Up to 99% of global data runs through undersea cables, most of which are in relatively shallow water and therefore easy to find, with their locations publicly available to aid navigation and minimise accidents. TeleGeography’s submarine cable map shows 597 cable systems and 1,712 landings that are currently active or under construction and the number is growing, especially with tech companies laying their own cables; Amazon, Google, Meta and Microsoft now reportedly control around half of undersea bandwidth worldwide. These cables are vital to global data transmission, facilitating trillions of dollars’ worth of financial transactions a day, carrying sensitive government communications, and delivering calls and emails around the world.

These cables, like other seabed infrastructure such as oil and gas pipelines or offshore wind farms, are vulnerable to accidents and difficult to protect. An estimated 150 to 200 undersea cables are disrupted annually, mostly due to unintentional damage caused by fishing nets, anchors, underwater landslides or earthquakes, sinking ships or even shark bites. However, they also make a good target for malicious actors, both for espionage and destruction. It is difficult to distinguish between a deliberate attack and an accident, enabling perpetrators to operate in a ‘grey zone’ of deniability. While Russia has a long history of using ‘research vessels,’ believed to serve as espionage platforms, to map and monitor subsea infrastructure, Chinese ships have been involved in an increasing number of incidents of damaging cables and pipelines by dragging anchors over them, often suspected of being deliberate acts.  As part of an open-source intelligence project, Silobreaker’s analyst team uncovered various suspicious subsea cable destruction incidents, outlined in the blog below. 

Since 2023, there has been a notable increase in incidents of suspected intentional damage to submarine cables. While there is no publicly available information about deliberate sabotage from the Americas and Africa, reports emerged in 2024 of Yemen’s Houthi rebels having potentially been involved in damaging cables in the Red Sea. A few global ‘hot spots’ of damage stand out though, namely the seas around Taiwan, the Baltic Sea, and the North Sea. Since October 2023, at least 11 incidents of submarine cables and pipelines being cut or damaged occurred both around Taiwan and in the Baltic Sea, while Russian spy ships have been observed mapping subsea infrastructure in the North Sea and the Irish Sea. Authorities investigating the incidents have faced the challenge of proving intent. While the investigations have uncovered potential negligence and poor maintenance of the ships, no proof of orders from governments have so far been found. However, as a blog by TeleGeography puts it: ‘any sufficiently advanced incompetence is indistinguishable from malice.’

Damage to submarine cables in the Baltic Sea

Suspected sabotage has been on the rise in the Baltic Sea since September 2022, when a series of underwater explosions rendered the Nord Stream pipelines inoperable. In October 2023, the Balticconnector subsea gas pipeline linking Finland and Estonia was damaged, simultaneously with a data cable between the two countries. An investigation traced the cause to an anchor dragged across the seabed, and identified a Hong Kong-flagged cargo ship, NewNew Polar Bear, which had sailed from Russia’s Ust-Luga port. China later confirmed that the ship was responsible, referring to it as an accident caused by a severe storm. Investigators in Finland and Estonia have remained sceptical, though, arguing that a crew would notice and stop the ship if an anchor was down by mistake and would not engage in extended dragging.

In November 2024, the BCS East-West Interlink submarine telecommunications cable connecting Sweden and Lithuania was cut, while the C-Lion1 between Finland and Germany, the only direct submarine cable connecting Finland with Western Europe, was damaged a day later. A Chinese-flagged bulk carrier, Yi Peng 3, had been present in the vicinity of both incidents, sailing without an AIS signal. Investigators suspected that the ship, which had also sailed from the port of Ust-Luga, had dragged its anchor for 160 kilometres and cut the cables. In December 2024, Swedish, Finnish, German, and Danish investigators were allowed onboard as observers during a Chinese-led investigation. The ship ultimately sailed onward with no charges, reflecting the difficulty of finding proof and highlighting the challenge faced by local navies as they have limited authority to interdict a ship in international waters and investigate it without flag-state consent.

On December 25th, 2024, the EstLink 2 undersea power cable connecting Finland and Estonia was cut, just a few months after it had been repaired following an earlier outage. Four telecom cables linking Finland and Estonia were also damaged at the same time. Finland arrested a Russia-linked ‘shadow fleet’ tanker, Eagle S, with an investigation revealing that the ship had damaged the infrastructure by dragging its anchor for more than 100 km. The investigators noted that for such an accident to occur, a crew would have to make multiple sequential errors and that it would be difficult not to notice an anchor dragging, as the ship would go off course. Finland later released the ship and most of the crew, while three suspects still under investigation have been prohibited from leaving the country.

The seabed infrastructure in the North Sea as a target

In 2023, intelligence services of the Netherlands, Belgium, Denmark, and Norway warned that Russia has been mapping the North Sea infrastructure, including gas pipelines, offshore wind farms, and data cables. A Russian vessel, Admiral Vladimirsky, officially an expeditionary oceanographic ship, had sailed around the Baltic Sea and the North Sea, with its route passing current and future offshore wind farms. The intelligence agencies claim that Admiral Vladimirsky is in fact a Russian spy ship and associated its journey with mapping out energy and communication infrastructure for sabotage plans in preparation for a possible conflict with the West.

Even before 2023, suspected sabotage has been observed in the North Sea. In November 2021, a Norwegian undersea surveillance cable, LoVe Ocean Observatory, was found severed, with a 10 km section missing. The surveillance system is crucial for detecting passing submarines and had only been declared fully operational in August 2020. Russian sabotage to blind NATO sensors was suspected to have been behind the damage. In early 2022, one of the two data cables connecting Norway with the Svalbard Satellite Station, one of only two stations in the world that can communicate with satellites in polar orbits, was cut. An investigation concluded that the damage was not caused by natural phenomena, leading to suspicions of human involvement.

Telecommunication cables in the Taiwan Strait under attack

The telecommunication cables connecting Taiwan’s main island to its outlying islands have been repeatedly cut since 2023. In February 2023, two communication cables near the Matsu Islands were severed in two separate incidents within one week, leaving the islands to rely on a limited radio backup, with internet bandwidth reportedly at only 5% of normal capacity. Taiwan suspected two Chinese ships, a fishing vessel and a freighter that were in the area at the time. While the authorities did not identify the ships by name and found no clear evidence to suggest that the damage was intentional, local officials described the incident as a ‘warning to Taiwan.’

In January 2025, the Trans-Pacific Express (TPE), a submarine telecoms cable linking China, South Korea, Taiwan, Japan, and the United States, was severed off Taiwan’s northern coast in an action deemed almost certainly intentional. Taiwan’s Coast Guard Administration (CGA) located a Chinese-owned freighter in the vicinity, with its AIS transponders turned off just before the incident. The CGA requested the ship to return for an investigation, but it declined to halt and exited Taiwan’s waters. The vessel was initially identified as the Shunxing-39, a ship that does not exist in the records of the International Maritime Organisation (IMO). It was subsequently suspected of using two AIS devices and identities: its real name, Xing Shun 39, and a closely matching fake name, Shunxing-39, and creating an interrupted AIS record by switching back and forth between the two.

A month later, the CGA detained Hong Tai 58 together with its Chinese crew after a submarine communications cable linking Taiwan’s main island with the Penghu Islands was severed. The CGA had reportedly been monitoring the ship as it had been loitering in the vicinity of the cable. When the CGA’s patrol boat radioed the freighter, its crew said the ship’s name was Hong Tai 168, which contradicted the name Hong Tai 58 shown by its AIS. In April 2025, Taiwanese authorities charged the captain, the first such prosecution by Taiwan over damaging a sea cable.

Specialised units and equipment to target maritime infrastructure

For years Russia has been developing capabilities to monitor and destroy undersea infrastructure. Russia’s Ministry of Defence operates a highly secretive organisation called the Main Directorate for Deep Sea Research (GUGI) that is responsible for deep-sea missions of intelligence collection, sabotage, and surveillance on maritime infrastructure. The agency owns specialised deep-sea submarines, nuclear-powered submarines as their motherships, and surface vessels, nominally research ships. The ships, including the oceanographic research vessel, Yantar, have been repeatedly spotted near undersea infrastructure. In November 2024, Yantar was escorted out of the Irish Sea after patrolling an area containing critical subsea energy and telecommunication infrastructure.

Although Chinese vessels involved in many incidents have not used advanced technology and have just dragged their anchors on the seabed, China appears to have developed specialised equipment for cutting undersea cables. A Chinese patent application for a ‘dragging type submarine cable cutting device’ shows that it was developed with the intention to sever cables ‘quickly and cheaply.’ The China Ship Scientific Research Centre has also developed a special deep-sea device for cutting undersea cables, which can operate at depths of up to 4,000 metres, twice the maximum operational depth of existing subsea infrastructure.

Closing thoughts: Threats to seabed infrastructure

The undersea infrastructure is largely unguarded, and it is challenging to monitor it. Its exact positions are publicly available, creating a tempting target for adversaries who can inflict significant damage. In 2023, US military officials called the threat to undersea cables ‘one of our greatest vulnerabilities’, noting that Russia could sever multiple cables to cause chaos in the event of a broader confrontation. Undersea infrastructure will remain a vulnerable target, due to attractiveness of the data they carry, the effect their disruption can create and the fact that these vulnerabilities are not easy to overcome. The incidents have shown that specialised equipment is not needed, with commercial shipping easily used to damage cables and pipelines in shallow seas.

The current legal framework makes it difficult to deal with such incidents when it comes to attribution, jurisdiction, and clear legal authority. There is no effective procedure for holding perpetrators accountable for damage in international waters. Under the UN Convention on the Law of the Sea (UNCLOS), jurisdiction lies with the flag-state of the ship or the country of the captain’s citizenship, leaving affected parties with limited toolsets for enforcing measures against ships suspected of causing damage. However, the increasing number of incidents is likely to lead to further mitigation steps. Taiwan, for example, is considering satellites as a solution and has launched a programme to improve data resilience, using international satellite providers. Defending the subsea infrastructure is also increasingly factored into defence planning. European countries, NATO, and the US are all taking measures to safeguard subsea infrastructure and many navies are now focusing on what they call the ‘seabed warfare.’ Such changes may well lead to further considerations surrounding subsea cable damage or sabotage, including a possible revision of the current legal frameworks.