in assuming all cable damage is intentional, but confirmed in its March 2026 National Security Overview that the threat in the Baltic is real, getting worse, and needs a more advanced response than just calling it “hybrid warfare” (Submarine Networks, 2026).
Sabotage of subsea infrastructure is now one of the most serious and difficult threats in maritime security. The cables and pipelines that support global communications, finance, and energy are mostly unprotected, governed by outdated laws, monitored by systems that attackers can avoid, and repaired slowly by too few specialized ships. Russia and China have shown they can use these weaknesses to pressure Europe and the Indo-Pacific with low-cost, high-impact actions that do not trigger a military response. Fixing the legal, operational, and infrastructure gaps is not just a maritime security issue; it is essential for national and alliance defense in the digital age.
Atlantic Council. (2025, November 26). How the Baltic Sea nations have tackled suspicious cable cuts. https://www.atlanticcouncil.org/in-depth-research-reports/issue-brief/how-the-baltic-sea-nations-have-tackled-suspicious-cable-cuts/
Bulletin of the Atomic Scientists. (2026, February 13). Seabed zero: Baltic sabotage and the global risks to undersea infrastructure. https://thebulletin.org/2026/02/seabed-zero-baltic-sabotage-and-the-global-risks-to-undersea-infrastructure/
Center for Strategic and International Studies. (2026, February 11). Protecting subsea cables: Detect to deter, sue to secure. https://www.csis.org/analysis/protecting-subsea-cables-detect-deter-sue-secure
The Cipher Brief. (2025). Undersea cables under attack, from outside and within. https://www.thecipherbrief.com/undersea-cable-attacks
Foundation for Defense of Democracies. (2025, February 27). US and allies must get tough on Russia, China’s deep-sea cable sabotage. https://www.fdd.org/analysis/op_eds/2025/02/27/us-and-allies-must-get-tough-on-russia-chinas-deep-sea-cable-sabotage/
Fox News. (2025a, January 14). International underwater cable attacks by Russia, China are no ‘mere coincidence’ warns EU’s top diplomat. https://www.foxnews.com/world/international-underwater-cable-attacks-russia-china-no-mere-coincidence-warns-eus-top-diplomat
Jamestown Foundation. (2025). Strangers on a seabed: Sino-Russian collaboration on undersea cable sabotage operations. https://jamestown.org/strangers-on-a-seabed-sino-russian-collaboration-on-undersea-cable-sabotage-operations/
Marine Technology News. (2025, December 9). Subsea cable sabotage: Underwater, underprotected, and under attack. https://www.marinetechnologynews.com/news/subsea-cable-sabotage-underwater-656389
Recorded Future. (2025). Submarine cable security at risk amid geopolitical tensions and limited repair capabilities. https://www.recordedfuture.com/research/submarine-cables-face-increasing-threats
Stockholm International Peace Research Institute. (2025). A legislative route to combat sabotage of undersea cables: A Q&A with Pierre Thévenin. https://www.sipri.org/commentary/topical-backgrounder/2025/legislative-route-combat-sabotage-undersea-cables
Straight Arrow News. (2025, August 15). Undersea cables face rising sabotage risk, analysts warn. https://san.com/cc/undersea-cables-face-rising-sabotage-risk-analysts-warn/
Submarine Networks. (2026, March 20). Finnish Intelligence Supo challenges “sabotage theory” on subsea cable damage in the Baltic Sea. https://www.submarinenetworks.com/en/nv/insights/finnish-intelligence-supo-challenges-sabotage-theory-on-subsea-cable-damage-in-the-baltic-sea
University of Washington, Henry M. Jackson School of International Studies. (2025). Baltic Sea undersea cable security. https://jsis.washington.edu/news/baltic-sea-undersea-cable-security/
Windward AI. (2025, December 15). Protecting critical maritime infrastructure in 2026. https://windward.ai/blog/protecting-critical-maritime-infrastructure-in-2026/
