Shallow seas and “shadow fleets”: Europe’s undersea infrastructure is dangerously vulnerable

China unveiled a new deep-sea device capable of cutting undersea cables to a depth of 4,000 meters in late March, sparking fears that previously secure fibre optic cables can now face serious threats. The importance of such cables—normally no thicker than a garden hose—cannot be overstated: they carry around $10tn of financial transactions every day, as well as 97% of internet traffic and a significant portion of government communication.

Unfortunately for Europe, the average depth of its seas is much shallower than the 4,000 meters the Chinese device can reach. They average just 52.3 meters in the Baltic and 95 meters in the North Sea. At these depths, a ship’s anchor, dragged carelessly or deliberately across the seabed, can easily sever critical undersea cables. This is already happening, though the threat is primarily emanating from Russia.

Europe is the continent with the most subsea connections in the world. The Baltic’s undersea infrastructure holds particular strategic importance because it is located between Russia and key NATO and EU members. Disrupting this undersea cable network would make daily activities for European citizens and businesses nearly impossible. Even attacks against individual cables can cause significant damage if they target several wires in rapid succession, or if they affect isolated areas dependent on a few lines for global connectivity.

Rerouting data traffic requires cables with enough capacity, while repairs depend on accessible ships. Isolated attacks are a costly nuisance, but a large-scale coordinated campaign from a rival power would be a grave threat to Europe.

Sabotage and the “shadow fleet”

It is thought that Russia started targeting Europe’s critical undersea infrastructure in 2022, when the Nord Stream 1 and Nord Stream 2 gas pipelines in the Baltic Sea mysteriously exploded. This campaign has intensified; at least 11 Baltic cables have been damaged since October 2023. European authorities are increasingly alert to the possibility of Russian sabotage. They started investigating incidents in earnest in late 2024 when the Yi Peng 3, a Chinese-owned tanker that had previously departed from a Russian port, cut two cables in the Baltic Sea. European authorities have seized several Russian vessels under suspicion of having damaged critical infrastructure. What makes such attacks particularly insidious is the cover of plausible deniability. It is remarkably difficult to prove intent (a ship might drop its anchor by mistake or in response to rough seas), let alone trace the act back to its primary instigator, Moscow.

Since 2022, Russia has created a “shadow fleet”, buying more than 400 rusty old tankers that are known to be used to export oil and sabotage undersea cables.  These vessels change flags often and do not rely on Western providers for financing or insurance. They are thus able to obscure their identity and export oil below the $60 a barrel price cap introduced by the G7. More than 60% of Russian seaborne crude oil exports pass through the Baltic Sea. The tankers are close to the end of their life and are prone to oil spills or engine failures. They also often disguise their position, increasing the risk of collisions. 

Beyond the maritime domain, Russia’s strategy includes systematic airspace violations. Since the full-scale invasion of Ukraine, there have been nine confirmed instances of Russian drones and missiles crossing into NATO territory, testing the alliance’s defence systems and response protocols. These incursions, alongside undersea sabotage, aim to identify NATO vulnerabilities and gauge its reaction time.

Deterrence is paramount

The increase in incidents and the evolving nature of Russia’s hybrid warfare and sabotage tactics indicate a deliberate strategy targeting Europe’s critical infrastructure. European leaders and intelligence agencies must be more assertive in deterring these threats by recognising and attributing them, as exemplified by Germany’s defence minister, Boris Pistorius.

However, European countries so far have prioritised detection capabilities and surveillance missions over stronger deterrence measures. In January 2025, NATO initiated Baltic Sentry, a mission aimed at bolstering its maritime presence and surveillance in the Baltic Sea through the deployment of aircraft, ships, and naval drones. Similarly, in February 2025, the EU introduced its Action Plan on Cable Security, which aims to protect submarine cables through better prevention, earlier detection and swifter responses. This is a positive step, but it requires time to become fully operational.

Investigating incidents and protecting infrastructure are essential, but bolstering Europe’s deterrence posture is paramount

While these measures are necessary, they fall short of addressing the broader strategic challenge. Investigating incidents and protecting infrastructure are essential, but bolstering Europe’s deterrence posture is paramount. The EU can achieve this by ensuring perpetrators are held accountable through effective attribution—like forensic analysis—and by increasing the costs for malign actors through better enforcement of sanctions, which would close loopholes that allow Moscow to sustain significant revenues. This calls for a fundamental shift in the sanctions strategy, moving beyond reliance on price caps to physically limiting Russia’s ability to export oil.

Baltic Sea states are well-positioned to take the lead by declaring a “special period” to impose stricter controls on Russian oil shipments. Temporarily suspending certain maritime laws, such as those outlined in the Copenhagen Treaty of 1857, would enable immediate, targeted action. Legally grounded in hybrid threat doctrines, such measures would effectively treat the Baltic Sea as a de facto NATO-controlled waterway, sending a clear signal of resolve to malign actors.

Beyond these measures, Europe must avoid excessive reliance on single pipelines or data cables. Companies should be required to develop backup systems, while Europe should make better use of existing surveillance tools and deepen international intelligence-sharing efforts.

In the realm of prevention, and as rightly stated in the EU action plan, Europe must prioritise mapping both existing and planned submarine cable infrastructures. It should identify the most critical—and consequently the most vulnerable—systems to prevent disruptions in connectivity and security.

Ultimately, swift and decisive European action hinges on recognising the severity of the threat. These acts of undersea sabotage, though seemingly low-scale, could pose severe economic, military and societal risks. Failure to act decisively now will only invite greater threats in the future.