Workers install the 2Africa undersea cable on the beach in Amanzimtoti, South Africa, February 7, 2023. REUTERS/Rogan Ward

Cable Danger: Look Beyond the Sea to the Shore

After multiple attacks on Baltic Sea cables, NATO governments are increasing protection of undersea infrastructure. They should pay more attention to risks on land.

By Barbara Paoletti

May 18, 2026

At 3:00 a.m., operators at a cable landing station lose visibility. Minutes later, backup generators fail. Traffic reroutes, creating congestion. What initially looks like a cyber incident quickly becomes something else: a coordinated attack on one of the land-based facilities where undersea cables connect to national communication networks.

Although hypothetical, the scenario highlights why governments should not focus only on safeguarding undersea cables. They should also protect cable landing stations.

Since late 2023, at least 11 undersea cables and pipelines have been damaged in the Baltic Sea. European officials and security analysts increasingly view the incidents through the lens of hybrid attacks. Investigations into several Baltic infrastructure incidents have focused on civilian commercial vessels — including ships associated with Russia’s “shadow fleet” and Chinese-operated carriers — suspected of dragging anchors across critical energy and telecommunications corridors.

In response, NATO has expanded maritime patrols for seabed monitoring. Suspicious vessels near critical infrastructure draw immediate attention.

Risks to vulnerable landing stations require similar, heightened attention. Cable cuts, while disruptive and potentially disastrous, have not yet caused a systemic internet collapse. Online traffic rerouted, and despite disruption, networks proved resilient. When multiple cable systems converge at a small number of onshore facilities, the risks of a broad outage to entire networks increase.

Get the Latest

Yet until recently, many landing stations have been treated more as commercial telecom facilities than strategic infrastructure. Independent analysis points to landing stations as an overlooked part of the broader undersea cable security challenge. ENISA, the European Union’s cybersecurity agency, has warned that landing stations can be vulnerable to both physical and cyber threats, including sabotage, espionage, and disruptions.

Operations against deep-sea infrastructure require specialized vessels, technical capabilities, and access to difficult maritime environments. Enemies need to sever multiple subsea cables to create serious disruption. Cable landing stations, by comparison, are fixed sites. While some are heavily secured, others are not. They connect huge amounts of international internet traffic flow into domestic networks. Some handle multiple cable systems.

In the US, a small number of landing sites carry a large share of transatlantic traffic. Many are located near ports, industrial zones, or commercial telecom infrastructure that were not designed with today’s security environment in mind. Interfering with routing systems, operational technology, or power infrastructure at key landing points could trigger a domino effect. The threat is not just physical sabotage. Landing stations create opportunities for cyber intrusion, espionage, and attacks that combine physical and digital disruption.

How to respond? Governments would benefit from developing clear national standards for securing cable landing stations, including physical access controls, authorized entry requirements, perimeter security, and reliable backup electrical power. Policymakers should also look at whether some systems can be rerouted through additional or geographically dispersed landing points. Alongside increased physical security, cyber defenses should be strengthened to prevent malicious software or unauthorized access from disrupting network management systems.

The most exposed part of the network may not be the cable at the bottom of the ocean. It may be the infrastructure waiting for it on land.

Barbara Paoletti is a former US Department of State senior policy and program advisor. Her work has focused on national security, cross-border regional engagement, and strategic infrastructure issues across Europe, Asia, and Africa, including digital connectivity, cybersecurity, emerging technology, and energy security. She has experience working within the United Nations and the OSCE, as well as across government, industry, and multilateral partners.

Bandwidth is CEPA’s online journal dedicated to advancing transatlantic cooperation on tech policy. All opinions expressed on Bandwidth are those of the author alone and may not represent those of the institutions they represent or the Center for European Policy Analysis. CEPA maintains a strict intellectual independence policy across all its projects and publications.