In December 2024, a Chinese-flagged vessel dragged its anchor across two subsea cables in the Baltic Sea. It was not the first such incident in the region, and few analysts expect it will be the last. The event crystallised a concern that has been building in the subsea sector for several years: that cables, once treated as commercially sensitive but strategically neutral assets, are now being treated as targets.

For data centre operators and enterprise technology leaders, this is not a distant geopolitical abstraction. The cables that carry cross-border cloud traffic, financial settlement data, and AI model outputs are physical objects, laid on the seabed, vulnerable to ships, anchors, trawl nets, and, increasingly, to deliberate interference. Understanding that vulnerability is now part of responsible infrastructure planning.

Grey-zone conflict and the attribution problem

What makes the current threat environment particularly difficult to manage is its ambiguity. Most incidents fall into what security analysts describe as grey-zone activity – actions that are probably deliberate, possibly state-directed, but rarely conclusively attributable. The commercial shipping lane that crosses a major cable route provides convenient cover. Proving intent in international waters is an exercise in diplomatic frustration.

Maxie Reynolds, founder at Subsea Cloud, has been examining this problem closely. The strategic challenge, she argues, is building frameworks where monitoring, incident response, and attribution can exist without breaking the cross-border commercial model that makes the global internet function. That is a harder ask than it sounds. International cables cross multiple jurisdictions, are maintained by consortia of competing carriers, and land in countries with very different attitudes towards state intervention in private infrastructure.

Valentino Giuseppe, VP product management at Sparkle, frames the issue in terms that will resonate with any organisation doing business in multiple markets. The possibility that infrastructure so crucial to global connectivity could be targeted in scenarios of hybrid conflict has prompted governments to consider preventative and deterrent measures that would have seemed excessive just a decade ago.

Technology is advancing faster than governance

The good news (and there is some!) is that the technology for monitoring and protecting subsea cables is advancing rapidly. Fibre sensing distributed acoustic monitoring, and AI-enabled fault detection are transforming cables from passive data conduits into active surveillance infrastructure. Operators can now detect anomalous vessel behaviour, identify the acoustic signatures of dragging anchors, and flag potential interference in near real time.

Giuseppe is candid about what this represents. Emerging technologies like fibre sensing are transforming submarine cables into real-time monitoring tools. Cables are no longer just data carriers — they are becoming sensors in their own right, generating intelligence about the physical environment through which they pass.

The governance frameworks to act on that intelligence, however, are lagging badly. Reynolds poses the question that keeps network security teams up at night: Most networks can survive a single cable cut, but can your customers survive multiple correlated failures happening simultaneously?

The industry sees an average of 150 to 200 cable faults per year, the majority caused by human activity. A coordinated campaign of disruption (even one that stayed below the threshold of armed conflict) could overwhelm existing repair capacity and leave significant portions of the global internet degraded for weeks.

What operators and policymakers should be doing now

Reynolds is direct about the state of readiness. The subsea market remains segmented, she says, with no common platform for coordination across operators, governments, and repair contractors. Cross-border regulatory alignment, which would allow repair ships to respond quickly across jurisdictions without lengthy permitting delays, is still largely aspirational. European repair infrastructure in particular faces gaps in workforce capacity that are unlikely to close quickly.

For technology and data centre executives, the practical implication is this: connectivity risk is no longer simply about network uptime. It is about understanding which physical routes your critical traffic traverses, which geopolitical environments those routes pass through, and what contingency exists if multiple links fail simultaneously. That analysis belongs in the risk register alongside more familiar concerns about cybersecurity and power supply. The era in which subsea cables could be treated as someone else’s problem is over.

Subsea Sector Report

This article is drawn from Capacity’s State of the Sector: Subsea report, produced in partnership with senior figures from across the submarine cable ecosystem. Through a series of in-depth conversations with operators, investors, and technology leaders – including Carl Grivner of FLAG, Ana Nakashidze of AzerTelecom, Maxie Reynolds of Subsea Cloud, and Valentino Giuseppe of Sparkle. The full report, which examines capacity demand, hyperscaler influence, technological innovation, and the geopolitical pressures facing the sector, is available to download now.

RELATED STORIES

Coming to the Balkans: the gateway to a digital future

Navigating seas of change at a crossroads of connectivity