Earlier this week, a disturbing escalation in the suspected sabotage of undersea cables unfolded in the Baltic Sea. Two fibre-optic cables – one linking Lithuania and Sweden, and the other connecting Finland and Germany (C-Lion1) – were severed. According to authorities, there was no technical failure; the cables were intentionally cut, sending shockwaves through telecommunications networks and state security apparatus alike.
Germany's defence minister immediately labelled the attack a clear “act of sabotage” aimed directly at European nations that are staunchly supporting Ukraine in its war with Russia. Analysts note that Sweden and Finland have been facing significant infrastructure challenges since joining NATO, with Finland’s nuclear reactors going offline the same day as the cables were cut, underscoring the vulnerability of critical systems.
If proven to involve Russia, such an incident would underscore the growing willingness of authoritarian states and rogue non-state actors to target vital infrastructure. The economic risk is obvious, but in the digital age this could also quickly extend to the disruption of essential services. In the latest case, the internet was not knocked out, but redundancy offers little comfort. NATO nations are now confronted with the danger that deliberate targeting of such infrastructure could escalate from provocation to existential threat.
Inaction sends its own dangerous message: there is little cost to attacking critical infrastructure.
Unintentional damage is always a risk. More than 70% of undersea cable faults are caused by fishing and shipping activities. However, this latest incident in the Baltic follows a disturbing pattern. In October last year, a Chinese-flagged vessel was linked to the severing of both the Balticconnector gas pipeline and critical data cables in the region. Despite clear evidence of wrongdoing, the international response was muted. The Chinese vessel sailed off without consequence – no sanctions, no significant public diplomatic rebuke, no coordinated Western action.
Fast forward to the latest incident, and once again, a Chinese-flagged ship is suspected of severing cables in the Baltic Sea. The cable connects Santahamina, near Helsinki, to Rostock, Germany – an area of heightened strategic importance, as NATO just inaugurated its new naval headquarters there, a move that Russia strongly protested just weeks ago. Adding to the tension, US intelligence recently reported Russian vessels with cable-cutting capabilities operating in the Irish Sea. Given these circumstances, it is increasingly difficult to dismiss the possibility of Russian and Chinese involvement.
The brazenness of these cable-cutting actions is staggering. When China finally admitted in August this year to its flagged vessel severing the Balticconnector and data cables the year before, the EU’s response amounted to little more than a vague expression of concern. NATO’s response included increasing surveillance in the Baltic Sea by deploying mine hunters, Airborne Early Warning and Control and Uncrewed Aerial Vehicle systems, signalling support for allies, but no clear warning issued to suspected perpetrators.
This inaction sends its own dangerous message: there is little cost to attacking critical infrastructure.
By cutting cables, the perpetrators cause disruption without attribution, making it difficult for states to respond without risking escalation. The damage to subsea networks suggests hybrid warfare– using physical sabotage, cyberattacks, and disinformation to destabilise adversaries without triggering full-scale conflict. These attacks don’t merely disrupt communication – they instil doubt about the West's ability to defend its most vital infrastructure. Hostile actors, emboldened by the lack of meaningful consequences, are testing how far they can push without facing repercussions.
In response to such growing threats, NATO launched a new centre in May to safeguard undersea cables and energy infrastructure. Yet, despite its creation, NATO’s efforts have so far proved ineffective. The incidents have exposed the centre’s inability to prevent these attacks or respond decisively.
The West’s response to this latest provocation must be more robust, and swift. Instead of merely advising private companies on securing subsea infrastructure, NATO and its allies need a stronger strategy to protect critical digital networks. For example, at this year's UN General Assembly, the United States and its partnersissued a “Joint Statement on the Security and Resilience of Undersea Cables” A more direct warning to malicious actors would be far more effective.
Governments must also take immediate action to strengthen the protection of physical infrastructure and establish rapid-response protocols for real-time attacks. Countries must work together to create enforceable international agreements that hold perpetrators accountable and impose meaningful consequences. Other cables not too far from the Baltic Sea are also vulnerable – such as those connecting to London, Europe's financial hub. An act of sabotage there will come at a far higher cost.
