Since the onset of Russia’s full-scale invasion of Ukraine in February 2022, a multitude of foreign policy and national security assumptions about the post-Cold War landscape have been shattered. Over the years, many of these assumptions resulted in a calcification of the parameter space considered for geopolitical and diplomatic policy planning across the Transatlantic community. For example, in the European energy security sphere, the two-decades leading up to Russia’s renewed 2022 aggression against Ukraine saw a focus on the diversification of European energy infrastructure and supplies away from overdependence on the Russian Federation, while regulatory and legal policy aimed to erode Moscow’s monopolistic practices in the European energy sector.
However, the relative level of peace across the Transatlantic community over these decades resulted in a deprioritization of focus on one of the most fundamental of all energy security threats to the region: physical sabotage of energy and critical infrastructure. Policies, technologies, and infrastructure deployment plans to deter the physical targeting and damage of energy and related critical infrastructure by malign actors, both onshore and offshore, atrophied over these years, though the threat has been a historic one.
Attempts to disrupt military communications infrastructure predate the modern era, with examples including the deliberate destruction of coastal or inland semaphore (or optical telegraph) towers during the Napoleonic wars, among other conflicts of the era. The construction of subsea telecommunications and energy connections have served strategic purposes since the mid-nineteenth century and concerns over sabotage have been a hallmark of military planners. These include concerns over cutting subsea telegraph lines that began to be introduced in European waters in the mid-1800s, as well as potential disruption of early subsea hydrocarbon pipelines, such as those developed during the Allied-liberation of Europe following the D-Day landings under Operation PLUTO (Pipeline Under the Ocean). The distributed nature of subsea pipelines and cables has traditionally made these installations difficult to comprehensively defend, and even with the advancement of technological monitoring and geospatial imagers in recent years, they are hardly immune from attack.
Since 2022, northern Europe and the Baltic Sea region have been at the epicenter of a growing threat vector – the deliberate damage of subsea hydrocarbon pipelines, electricity cables, and telecommunications links, which have driven concerns about the security of this offshore infrastructure in a region increasingly targeted by Russians sabotage operations.
In the onshore environment over this period, there have been dozens of sabotage attacks that have been investigated and attributed by national authorities around the Baltic Sea to Russian actors or non-Russian nationals recruited over social media platforms like Telegram to conduct operations to damage critical installations from rail lines, to telecommunications installations, to arson against logistical hubs used to supply Ukraine with defensive weapons. The same cannot be said about the maritime environment across Northern Europe, where the list of incidents involving the likely deliberate damage of subsea critical infrastructure has continued to grow, while attributions against any actor have remained scarce.
Given this reality, a University of Pennsylvania-backed research project – UNDERWATER MAYHEM – was launched in 2023, with the intent to perform an academic investigation of these incidents – a majority of which have taken place in the Baltic Sea itself – using open-source intelligence (OSINT) gathering methods. The objective of the study has been twofold. First, to perform an open-source investigation into the pathologies of these subsea attacks to analyze commonalities and potential trends that can be made available for policymakers and the public to better understand the threat environment and to mount policy actions to deter future incidents like these. Moreover, the study aims to assess the extent to which OSINT tools like commercial multiwavelength satellite data, open-source maritime tracking software platforms, and related open-source industrial databases, can be combined with a wide array of interviews with practitioners of national security policy, experts, and subsea military and industrial operations (e.g. professional and naval divers) to properly characterize potential offshore sabotage events.
A first research report under this project- UNDERWATER MAYHEM (Vol 01) – was published in May 2025 and focused on deep-dive case studies related to the January 2022 cutting of one-of-two of the subsea fiber optic cables linking the Norwegian archipelago of Svalbard with the Norwegian mainland in the Barents Sea, as well as the September 2022 Nord Stream gas pipeline sabotage concentrated at two sites northeast and southeast of the Danish island of Bornholm in the western Baltic Sea.
Additional case studies will be presented in a forthcoming report – UNDERWATER MAYHEM (Vol 02) – slated for publication in 2026, with case studies including a focus on the October 2023 Balticconnector gas pipeline damage (and nearby subsea telecommunications cable cuts), the November 2024 cutting of the Finland-to-Germany C-Lion1 and Sweden-to-Lithuania BCS seabed telecommunications cables, and the December 2025 subsea cutting of the Finland-to-Estonia Estlink2 electricity line and a number of adjacent telecommunications cables – each reportedly by extended anchor drags by nominally civilian ships.
The volume will furthermore probe similar incidents that have taken place in the Taiwan strait region, including the February 2023 cutting of subsea telecommunications cables connecting Taiwan to the Taiwanese Matsu islands, the January 2025 cutting of the Trans-Pacific Express telecommunications cable connecting Taiwan to the United States, Republic of Korea, and Japan, and the February 2025 cutting of a telecommunications cable connecting mainland Taiwan to the Taiwanese Penghu islands. Furthermore, related concerns with the Russian Federation’s seismic exploration for oil and gas within Antarctic waters – a prohibited activity under the Antarctic Treaty System – round out the study.
As the research project continues, a number of trends are already apparent, and Baltic Sea littoral states can lead the way to deter these incidents even beyond existing prudent response actions like NATO’s Operation Baltic Sentry, which was launched in January 2025 to focus on deterrence against further attacks against subsea infrastructure in the region. Just some of the actions that Baltic Sea states can take to further secure offshore critical infrastructure include: invoking NATO’s Article 04 collective consultation mechanism for incidents that are able to be attributed to Russia or Russia-recruited actors (or other malign actors); increasing cross-competency coordination between public and private entities for European energy and critical infrastructure protection in the maritime space; taking steps to support the wider development and coordination of OSINT monitoring technology hardware and data analysis tools to increase the likelihood of rapid attribution against malign offshore actors; and to increase plans for strategic communications to combat disinformation campaigns that have often emanated from Russian sources following sabotage incidents.
The Baltic Sea remains a technically challenging maritime environment to protect offshore infrastructure. Therefore, a continued reorientation by policymakers to focus on physical sabotage deterrence as a principal policy objective under energy and critical infrastructure plans is merited. Not only will such a path support Baltic Sea regional security itself, but Baltic Sea littoral states can provide pathfinding experience that can aid other regions around the world as incidents of underwater mayhem continue to spread.
Benjamin L. Schmitt
Ph.D., Senior Fellow
Department of Physics and Astronomy
Perry World House
Kleinman Center for Energy Policy
University of Pennsylvania
USA
Senior Fellow for Democratic Resilience
Center for European Policy Analysis
USA
Co-founder
Duke University Space Diplomacy Lab
USA
Term Member
Council on Foreign Relations
USA
Twitter: @BLSchmitt
Back to Table of Contents