Risky game: hybrid attack on submarine cables in the Baltic states

In the days following the Biden administration authorization To provoke Ukraine into invading Russian territory with American-made ATACMS, another hybrid attack on two data cables took place in the Baltic Sea. Cinia, the Finnish state operator of the C-Lion1 cable between Finland and Germany – which is also the only cable running directly between Finland and Central Europe – reported an external force damaged the 1,200 km submarine fiber optic cable off the coast of the Swedish island of Öland. Just a few hours later, the Swedish telecom operator Telia reported damage to the cable between Sweden and Lithuania a short distance away. The Danish Navy did that locked up the Yi Peng 3a ship registered in China, as part of the ongoing investigation. This hybrid attack – likely from Russia – is clearly intended to send a message to Europe and hopes to divide European governments. Russia’s continued hybrid attacks on critical undersea infrastructure (CUI) in the region are a risky play following the declaration by NATO’s Washington summit in July that hybrid attacks could trigger Article 5.

What events led to this latest hybrid attack?

The timing cannot be a coincidence. The week of the hybrid attack marked 1,000 days of fighting in Ukraine. President Joe Biden has now allowed Ukraine to use US ATACMS missiles to attack targets in Russia itself. Furthermore, NATO is currently conduct the Lightning Strike 24 exercise in Finnish Lapland, right on the northern flank of Russia. These exercises together forms the largest artillery exercise in Europe in NATO history.

Targeting submarine infrastructure has become a permanent part of Russia’s hybrid playbook. In recent years, Russia has not only been linked to the collapse of its economy Baltic connector gas line and two data cables between Finland and Estonia, but also the cutting cables outside Svalbard and the Shetland Islands, and is also said to have used spy ships for that purpose scour wind farms in the North Sea and the Baltic Sea in search of vulnerabilities that can be exploited. In fact, this exact scenario already existed floated last year. In the Balticconnector incident, a Hong Kong-registered ship, the Newnew Polar Bear, is believed to be responsible. With the alleged implication of the Yi Peng 3China’s involvement adds China to the mix of countries using the hybrid domain to detect weaknesses and underlines the growing cooperation between China and Russia.

What makes hybrid interference in the Baltic Sea region so attractive? As this and previous cases have shown, targeting the maritime domain is cheap, easy and relatively risk-free. With international laws on freedom of navigation largely unaffected by the war in Ukraine, it is difficult to prevent a ship from being sailed to critical locations and then having to be dragged along the seabed at anchor, for example. Combined with the fact that the Baltic seabed is both relatively shallow and exceptionally well mapped, the proximity of Russian ports in both St. Petersburg and Kaliningrad, as well as the difficulty of first establishing that underground sabotage is intentional, and then attribute to a specific actorthe risk-reward calculation is hard to beat if your goal is to cause as much disruption as possible.

What has the reaction been?

This hybrid attack put Germany at a difficult time for its government. The three-party coalition government collapsed on November 6; a new government will be elected on February 23. German Chancellor Scholz called Russian President Putin earlier this week – their first such call in more than two years. Ukrainian President Zelensky criticized the call for undermining solidarity within the West. Chancellor Scholz is under increasing pressure from his own party. German Defense Minister Boris Pistorius gave the clearest assessment of the attacks. proverb “We must conclude, without knowing exactly who did it, that it is a hybrid action and we must also assume – without knowing – that it is sabotage.”

The joint response to this latest hybrid attack shows incredible unity at European level. The initial joint answer from the Finnish and German foreign ministers in the early stages of this incident was a strong signal. This was followed by one joint statement by the foreign ministers of Germany, France, Poland, Italy, Spain and the United Kingdom, as well as Kaja Kallas, the presumptive High Representative of the European Union for Foreign Affairs and Security Policy, all of whom unequivocally placed the blame on Russia. In their statement, they note that Russia has continuously and systematically attacked the European security architecture. They also bring up the growing cooperation between Iran, North Korea and other partners. Although China was not mentioned, this was before the unveiling of the Yi Peng 3‘s possible involvement.

While some politicians have put forward the activation of both Article 4 and Article 5 of the law North Atlantic Treaty in response to these types of hybrid attacks, they have not done so yet. Article 4 allows NATO allies to consult on a response to a shared threat. This underutilized In the alliance’s more than 75-year history, Article has only been invoked seven times. If something is considered an attack on all NATO allies, it could trigger Article 5, a collective response that has only been activated once (on September 11). The final declaration of the summit conference in Washington in July explicitly acknowledged hybrid interference as a legitimate reason to trigger Article 5. It remains unlikely that NATO will become involved until the Kremlin’s involvement is proven beyond a reasonable doubt.

As with many suspected or confirmed cases of Russian hybrid interference in the West, the main purpose of this latest action (if it turns out to be intentional) appears to be to send a message. In this case, the real-world effects were minimal; Although internet traffic between Finland and Germany was cut off for a few hours, it was quickly rerouted while the cable was repaired (estimated last between five and fifteen days). The damaged cable between Sweden and Lithuania is one of three cables running parallel between the two countries; the two remaining cables were able to pick up the traffic from the third without any problems. Consequently, the actual damage caused consists largely of the inconvenience and cost of repairing the cables, without any tangible or immediate benefits to Russia.

Instead, the publicity is the point. Russia wants to send the signal that it can strike anywhere and anytime, which is fueling fear among the Western public. The fact that two separate cables were damaged so close together supports this hypothesis. After all, damage to just one cable could very plausibly have been dismissed as a mere accident. Russia also wants the West to view its capabilities as greater than they actually are. Despite this act of hybrid interference playing out in the physical world by damaging underwater cables, it is essentially an attempt to influence public opinion and weaken trust in Western governments. This in turn legitimizes and encourages the search for peace with Russia, a dangerous misconception as the illegal war against Ukraine enters its third year. In fact, this wouldn’t be the only message Russia sent this week; on Thursday it launched an intermediate-range missile (IRBM), usually reserved for carrying nuclear warheads, towards the Ukrainian city of Dnipro.

Russia is playing a risky game in its hybrid operations. His attempts to show his strength and weaken confidence in Western governments were met with unequivocal European unity. Closing gaps and increasing protection of critical undersea infrastructure must remain a top priority to further prevent Russia from operating in the gray zone of hybrid threats, aided by its growing list of partners. Otherwise, this will not be the last time Russia sends a signal by attacking critical infrastructure in the Baltic Sea region.