Geopolitical tensions and infrastructural vulnerabilities are increasing risks to global submarine cable systems, crucial for internet and telecommunications connectivity. State-linked sabotage, particularly involving Russia and China, combined with limited repair capacity, raises the likelihood of prolonged outages in key regions. #SubmarineCables #Russia #China
Keypoints
- There were 44 publicly reported submarine cable damages in 2024 and 2025, with unknown causes (31%) and anchor dragging (25%) as leading factors.
- Significant outages occurred due to damages in the Red Sea, West Africa, and South Africa, exacerbated by lack of redundancy, route diversity, and repair capacity.
- Four incidents in the Baltic Sea and five around Taiwan involved suspected Russian- or China-linked vessels dragging anchors near cables.
- Geopolitical conflicts, such as Russia’s war on Ukraine and China-Taiwan tensions, are primary drivers of state-linked sabotage targeting submarine cables.
- Limited global repair capacity and regulatory delays prolong repair times, increasing vulnerability to outages.
- Joint public-private partnerships focusing on investment in cable maintenance, improved monitoring, and security measures are critical for resilience.
- Satellite and microwave links provide only partial bandwidth recovery during outages, emphasizing the importance of submarine cable infrastructure.
MITRE Techniques
- [T1530] Data from Network Shared Drive – Usage of anchor dragging as a low-sophistication tactic to target submarine cables while maintaining plausible deniability (“anchor dragging, which states can use as a low-sophistication tactic to target adversaries’ critical infrastructure”).
- [T1499] Endpoint Denial of Service – Sabotage efforts causing prolonged destruction and outages to submarine cables resulting in significant service disruptions (“damage to multiple submarine internet cables resulting in substantial and prolonged disruption”).
- [T1091] Replication Through Removable Media – The targeting of clustered cable landing stations to simultaneously disrupt multiple cables (“landing sites … have nearly all been developed to support multiple submarine cables”).
Indicators of Compromise
- [Vessel Identifiers] Suspicious vessels linked to Russia and China involved in anchor dragging near cables – examples include Russia- or China-linked vessels operating under opaque ownership in the Baltic Sea and Taiwan regions.
- [Cable System Names] Damaged cables – Asia Africa Europe-1 (AAE-1), Europe India Gateway (EIG), SEACOM, West African Cable System (WACS), Africa Coast to Europe (ACE), MainOne, SAT-3, Eastern Africa Submarine System (EASSy).
- [Incident Locations] High-risk regions for cable damage and outages – Red Sea, West Africa (Côte d’Ivoire), South Africa, Baltic Sea, Taiwan, and critical landing stations in Florida and Marseille.
- [Regulatory Delays] Notable regulatory and permitting delays – Indonesian waters affecting SeaMeWe-5 cable repairs, Yemeni government restrictions delaying Red Sea cable repairs.
Read more: https://www.recordedfuture.com/research/submarine-cables-face-increasing-threats