The Invisible Infrastructure of Global Survival
The internet feels weightless. We speak of data living in the cloud, of information flowing through the ether, of wireless connections liberating us from physical constraints. This perception is a dangerous illusion. Beneath the ocean’s surface, stretching across 1.4 million kilometers of seabed, lies the physical nervous system of modern civilization: a network of between 550 and 600 active submarine cable systems that carries 99 percent of all intercontinental data and facilitates over $10 trillion in daily financial transactions.
These cables are not merely important infrastructure. They are the invisible arteries through which the lifeblood of the global economy pulses every microsecond. When a trader in London executes a transaction on the Tokyo exchange, when a surgeon in Berlin guides a robotic procedure in Singapore, when intelligence agencies share time-sensitive information across continents, these communications travel not through satellites but through fiber-optic strands resting on the ocean floor. As the Atlantic Council has documented, three converging trends—authoritarian reshaping of internet topology, centralized network management systems, and explosive growth of cloud computing—have dramatically increased the strategic stakes of this infrastructure.
For decades, the primary threats to this infrastructure were prosaic: fishing trawlers dragging anchors across shallow-water routes, earthquakes severing cables along fault lines, sharks inexplicably drawn to gnaw on repeater housings. These were manageable risks, addressed through redundancy, rapid repair protocols, and careful route planning. But the strategic calculus has fundamentally shifted. What was once a domain of accidental damage has become a theater of deliberate, state-sponsored sabotage conducted under the cover of plausible deniability.
A new form of warfare has emerged: SIEGECRAFT—the systematic strangulation of an adversary’s digital lifelines without firing a shot.
The Seabed as Gray Zone Paradise
The ocean floor presents an almost perfect environment for covert aggression. Consider the convergence of factors that make submarine cables uniquely vulnerable to strategic sabotage.
Physical fragility is the first factor. Modern submarine cables, despite carrying the digital traffic of entire nations, are often unarmored across vast stretches of deep ocean. The logic is economic: armoring adds weight and cost, and the deep seabed historically presented few threats. A cable that costs tens of millions to manufacture and deploy can be severed by a determined adversary with equipment no more sophisticated than a weighted anchor. According to CSIS analysis, between 100 and 150 cable faults occur annually, with 66 percent caused by fishing and shipping activities and 30 percent specifically from anchor dragging.
Geographic concentration compounds this vulnerability. Global data traffic funnels through a handful of chokepoints where bathymetry, geopolitics, and commercial logic converge. The Baltic Sea, with an average depth of only 180 feet and over 4,000 ship transits daily, hosts critical cables linking Northern Europe to the broader internet backbone. The Red Sea corridor carries 18 cable systems representing 25 percent of Asia-Europe traffic through waters increasingly destabilized by regional conflict. The Taiwan Strait, perhaps most consequentially, has witnessed 27 to 30 cable cuts over a five-year period, a frequency that strains credulity as coincidence.
Legal ambiguity provides the final enabling condition. The United Nations Convention on the Law of the Sea, specifically Article 113, criminalizes intentional cable damage but provides virtually no enforcement mechanisms. A vessel operating in international waters or within another nation’s Exclusive Economic Zone cannot be boarded without flag-state permission. A ship flying the flag of a permissive registry can drag an anchor across a critical cable, claim mechanical failure, and face no meaningful consequence. The law, designed for an era of accidental damage, is impotent against adversaries who weaponize plausible deniability.
The Architects of Subsea Disruption
Russia: The Hybrid Warfare Specialist. The Russian approach to submarine cable warfare exemplifies its broader doctrine of hybrid aggression. Moscow maintains a sophisticated capability for seabed operations disguised as oceanographic research. The spy ship Yantar and the newly commissioned General Valery Gerasimov carry deep-diving submersibles, including the nuclear-powered Losharik, capable of operating at depths that place them beyond observation. These vessels have been documented loitering over critical cable junctions in the North Sea and within the Irish Exclusive Economic Zone, actively mapping NATO critical undersea infrastructure.
More insidious is Russia’s shadow fleet: approximately 1,900 vessels by end of Q3 2024 operating under opaque ownership structures, often registered in permissive flag states, characterized by aging hulls and minimal regulatory compliance. These ships, originally assembled to evade oil sanctions, have proven equally useful for infrastructure sabotage. The December 2024 Christmas Day incident demonstrated the model. The Eagle S, a Cook Islands-flagged tanker with documented Russian links, dragged its anchor for approximately 62 miles across the Gulf of Finland, severing the Estlink 2 power cable and four data cables. Finnish Special Forces ultimately boarded the vessel, marking the first enforcement action against suspected cable sabotage under the 1884 Convention since 1959. The damage was done nonetheless—Estlink 2 required over seven months for repair.
China: The Integrated Hegemon. Beijing’s approach differs in sophistication but matches Russia in strategic consequence. China has achieved dominance across the submarine cable value chain through HMN Technologies, formerly Huawei Marine Networks, which controls approximately 25 percent of global cable construction and repair capacity. This market position creates dual concerns. At the hardware level, cables manufactured or maintained by Chinese-linked entities present potential vectors for intelligence collection or embedded vulnerabilities. At the operational level, China’s repair dominance in the Asia-Pacific—through state-linked company SBSS—means that adversaries may find their damaged cables at the back of the repair queue during any regional crisis.
China’s kinetic capabilities have been demonstrated through what might be called salami-slicing tactics against Taiwan’s offshore islands. In February 2023, Chinese sand dredgers and fishing vessels repeatedly severed the two cables connecting the Matsu Islands to Taiwan proper. The 13,000 residents of Matsu experienced a digital blackout lasting 50 days—a proof-of-concept demonstration of SIEGECRAFT that required no missiles, no blockade, and no formal act of war. Research at Lishui University has reportedly produced anchor-like devices specifically engineered for cable cutting at depths beyond typical commercial operations, suggesting Beijing views this capability as worthy of deliberate development.
The pattern has continued into 2024 and 2025. In November 2024, the Chinese vessel Yi Peng 3, departing the Russian port of Ust-Luga, severed both the BCS East-West Interlink and C-Lion1 cables in the Baltic within 24 hours—an incident now under joint investigation by Sweden, Finland, and Lithuania via Eurojust. In January 2025, the Shunxin 39—flying a Cameroon flag with Hong Kong ownership and Chinese crew—damaged the Trans-Pacific Express cable north of Taipei while operating under two separate AIS systems, a signature of vessels seeking to obscure their movements.
Non-State Actors and Proxies. State adversaries need not act directly. The Houthi campaign in the Red Sea during 2024 and 2025 demonstrated how regional proxies can impose global consequences. Cable cuts to the PEACE system and SeaMeWe-4 disrupted Microsoft Azure services and financial platforms across three continents. Whether these cuts reflected deliberate targeting or collateral damage from anchor mines remains debated. The strategic lesson is clear regardless: localized conflict in critical chokepoints radiates outward through the cable network.
Building the Shield: The Defensive Response
Recognition of the threat has catalyzed an unprecedented defensive mobilization across NATO and allied nations.
At the institutional level, NATO has established dedicated coordination cells for undersea infrastructure protection. The Maritime Centre for Security of Critical Undersea Infrastructure, headquartered at Northwood in the United Kingdom, provides operational coordination. The Critical Undersea Infrastructure Coordination Cell in Brussels handles alliance-wide policy integration. These structures aim to transform cable protection from a national afterthought into a collective security priority. In October 2023, NATO Defense Ministers endorsed the Digital Ocean Vision, integrating satellite, surface, and subsea sensors into a unified diagnostic framework.
Operational presence has intensified in parallel. The Baltic Sentry mission, launched January 2025, deploys multinational naval patrols, complemented by the UK-commanded Nordic Warden mission under the Joint Expeditionary Force, to monitor suspicious vessel activity in real time. The objective is deterrence through presence: making it clear that loitering over cable routes will be observed, documented, and potentially intercepted.
Technological innovation offers perhaps the most promising defensive avenue. Distributed Acoustic Sensing, or DAS, converts existing fiber-optic cables into enormous linear microphones capable of detecting approaching vessels, dragging anchors, or submersible activity at considerable distances. Where traditional cable monitoring required dedicated sensor deployments, DAS leverages the cables themselves as surveillance infrastructure. Complementary technologies, including uncrewed surface vessels like the Saildrone fleets tested by Denmark in 2025 and AI-enabled maritime surveillance systems, can identify vessels operating with disabled Automatic Identification System transponders—the signature behavior of ships engaged in covert operations.
The United States has moved to harden its policy framework. The September 2024 New York Principles, announced at the UN General Assembly, established a baseline for allied coordination on cable security. Team Telecom, the interagency body reviewing submarine cable licenses, now applies explicit national security criteria to landing rights decisions. The Congressional Research Service has outlined the protection issues facing Congress, while Deputy National Security Advisor Anne Neuberger’s January 2025 engagement with Nordic-Baltic allies has produced initial frameworks for unified response protocols.
The European Union has issued recommendations on secure and resilient submarine cable infrastructures and launched an EU Action Plan on Cable Security in February 2025 focused on prevention, detection, response, and deterrence. A memorandum of understanding among Baltic NATO allies and the EU now coordinates rapid-response frameworks, though implementation remains uneven.
The Industrial Bottleneck: Repair as Strategic Vulnerability
Detection and deterrence matter little if damaged cables cannot be rapidly restored. Here the West confronts a critical industrial deficit.
The global cable repair fleet numbers approximately 60 vessels, and 65 percent of these ships will reach obsolescence by 2040. New construction has not kept pace with either fleet aging or the expanding cable network. The economics are challenging: cable ships are expensive to build—$50 to $70 million per vessel—expensive to maintain, and generate revenue only when cables break. Commercial operators, understandably, underinvest in capacity that sits idle during normal operations.
Geographic concentration of repair capacity compounds the fleet shortage. In the Asia-Pacific region, SBSS, a Chinese-linked operator, dominates the repair market. During any Taiwan contingency, or indeed any regional tension involving Chinese interests, Western-aligned nations may find their repair needs deprioritized. A cable cut that might normally require two weeks to fix could stretch to months if the available repair ships are otherwise engaged or simply unwilling to operate in contested waters.
The economic asymmetry favors the aggressor. A planned cable repair, conducted in benign conditions with pre-positioned equipment, costs approximately $500,000 to $1 million. An emergency repair in a conflict zone, requiring hazard pay for crews, military escort, and expedited equipment mobilization, can exceed $12 million. An adversary can impose costs at a ratio of more than ten to one simply by keeping repair crews uncertain about when and where the next cut will occur. TeleGeography estimates that $3 billion in investment is needed by late 2025 merely to maintain the status quo—15 replacement ships, 5 additional vessels, and $200 to $400 million in pre-deployed repair kits.
The Emerging Legal Frontier
The detention of the Yi Peng 3 following its suspected involvement in the November 2024 Baltic cable cuts represented the first meaningful enforcement action under the 1884 Convention for the Protection of Submarine Telegraph Cables in over six decades. The precedent, while encouraging, exposed the inadequacy of existing frameworks.
Current international law treats the high seas as a zone of navigational freedom where vessels may transit without interference absent clear evidence of criminal activity. This framework, sensible for an era of legitimate maritime commerce, creates exploitable gaps for adversaries conducting operations designed to avoid attribution. A vessel can exhibit every behavioral signature of cable sabotage—disabled transponder, erratic course over known cable routes, extended loitering—without providing legal grounds for interdiction. As NATO CCDCOE has analyzed, the UNCLOS framework provides inadequate tools for the current threat environment.
Efforts to close these gaps are underway but incomplete. Proposals to redefine permissible interference with vessels displaying suspicious maritime patterns over critical infrastructure have gained traction among Northern European states most directly threatened. The November 2024 establishment of a UN International Advisory Body for Submarine Cable Resilience represents an initial diplomatic response. The challenge lies in balancing enhanced enforcement authority against the broader navigational freedoms that benefit Western commercial and military operations globally. Any precedent that allows boarding of suspected saboteurs also creates precedent that adversaries may invoke against Western vessels.
The Stakes of Inaction
The submarine cable network represents both the central nervous system of global commerce and a catastrophically under-threatened vulnerability. The emergence of SIEGECRAFT—the deliberate, deniable strangulation of digital infrastructure—has occurred faster than institutional responses can adapt. Recorded Future documented 46 incidents in 2024 alone, the highest annual count since 2013. Adversaries have recognized what defenders are only beginning to acknowledge: that massive economic and military harm can be inflicted through actions that fall below the threshold of armed conflict, conducted by deniable actors, in a domain where observation is difficult and enforcement is nearly impossible.
The path forward requires action across multiple domains simultaneously. Investment in sovereign repair capacity must become a strategic priority, not a commercial afterthought. Rapid deployment of distributed acoustic sensing across all Tier-1 cable routes would transform passive infrastructure into active surveillance networks. Legal frameworks must evolve to enable interdiction of vessels displaying clear patterns of hostile activity, even absent smoking-gun evidence of completed crimes. Satellite-based backup systems, including low-earth-orbit constellations like Starlink and OneWeb, should be positioned as emergency failover capabilities for regions most vulnerable to cable isolation.
Most fundamentally, policymakers must abandon the comfortable fiction that submarine cables exist in a separate domain from great power competition. The seabed has become a battlespace. The cables that carry our data, our financial transactions, and our military communications are under active threat from adversaries who have calculated, correctly, that the benefits of sabotage outweigh the minimal costs of plausible deniability.
In the twentieth century, nations fought for control of the oil flowing through pipelines. In the twenty-first, the contest has shifted to the data flowing through cables. SIEGECRAFT has emerged as the defining methodology of this new competition—patient, deniable, and devastating. The nations that recognize this reality, and act upon it, will retain their place in the global order. Those that do not may find themselves, like the residents of Matsu during their 50-day blackout, suddenly and silently severed from the systems upon which modern existence depends.