Hidden lifeline of digital Nordics
Beneath the surface: the role of subsea cables in resilient intercontinental connectivity
Beneath the waves, intercontinental connectivity flows largely unseen. Subsea communication cables carry 99 percent of internet traffic between continents, forming a functional backbone of global digital life and supporting everything from financial systems and government communication to energy control and everyday online services.
For the Nordic region, these cables are more than a technical asset. They are a hidden lifeline, working in tandem with the terrestrial networks, that sustains economic activity, secures defence communication, and ensures citizens remain connected to the world. But in an era marked by growing geopolitical conflict and increasingly complex hybrid threats, this underwater infrastructure is coming under renewed scrutiny. The same cables that make Nordic societies resilient also represent some of their most attractive targets.
A strategic imperative for the Nordics
For the Nordic region, subsea cables can be considered key arteries of connection to Europe, North America, and Asia. Every second, vast amounts of data cross the Atlantic and flow south into the heart of Europe, carrying the signals that keep societies running.
This reliance extends into every corner of Nordic life. Governments depend on secure and instant communication with allies. Banks and payment providers process millions of digital transactions each across these connections. Energy companies rely on real-time control signals to balance electricity grids and manage offshore production. Even public broadcasters and emergency services depend on uninterrupted data flows.
Analysts at the Centre for Strategic and International Studies (CSIS) warn that these global connections are now central to great-power competition, making them increasingly attractive targets for disruption. For the Nordics, which sit at the intersection of transatlantic and Eurasia data routes, the resilience of subsea cables has become a matter of both national security and regional stability.
Cloud services and satellite communication provide some degree of redundancy, but their role is mostly complementary. Satellites can offer a fallback when cables are compromised, yet their capacity remains below what fibre-optic systems deliver. Emerging satellite-to-phone solutions are expected to play a complementary role in ensuring resilience, particularly in rural areas or during outages when terrestrial infrastructure is unavailable. However, the lesson is clear: for the Nordics to remain fully connected, competitive, and secure, the integrity of subsea cables must be safeguarded.
Growing risks and vulnerabilities
The cables that carry the digital lifeblood of the Nordics are a little thicker than a garden hose, yet they carry the capacity to transmit terabits of data every second. Near shore and in shallow waters, they can be ploughed into the seabed or protected with layers of steel armouring to guard against anchors, fishing gear, and other human activity. In the deep ocean, burial is usually not possible, so cables are placed directly on the seabed where they are relatively safe from interference but still exposed to natural hazards such as undersea landslides or earthquakes. At the points where cables come ashore, special attention is paid to reinforcement and monitoring, since landing stations remain among the most critical and vulnerable points in the entire system.
The Baltic and North Sea have already experienced serious incidents. In 2024, two cables – C-Lion 1 between Finland and Germany, and the BCS East-West Interlink between Sweden and Lithuania – were damaged within days of each other. Investigators found strong signs of tampering, highlighting the vulnerability of this infrastructure at a time of heightened geopolitical tension. The same year, Finnish authorities accused a foreign vessel of damaging both a gas pipeline and a communication cable in the Gulf of Finland, a sign of how energy and digital infrastructure are increasingly linked as targets.
These events illustrate the new reality: in times of conflict, subsea cables may be among the first assets to be targeted. However, the threat is not only to the assets on the seabed. Cable landing stations and the management systems that control them are also potential entry points for threat actors. As digital warfare becomes more advanced, the distinction between a physical cut and a cyber-enabled disruption is increasingly blurred.
Building resilience below the surface
The vulnerabilities exposed in recent years have prompted a series of protective measures at European, transatlantic, and national levels. What was once an obscure technical concern has now become a known matter of security and resilience.
In February 2025, the European Union introduced its Action Plan on Submarine Cable Security. The European Commission described it as “a comprehensive plan to enhance the resilience of submarine and energy cables, covering both communication and electricity infrastructure”. The plan organises its measures around four pillars: prevention, detection, response & repair, and deterrence. Among its priorities are investments in smarter, redundant cables, the creation of an EU reserve fleet of repair vessels, and new financing mechanisms to speed up infrastructure upgrades. Just as importantly, the plan emphasises operational coordination across the member states, recognising that a cut in one part of the network can have cascading effects far beyond national borders.
Henna Virkkunen, Executive Vice-President for Tech Sovereignty, Security and Democracy for the European Commission, said, “In response to growing geopolitical tensions, particularly in regions such as the Baltic Sea, the European Commission is taking decisive action to safeguard our critical submarine cable infrastructure. With this Action Plan, we are taking a significant step forward to strengthen their security. We want to make sure Europe is equipped not only to prevent and detect sabotage to cables but also to actively deter, repair and respond to any threat to critical infrastructure that is key to our economy and collective security.”
Security at sea is also being strengthened through NATO. With Finland and Sweden now in the alliance, the Baltics and North Atlantic have become priority areas for surveillance. NATO has expanded patrols using ships, aircraft, and other unmanned systems to monitor activity near critical infrastructure. Discussions are also underway about establishing dedicated emergency fleets that are capable of rapid cable repairs in case of disruption.
Alongside maritime patrols and cable repair fleets, there is also growing recognition of the role satellites and cloud can play in resilience planning. Integrating satellite connectivity into civil contingency frameworks for instance, to support emergency communications, government continuity, and basic service provision, provides an additional line of defence if subsea or terrestrial networks are disrupted. At the same time, ensuring that critical workloads are hosted in resilient and regionally distributed cloud infrastructures can reduce dependency on single transatlantic routes and enable continuity even in the face of major disruptions.
European Satellite Initiatives for Resilience
IRIS² constellation (2025): Flagship EU programme providing secure, multi-orbit connectivity (LEO, MEO, GEO) across Europe. Its explicit goal is to ensure resilience if terrestrial or subsea networks are disrupted, and to reduce reliance on non-European providers.
European operators: Société Européenne des Satellites (SES, Luxembourg) has secured contracts with NATO to deliver secure, low-latency Medium Earth Orbit (MEO) services for defence and government use. Meanwhile, Eutelsat (through its acquisition of OneWeb in 2023) is expanding its European LEO (Low Earth Orbit) connectivity offerings and gaining support from governments seeking alternatives to providers like Starlink.
Resilience function: Satellites extend coverage to remote and maritime areas and provide a fallback in crises, ensuring continuity of government communications, defence operations, emergency services, and basic internet access.
Limitations: Despite advances, satellite capacity remains lower than fibre-optic cables, and systems are vulnerable to jamming, cyberattacks, and space weather. They are therefore best understood as strategic complements, not substitutes, to subsea cables.
On a broader European cybersecurity level, the EU’s official Agency for Cyber Security (ENISA) has issued guidance to improve resilience. It highlights the risks of cable landing stations and management systems, which can be digitally targeted even if the physical cables remain intact. ENISA stresses the need for stronger information sharing, cross-border coordination, and technical standards that integrate both physical and digital defences.
The European Commission has also set up an informal Submarine Cable Infrastructure Expert Group. This group, composed of Member State authorities and EU agencies (with input from bodies such as ENISA), is intended to complement the previously mentioned EU Action Plan on Submarine Cable Security by supporting implementation of its four resilience pillars (prevention, detection, response, recovery, and deterrence). Among this Expert Group’s roles are facilitating rapid information exchange across capitals and Brussels, as well as maintaining an up-to-date map of submarine cable networks across Europe, and rolling these updates into annual resilience planning cycles. Its work serves as the structural backbone of broader actions, such as risk mapping and Cable Projects of European Interest (CPEIs), as well as the development of unified resilience strategies under the EU Action Plan on Submarine Cable Security.
Regional initiatives are also taking shape. The NorthSeal security platform operationalises the Joint Declaration on cooperation to protect critical subsea infrastructure in the North Sea, signed by Belgium, the Netherlands, Germany, Norway, the UK, and Denmark on 9 April 2024. By combining surveillance resources and sharing intelligence, NorthSeal aims to reduce response times and strengthen deterrence in one of Europe’s most critical maritime zones. As Norwegian Minister of Energy Terje Aasland emphasised during the signing of the Joint Declaration: “Together with our neighbours around the North Sea basin, we share a common interest to safeguard our critical infrastructure. This is crucial both in terms of energy security and resilience, and to ensure the safety of those who work offshore. The collaboration of signing this Joint Declaration is a necessary foundation for maintaining overall security and strong evidence of our shared interests. Together, we are stronger.”
Nordic national security agencies share these concerns. The Norwegian National Security Authority (NSM), in its Risk 2025 assessment, warns that “sabotage attempts in Norway are likely” and underlines that “equally important to protective measures is ensuring backup solutions and robust repair capability.” NSM stresses that this applies directly to critical infrastructure such as subsea cables and pipelines.
The Norwegian Police Security Service (PST), in its National Threat Assessment 2025, states that “so-called proxy actors are being used by more states” and notes that Russian intelligence has already carried out “dozens of sabotage actions and disruptive activities using proxy actors” in Europe. While PST’s report does not mention subsea cables specifically, its warning reinforces the heightened sabotage risk to Norway’s critical infrastructure.
On the Swedish side, the Swedish Security Service (Säkerhetspolisen) has documented incidents of cable breaks in the Baltic Sea as part of hybrid threat activity against infrastructure. Sweden’s national risk and vulnerability assessment also highlights sabotage of underwater infrastructure, including subsea cables, as particularly difficult to monitor and protect. This concern was heightened in November 2024, when the Swedish government reacted to a severed communication cable linking Sweden and Lithuania, stating that “safeguarding our shared critical infrastructure is vital to our security and the resilience of our societies.”
A Finnish perspective: a mobile operator’s take on subsea resilience
In Finland, subsea cables are treated as both tactical and strategic assets. As a critical operator, Telenor’s Finnish operation DNA owns cables while also leasing capacity from others, ensuring multiple routes for operational continuity. These links, together with cross-border landline connections and satellite, form the backbone of Finland’s international connectivity and economic competitiveness.
DNA CEO Jussi Tolvanen emphasizes that “the resilience of these connections cannot be built in isolation.” The company collaborates closely with other cable owners and national authorities such as the National Emergency Supply Agency (NESA) and Traficom, reinforcing a Finnish approach in which competitors set aside market rivalry to protect society’s critical infrastructure.
Recent disruptions in the Baltic – such as the C-Lion 1 cut – confirmed the importance of redundancy. DNA’s customers experienced no service impact thanks to alternative routes, but internal and national processes were further strengthened to ensure continuity following the incident. The company applies an “n + 1” principle, meaning that beyond a single backup route, there is always at least one additional layer of redundancy for unexpected circumstances. Jussi Tolvanen adds, “Just as every Finn has access to a bomb shelter, our digital infrastructure is built with continuity in mind.”
Resilience efforts extend beyond cables. DNA is testing satellite links as a complementary safeguard, as well as landline connections to neighbouring countries. At the national level, it contributes threat assessments and expertise to ensure that policymaking is informed by real risks that operators see in the field. For DNA, safeguarding subsea infrastructure is not about competition, but cooperation – a mindset that reflects Finland’s tradition of unity in safeguarding society as a whole.
Iceland unconnected: testing life without cables
To test the real-world resilience of subsea cable-dependent connectivity, Iceland’s CERT-IS (the country’s computer emergency response team) led a national drill in early 2025. The exercise simulated the simultaneous failure of all three of Iceland’s subsea cables, some of which run through deep ocean trenches, where repairs can take weeks or even months.
Telenor spoke with Guðmundur Arnar Sigmundsson, director of CERT-IS, who explained:
“The cables to Iceland lie in the very deep sea in parts. If they all broke at once, we’d be looking at repair that would takes weeks and months. At that time, we would have to rely on very limited, prioritised bandwidth via satellite.”
While the government considers such a scenario unlikely, Sigmundsson emphasised that the consequences of such an event would be “extremely disruptive” for Iceland. The exercise highlighted the importance of preparing for limited connectivity and prioritising critical services.
Reflecting on the drill, Sigmundsson commented: “Given how a desktop exercise can only give us speculative answers to the risk, I was pleasantly surprised to see the deep involvement and engagement of all the specialists participating. More worryingly, I was surprised to see how cross-dependencies between different sectors can have a disruptive effect, in the unlikely scenario where Iceland loses all connectivity to the mainland.”
Satellite and other fallback solutions were considered vital for maintaining critical services hosted abroad. “Even though the bandwidth and experience is limited, it can be prioritised to keep all essential Icelandic services up and running,” added Sigmundsson.
When asked about Nordic or European cooperation to strengthen subsea cable resilience, Sigmundsson said: “Generally speaking, it is easy to point towards stronger cooperation on patrolling the seas where risk is present, along with agreements between nations on incident response processes.”
The results from this exercise serve as an important reminder for Iceland and other nations: connectivity is not just a convenience. It’s a strategic lifeline that demands both national readiness and international coordination.
Call for more coordinated protection
As one of the largest operators of critical infrastructure in the Nordics, Telenor plays a direct role in safeguarding the connectivity of the region. The company has joined forces with other European telecom operators in signing an Open Letter to the EU, UK, and NATO, pushing for a more coordinated approach to the protection of subsea infrastructure. In that letter, the operators warned that “Europe’s digital lifelines are vulnerable, and their protection requires harmonised approaches across borders”. The letter also called for “joint surveillance and investment in detection and rapid repair technologies, supported through strong public-private partnerships”.
Europe’s digital lifelines are vulnerable, and their protection requires harmonised approaches across borders
From Telenor the message is clear: no single operator or nation can shoulder this responsibility alone. Public-private partnership is essential to ensure that the protective measures are sustainable, scalable, and grounded in real operational needs. Telenor asserts that regulatory frameworks should be proportionate and risk-based, with firm requirements where they are most critical, while also enabling innovation and collaboration across borders.
Redundancy is another key principle. While subsea cables carry the majority of Nordic data traffic, satellites remain an important back-up. Telenor supports efforts to integrate satellite communication into the broader resilience strategy, as a complement to both subsea and terrestrial connections. A layered model of resilience, combining subsea, with land-based, and satellite connectivity, offers the strongest defence against both accidents and deliberate attacks.
Overall, Telenor views cable security as part of the wider responsibility in which the operators, who manage society’s critical digital backbone, play a critical role. By contributing with expertise, advocating for common standards, and investing in resilience, Telenor intends to be a partner to governments, allies, and industry peers in protecting what lies beneath the surface.
Protecting what connects us
Subsea cables are a hidden foundation of Nordic connectivity. They play a central role in carrying the communications that bind governments, businesses, and citizens, and their protection has become a strategic imperative. The incidents in the Baltic Sea revealed how quickly vulnerabilities can be exploited and how easily societies can be destabilised if this infrastructure fails.
Safeguarding these lifelines requires more than technical upkeep. it calls for sustained investment, cross-border cooperation, and strong public–private partnerships. Resilience will depend on more than one layer of defence. By combining robust protection of subsea infrastructure with secure mobile networks, and by using satellite communication and cloud as complementary backups, the Nordics can strengthen both digital sovereignty and crisis preparedness.
Only through collective action can the Nordics secure the infrastructure that carries our data, sustains our economies, and underpins societal continuity in an increasingly uncertain world.