Abstract

Strategic Intelligence Summary (SIS/BLUF)

The “real situation” of undersea cables in 2026 is a paradox: the global economy is more dependent than ever on seabed infrastructure, while the security model remains structurally underbuilt for the threat environment that has emerged since 2022. The global network is commonly described as roughly 500 operational and planned telecommunications cable systems spanning more than 1.7 million kilometers of subsea routes, an order of magnitude that underscores both scale and attack surface. This framing was reiterated publicly in the Porto summit communications and broader UN-linked reporting around the International Submarine Cable Resilience Summit 2026. (Source – ITU – 3 Feb 2026) (Source – Global Issues/UN – 3 Feb 2026)

At the same time, submarine cables carry approximately 99% of global Internet traffic / international data exchanges (terminology differs by institution, but the operational conclusion is stable): when subsea connectivity degrades, the failure cascades through financial transactions, cloud services, government communications, and telecom backhaul. The ITU has repeatedly anchored this figure in official materials and statements. (Source – ITU – 29 Nov 2024) (Source – ITU Backgrounder – n.d. (as of 2024/2025))

The reality is not that cables are “easy to cut.” The reality is that the global system is optimized for peacetime efficiency and commercial routing, not adversarial pressure. Most faults are still caused by accidents (anchors, trawling, seabed movement). Yet the strategic risk has shifted because:

• the geopolitical value of disruption is rising (coercion, signaling, pre-positioning, wartime shaping),
• the density of traffic along chokepoints and shallow corridors is increasing systemic fragility, and
• the environment now includes credible hybrid warfare incentives where attribution is contested and deterrence is weak.

The 2026 International Submarine Cable Resilience Summit in Porto, Portugal is best interpreted as an explicit acknowledgment by states, regulators, and industry that the old posture is insufficient. It produced a declaration and recommendations emphasizing faster repair, readiness, investment, and protection of underserved regions, with the ITU Secretary-General Doreen Bogdan-Martin publicly stating that resilience is an end-to-end necessity and a shared responsibility. (Source – ITU – 3 Feb 2026)

However, summits do not change seabed geometry. Over the next 5 years (2026–2031), the threat will likely evolve in three coupled directions: (1) more frequent “ambiguous” physical incidents in contested waters, (2) more sophisticated cyber-physical exploitation of cable-adjacent systems (landing stations, network management, maritime data), and (3) institutional hardening (especially in Europe) that improves detection and response but also increases regulatory fragmentation and strategic competition around “trusted” supply chains.

India’s Man-Portable Autonomous Underwater Vehicles (MP-AUVs): Advancing Indigenous Mine Countermeasure Capabilities in 2025

Methodological Audit & Confidence Scoring

This abstract integrates: official institutional outputs from ITU and EU bodies; alliance posture statements from NATO; incident reporting by reputable media; and specialist policy/industry analysis. It separates (A) directly sourced facts from (B) professional analytic judgments.

Admiralty Code adaptation (for reader comprehension):

• A1–B2 (Higher confidence): official ITU and EU publications; formal legal texts; direct summit communications.
• B2–C3 (Moderate confidence): reputable wire services and major outlets describing incidents where technical attribution is still evolving.
• C3–D4 (Analytic/sector reports): think tank and risk intelligence assessments; useful for pattern recognition but more interpretive.

Confidence anchors:

• High confidence that the system remains accident-prone and geopolitically exposed, and that multi-actor protection frameworks are expanding rapidly in 2025–2026, especially in EU and NATO contexts. (Source – EU Press Corner – 20 Feb 2025) (Source – NATO – 14 Jan 2025)
• Moderate confidence on specific adversary intent for any single cable incident absent legal/technical final determinations; ambiguity is intrinsic to the domain.
• High confidence that chokepoints (notably Bab el-Mandeb / Red Sea) represent outsized systemic risk, validated by repeated disruptions and the concentration of routes. (Source – AP – 8 Sep 2025)

Power Topography (Actor Mapping) — Who Shapes Outcomes

A realistic “Invisible Cabinet” for subsea infrastructure is not dominated by presidents and prime ministers alone. It is governed by a tight interlock of:

• Cable consortia and hyperscalers
  Major cloud and platform firms increasingly co-finance and co-own long-haul capacity, aligning route decisions with data-center geography and latency economics. Their incentives prioritize resilience, but also concentrate governance in private hands with strategic externalities for states (national security dependence on corporate routing). This is not inherently malign; it is structurally powerful.
• Specialist marine operators and repair fleet holders
  Repair capacity is a hidden strategic asset. Where cable ships are scarce or politically constrained, downtime grows. The most consequential “hard power” lever may be how quickly a state or coalition can authorize access, mobilize a repair vessel, and secure operating conditions.
• Regulators and international standard-setters
  ITU convening power is rising via resilience summits and advisory bodies, especially after Abuja 2025 and Porto 2026. (Source – ITU (Nigeria Summit) – n.d.) (Source – ITU – 2 Feb 2026)
  In parallel, EU regulation is moving from “telecom policy” to “critical infrastructure security,” explicitly covering both communications and electricity subsea cable infrastructure. (Source – EUR-Lex – 21 Feb 2025)
• Navies, coast guards, and maritime domain intelligence providers
  Alliance posture is shifting toward persistent monitoring and selective presence missions. NATO’s creation of operational initiatives to increase undersea infrastructure security signals that cable protection is now treated as a continuous security mission rather than a niche contingency. (Source – NATO – 14 Jan 2025)
• Grey-zone operators and sanction-evading logistics networks
  A new class of maritime ambiguity is emerging: vessels operating under complex ownership structures, “flags of convenience,” and opaque insurance, creating a permissive environment for coercion-by-incident. Even when the proximate mechanism is an anchor, the strategic system must now consider the possibility of intentionality and rehearsal.

Red Sea Submarine Cable Disruptions and Microsoft’s Surveillance Collaboration: Geopolitical Impacts on Global Connectivity and Privacy in 2025

Phase 1 Collection Simulation — What Must Be Triangulated

The Shadow Nexus: “Redlines,” international law, and state-capture indicators

Undersea cables are governed by a web of maritime norms and enforcement gaps. The system’s weakness is not absence of law; it is the mismatch between legal categories (accident, negligence, sabotage, armed attack) and the reality of plausible deniability. Many protective measures rely on domestic enforcement (cable protection zones, anchoring rules, penalties), and these vary widely.

The International Cable Protection Committee (ICPC) codifies best practices such as cable protection zones, routing considerations, and government enforcement tools, while warning that mandatory corridors can unintentionally increase clustering and systemic risk. (Source – ICPC Best Practices PDF – n.d.)

State-capture indicator set (analytic framework):

• regulatory decisions that systematically privilege single-route concentration over redundancy,
• port/repair licensing that creates a de facto monopoly aligned with political interests,
• opaque public-private arrangements where cable landing rights become leverage in unrelated negotiations (sanctions, defense basing, investment flows).

This is not an accusation; it is a risk model. The key point is that cables are now sufficiently strategic that “routine” regulatory actions can become instruments of power.

Techno-Geopolitics & supply chain chokepoints

The cable system is not just glass fiber on the seabed. It is:

• landing stations (often lightly defended),
• repeaters and power feeding equipment,
• terrestrial backhaul into metro networks,
• network management systems, and
• the specialized industrial base that manufactures, lays, and repairs cable systems.

Supply chain security is therefore a dual contest: component integrity and capacity scalability. The EU approach is moving toward “projects of European interest,” repair capacity modules, and “smart” cable capabilities (monitoring components integrated into infrastructure). (Source – European Commission – 23 Oct 2025) (Source – Submarine Networks (summary) – 7 Feb 2026)

Kinetic-to-cognitive correlation: when seabed events become narrative operations

Cable incidents are uniquely suited to information operations because:

• attribution is slow and technical,
• partial outages look like “mystery sabotage” even when accidental,
• markets and publics react immediately,
• policymakers face pressure to respond before facts are settled.

In this environment, the operational playbook often becomes: create uncertainty, amplify fear, force resource diversion, and test political thresholds. Even if an incident is accidental, adversaries can weaponize the narrative.

Advanced FININT & sanction evasion: maritime opacity as an enabling layer

Future cable disruption risk is tightly linked to the broader maritime grey economy:

• complex beneficial ownership chains,
• “flags of convenience,”
• ship-to-ship transfers,
• ports and registries with weak enforcement,
• insurance structures that reduce accountability.

This matters because the most realistic “attack” on cables at scale may not look like a commando operation; it may look like routine maritime behavior that is difficult to prosecute and easy to deny.

China’s AI-Powered Supercavitating Torpedo: Advancing Underwater Warfare through Machine Learning and Physics-Based Modeling

The “Real Situation” in 2026 — Physical Reality, Not Myth

The system is massive, but brittle in specific places

Most of the world’s seabed is not equally important. Strategic risk concentrates where cables:

• run in shallow waters near busy shipping lanes,
• converge through narrow straits,
• share landing regions with limited redundancy, or
• service islands and remote regions with limited repair response.

The Porto summit emphasis on underserved and remote regions is a direct recognition of this asymmetry; the economic core can often reroute, while peripheral regions can face severe degradation. (Source – ITU – 3 Feb 2026)

The Red Sea is a live stress-test of chokepoint fragility

The Bab el-Mandeb corridor has emerged as a repeated case study: a region where cable density, shallow seabed segments, and geopolitical conflict intersect. Reports in 2024 and again in September 2025 described multi-cable damage events widely assessed as likely anchor-related, yet occurring in an operational environment shaped by attacks on shipping and heightened security tension. (Source – AP – 8 Sep 2025)

A key analytical insight: chokepoints can generate systemic effects even without “total internet blackout.” Modern networks reroute, but rerouting itself creates:

• latency spikes,
• congestion pricing and capacity scarcity,
• degraded cloud service performance,
• economic friction across finance and logistics.

This means adversaries do not need catastrophic destruction to achieve strategic impact; modest degradation at the right moment can be sufficient.

The strategic frontier is expanding from data cables to electricity cables

The next escalation vector is the growing lattice of subsea power interconnectors and offshore energy infrastructure. Electricity cables are harder to “fail gracefully” than data networks; rerouting power is constrained by grid physics, not packet switching. The EU Action Plan on Cable Security explicitly covers both communications and electricity cable infrastructure, reflecting this converging risk surface. (Source – EUR-Lex – 21 Feb 2025)

This shift matters because energy insecurity can produce faster political coercion than internet degradation: blackouts generate immediate public pressure and cross-border blame dynamics.

Analysis of Competing Hypotheses (ACH) — Why Disruptions Are Increasing

Observed pattern: more public attention, more incidents, more security posture around subsea infrastructure.

Hypothesis 1 (H1): Traffic density + maritime congestion are driving more accidents

• Mechanism: more shipping, more anchoring, more fishing interaction; shallow routes increase contact probability.
• Evidence: industry and institutional guidance continues to emphasize anchors/fishing as dominant causes; best practice documents focus heavily on these interactions. (Source – ICPC Best Practices PDF – n.d.)
• Implication: resilience gains come mainly from routing diversity, protection zones, and repair acceleration.

Hypothesis 2 (H2): Grey-zone coercion is rising; some “accidents” are intentional probes

• Mechanism: states or proxies exploit ambiguity to rehearse operations, test response times, and signal capability without crossing the threshold of open conflict.
• Evidence: alliance posture shifts toward surveillance missions and explicit critical infrastructure operations; policy community increasingly frames the seabed as a hybrid battlefield. (Source – NATO – 14 Jan 2025) (Source – European Commission – 20 Feb 2025)
• Implication: deterrence requires attribution tooling, maritime tracking, legal frameworks to sanction negligent/hostile actors, and political will to respond to “below-threshold” action.

Hypothesis 3 (H3): Institutional reframing is the real change; incidents are similar but the strategic narrative has shifted

• Mechanism: post-2022 security environment elevates critical infrastructure; governments reinterpret routine faults through a threat lens, accelerating regulation and investment.
• Evidence: formal creation of advisory bodies, summits (Abuja 2025, Porto 2026), and codified action plans; language moves from telecom reliability to security and deterrence. (Source – ITU – 29 Nov 2024) (Source – ITU – 3 Feb 2026)
• Implication: policy may overcorrect (fragmentation, compliance burden) unless aligned with operational realities.

ACH judgment: H1 is always active; it is the baseline. The strategic question is the marginal increase in H2 relative to H3. In 2026, the best-fit model is mixed: the world is experiencing (a) genuinely stressed maritime corridors and (b) a growing incentive structure for ambiguous coercion, with (c) institutions reframing the domain in response.

Autonomous Underwater Surveillance: The Revolutionary Potential of PSAP Voyager in Modern Maritime Strategy

Geopolitical Entropy & Risk Modeling — Stability Trajectory 2026–2031

Using a resilience-cycle lens (prevention, detection, response/recovery, deterrence), the system’s entropy is being pushed upward by dependence and geopolitical tension, but pulled downward by investment and coordination. The Porto summit outcomes and the expanding EU and NATO posture are entropy-reducing forces, but they compete against a widening threat set and the mathematics of chokepoints. (Source – ITU – 3 Feb 2026) (Source – European Commission – 23 Oct 2025)

Regional stability outlook (qualitative):

• Baltic / North Sea / North Atlantic: higher contestation, higher monitoring, elevated incident risk but improving response capacity.
• Red Sea / Bab el-Mandeb: chronic high-risk corridor; incidents likely to recur; geopolitical shocks can rapidly amplify disruption.
• Indo-Pacific chokepoints: rising strategic competition suggests increased scrutiny of landing stations, repair permissions, and supply chain trust.

Evidence Forensic Ledger — “Smoking Gun” Categories (What Counts, What Doesn’t)

Because cable attribution is slow, the discipline is to define what would constitute strong evidence.

High-value forensic artifacts:

• seabed imagery from ROV inspections showing cut patterns, drag marks, or tool signatures,
• AIS anomalies + satellite imagery showing loitering, anchor drop patterns, unusual route deviations,
• maintenance logs and timing inconsistencies (who was in the area, who had capability),
• insurance/ownership traces showing concealment and incentive structures,
• correlating narrative spikes (bot amplification) with physical incident windows.

What is not a smoking gun:

• immediate social media blame,
• single-source claims without technical inspection,
• “it benefits X” arguments without linkage evidence.

This matters because future attacks will likely be designed to sit precisely in this ambiguity zone.

Five-Year Evolution Forecast 2026–2031 — Attacks and Defense

Cyber attack evolution: from network intrusion to cyber-physical coercion

Most “cyber” risk in subsea infrastructure will not be hacking the fiber under the sea. It will be targeting the systems that make the cable usable and repairable:

• landing station IT/OT environments,
• routing policy manipulation (BGP-related attacks) that mimic cable faults,
• vendor and supply-chain compromise affecting monitoring and management,
• cloud dependency exploitation that magnifies the effect of partial capacity loss.

Expected trend: more blended operations where cyber activity creates confusion about whether a disruption is physical or logical, delaying correct response and increasing political pressure.

Defense trend: movement toward integrated monitoring, “smart” cable instrumentation, and shared situational awareness hubs. The EU has explicitly discussed enhancing repair capacity and equipping cables with smart capabilities, indicating institutional momentum toward sensor-enabled resilience. (Source – Submarine Networks (summary) – 7 Feb 2026)

Physical attack evolution: ambiguity-first, scale-second

A direct state-on-state seabed demolition campaign is a high-threshold act with escalation risks. The more probable path is:

• repeatable, deniable interference (anchor dragging, trawler interactions, “accidental” entanglement),
• selective targeting of shallow chokepoint segments and landing approaches,
• simultaneous multi-site incidents that stress repair fleets and regulatory permissions,
• targeting of electricity interconnectors and offshore wind export cables where grid constraints increase impact.

Expected trend: more “stress testing” of response capacity in politically contested waters, especially where repair requires security guarantees and complex permits.

Defense trend: expanded patrols, maritime domain awareness, and rapid repair modularization. The EU Action Plan on Cable Security emphasizes the full resilience cycle and deterrence, while NATO has stood up dedicated operational attention to undersea infrastructure security. (Source – EUR-Lex – 21 Feb 2025) (Source – NATO – 14 Jan 2025)

Information operations evolution: “pre-attribution shaping”

The next wave will likely involve narrative preparation: seeding claims about sabotage before an incident, then exploiting the incident to polarize allies, undermine trust in regulators, and pressure governments into either overreaction or paralysis.

Expected trend: coordinated narrative bursts aligned with incident windows, emphasizing incompetence, conspiracy, and inevitability (“nothing can be protected”).
Defense trend: pre-agreed incident communications protocols between governments, regulators, and operators—reducing the time adversaries can dominate the narrative.

FININT evolution: using maritime opacity as operational cover

Expect growth in:

• opaque vessel ownership networks,
• “shadow fleet” style logistics behavior spilling into critical-infrastructure proximity,
• insurance and registry arbitrage that complicates accountability.

Defense trend: expanding legal tools, sanctions, and enforcement against negligent or complicit operators—especially if repeated incidents cluster around the same networks of vessels and registries.

Strategic Countermeasures & Policy Levers — What Actually Moves the Needle

The strongest strategy is not a single technology; it is a layered system that reduces downtime, increases attribution confidence, and raises the political cost of grey-zone behavior.

Route diversification and anti-clustering incentives

• Encourage redundancy across corridors; avoid single strait dependency where feasible.
• Treat chokepoints as systemic risk requiring “portfolio management,” not project-by-project optimization.

Repair acceleration as deterrence
If repair is fast, coercion value drops. This is why the Porto recommendations emphasize repair time reduction and readiness. (Source – ITU – 3 Feb 2026)

Cable protection zones with enforceable maritime rules
The ICPC best practices support protection measures (with caution about clustering). The key is smart zoning: protect the most exposed segments without forcing dangerous density. (Source – ICPC Best Practices PDF – n.d.)

Sensor fusion: AIS + satellite + seabed monitoring

• Build a common operating picture for key corridors.
• Focus on anomaly detection: loitering, anchor drops, repeated proximity patterns.
• Use shared data standards to allow cross-border coordination.

Lawfare: tighten accountability without triggering escalation traps

• Clarify domestic and regional legal consequences for negligent anchoring in marked zones.
• Align sanction tools to target repeat offenders and complicit enabling networks.
• Use proportionate responses to preserve escalation control.

Underserved region resilience as strategic stability policy
The Porto summit highlighted that island and under-resourced communities face outsized risk due to limited response capability. Resilience investment here is not charity; it reduces geopolitical leverage opportunities for coercion and destabilization. (Source – ITU – 3 Feb 2026)

Bottom-Line Forecast

Over 2026–2031, the probability distribution shifts toward more frequent, more ambiguous, multi-domain incidents rather than singular catastrophic severing of the global Internet. The defining contest will be whether coalitions can convert today’s summit-driven momentum into operational outcomes: faster repair, better monitoring, clearer legal response options, and credible deterrence for grey-zone behavior.

The Porto summit is a signal that institutional learning is underway; the EU action plan and NATO operationalization indicate that resilience is becoming a strategic doctrine rather than a technical footnote. But chokepoints like the Red Sea will remain high-risk because geography cannot be regulated away—only diversified, monitored, and rapidly repaired. (Source – AP – 8 Sep 2025) (Source – EUR-Lex – 21 Feb 2025) (Source – NATO – 14 Jan 2025)

---

Index

Core Concepts in Review: What We Know and Why It Matters

• Global Subsea Infrastructure Reality Map: Telecom Cables, Power Cables, choke points, ownership, and repair economics
• Threat Evolution 2026–2031: Grey-Zone Operations, kinetic sabotage, cyber-physical intrusions, and FININT-enabled deniability
• Defense Architecture: deterrence, monitoring, rapid repair, legal lawfare, insurance, and coalition playbooks
• Unified Situation Map Table — Subsea Cables & Interconnectors 2026–2031

---

Core Concepts in Review: What We Know and Why It Matters

Subsea cables are easy to forget precisely because they work so well—until they don’t. What the last set of chapters converged on, across technology, policy, and societal impact, is a simple reality: submarine cable infrastructure is not a niche engineering topic. It is a central critical infrastructure domain, spanning both communications and electricity systems, and it is now treated—explicitly—by major institutions as a resilience and security priority. EU Action Plan on Cable Security – European Commission / High Representative – February 2025

The foundational definition: what “subsea critical infrastructure” actually includes

When policymakers say “submarine cables,” they are no longer speaking only about fiber-optic strands carrying internet traffic. The European Commission defines the policy scope to include both undersea communication cables and electricity cable infrastructure (the physical networks that can connect power systems, energy markets, and offshore generation into national grids). EU Action Plan on Cable Security – European Commission / High Representative – February 2025 That definitional shift matters because it ends the old bureaucratic split where telecom regulators handled “data,” energy ministries handled “power,” and maritime authorities handled “the sea”—often with no single integrated view of risk. EU Action Plan on Cable Security – European Commission / High Representative – February 2025

The ITU frames these systems as part of a shared global dependency where resilience is not only a technical requirement for “end-to-end operation,” but also a shared responsibility across states, industry, and marine stakeholders. Porto Summit drives critical cooperation on submarine cable resilience – International Telecommunication Union – February 2026 That language is a quiet but important signal: resilience is being elevated from a “service reliability” conversation to a collective security and governance problem with cross-border spillovers. The Porto Declaration on Submarine Cable Resilience – International Telecommunication Union – February 2026

The policy story in one sentence: prevention, detection, response, deterrence

If you want a coherent “mental model,” the EU has effectively standardized the resilience cycle into four pillars: prevent incidents where possible, detect threats and anomalies early, respond and repair quickly when failures occur, and deter malicious action through posture, coordination, and accountability. EU Action Plan on Cable Security – European Commission / High Representative – February 2025 The key takeaway is that cable security is no longer treated as a pure engineering repair problem. It is a strategy problem that includes intelligence, surveillance, regulation, and governance—because a slow repair is not only an outage; it can become leverage. Commission increases submarine cable security with €347 million investment and new toolbox – European Commission – February 2026

The “Porto moment”: why the 2026 summit became an institutional pivot

The Second International Submarine Cable Resilience Summit took place on 2–3 February 2026 in Porto, Portugal, positioning itself not as a one-off conference but as part of an ongoing global process. Summit 2026 – Submarine Cable Resilience – International Telecommunication Union – February 2026 The summit’s key output—the Porto Summit Declaration—is explicitly described as “practical, non-binding guidance” intended to strengthen cooperation and resilience worldwide. Summit 2026 – Submarine Cable Resilience – International Telecommunication Union – February 2026

Two things about that “non-binding” status are worth understanding. First, it is politically realistic: binding treaties in this domain would take years and likely fracture along sovereignty and security lines. Second, non-binding guidance is still powerful when it converges the field around common priorities—especially around the hardest part of cable incidents: cross-border coordination, permitting speed, and the choreography of repair operations among multiple authorities and companies. The Porto Declaration on Submarine Cable Resilience – International Telecommunication Union – February 2026

The Declaration explicitly positions itself as a continuation: it follows the Abuja Declaration (February 2025) and the outputs of working groups that carried those priorities forward. The Porto Declaration on Submarine Cable Resilience – International Telecommunication Union – February 2026 In other words, what looks like summit diplomacy is, in practice, a standards-setting pipeline: define the shared problem, create guidance, encourage harmonization, and then back it with investment and national implementation. Porto Summit drives critical cooperation on submarine cable resilience – International Telecommunication Union – February 2026

Mapping and risk assessment: the most underrated lever

Cable resilience begins with something mundane but decisive: knowing what exists, who controls it, where it lands, and how it is maintained. The European Commission reports that an EU-wide mapping and coordinated risk assessment approach was agreed by an expert group and scheduled for publication in Autumn 2025. EU Action Plan on Cable Security: mapping and risk assessment approach agreed by Group of Member States and Commission experts – European Commission – June 2025

The Commission’s description of the mapping is unusually specific: it draws on public sources and covers capacity, technical specifications, ownership, registered incidents, landing sites, and information on installation, maintenance and repair processes. EU Action Plan on Cable Security: mapping and risk assessment approach agreed by Group of Member States and Commission experts – European Commission – June 2025 The risk assessment then consolidates threats, vulnerabilities, and dependencies into scenario-based analysis, explicitly separating physical and cyber threat classes and considering both intentional and unintentional damage. EU Action Plan on Cable Security: mapping and risk assessment approach agreed by Group of Member States and Commission experts – European Commission – June 2025

Why does this matter for a non-technical reader? Because mapping is how you transform a complex, privately operated, transnational asset into an object of governance. You cannot prioritize protection, design redundancy incentives, or coordinate rapid repair if you don’t have a reliable shared picture of where the system is fragile. EU Action Plan on Cable Security – European Commission / High Representative – February 2025

Toolboxes and “projects of European interest”: how risk becomes budget

Risk assessments are only meaningful if they translate into enforceable measures and funded projects. The European Commission published a report titled Submarine Cable Security Toolbox and Cable Projects of European Interest, dated 05 February 2026, proposing mitigation measures and identifying Cable Projects of European Interest (CPEIs) for prioritization in public funding. Submarine Cable Security Toolbox and Cable Projects of European Interest – European Commission – February 2026

This is a critical governance move: “toolbox” language usually signals an institutional attempt to standardize what “good” looks like—what measures should be considered baseline, what investments yield resilience returns, and how to align multiple countries around consistent expectations. Submarine Cable Security Toolbox and Cable Projects of European Interest – European Commission – February 2026 And “projects of interest” language signals the other essential step: shaping physical infrastructure outcomes through targeted public investment, rather than hoping that purely commercial incentives will build adequate redundancy. Daily News 05 / 02 / 2026 – European Commission – February 2026

On the funding side, the Commission’s Daily News briefing states that the Connecting Europe Facility (CEF) – Digital Work Programme was amended to allocate €347 million to strategic submarine cable projects, including a €20 million call to enhance Europe’s repair capacities. Daily News 05 / 02 / 2026 – European Commission – February 2026 It also states that under the CEF Digital multiannual Work Programme (2024–2027), a total of €533 million is allocated for submarine cable projects, with €186 million already awarded to 25 projects. Daily News 05 / 02 / 2026 – European Commission – February 2026

Those are not abstract numbers; they are an admission that cable security is being treated as a strategic investment category, not a narrow operator expense line. Commission increases submarine cable security with €347 million investment and new toolbox – European Commission – February 2026

Repair capacity: resilience’s “time dimension” becomes policy

The chapters also emphasized an underappreciated truth: the “damage event” is only half the story. The real societal impact is often determined by how long restoration takes—and whether restoration can be executed despite permitting, access, and vessel availability constraints. The EU’s repair approach is unusually concrete.

The Commission’s call document for CEF-DIG-2026-Submarine Cables Repair Capacity sets a clear operational objective: build adaptable repair modules designed for swift emergency operations and rapid service restoration in situations where commercial services cannot fix disruptions in time. Call: CEF-DIG-2026-Submarine Cables Repair Capacity – European Commission – February 2026

Notably, this pilot call is explicitly focused on the Baltic Sea, citing a high number of accidental or deliberate incidents affecting submarine cables and pipelines during 2023–2025, and it states that a second call for other sea basins is foreseen in the second half of 2026. Call: CEF-DIG-2026-Submarine Cables Repair Capacity – European Commission – February 2026 The document goes further into operational requirements, stating that modules would be hosted in ports or shipyards and installed on vessels within a maximum of 3 days from arrival after a request—an explicit time-to-operational constraint that reflects a crisis mindset rather than normal infrastructure timelines. Call: CEF-DIG-2026-Submarine Cables Repair Capacity – European Commission – February 2026

This is resilience moving from “principles” to “logistics.” It treats repair as an emergency capability with defined staging, equipment modularity, and governance coordination requirements. Call: CEF-DIG-2026-Submarine Cables Repair Capacity – European Commission – February 2026

Crisis governance: why cross-border response is a first-order problem

Cable incidents do not respect borders. A cut can produce “who pays, who permits, who communicates” disputes even among allies. The Council of the European Union addressed this in a governance instrument: a Council Recommendation of 25 June 2024 on a blueprint to coordinate a Union-level response to disruptions of critical infrastructure with significant cross-border relevance. Council Recommendation of 25 June 2024 on a blueprint to coordinate a response at Union level to disruptions of critical infrastructure with significant cross-border relevance – Council of the European Union – June 2024

For policymakers, the Blueprint’s core value is procedural clarity: it emphasizes shared situational awareness, coordinated public communication, and support for swift reestablishment of essential services—and it explicitly discusses the need to identify actors, designate points of contact, and practice and test readiness. Council Recommendation of 25 June 2024 on a blueprint to coordinate a response at Union level to disruptions of critical infrastructure with significant cross-border relevance – Council of the European Union – June 2024

This matters because public confidence can collapse faster than cables can be repaired. In a multi-state incident, inconsistent messages can fuel rumor and panic, or invite disinformation campaigns that amplify perceived helplessness. Coordinated communications is not “public relations”; it is part of resilience because it stabilizes behavior while technical repair proceeds. Council Recommendation of 25 June 2024 on a blueprint to coordinate a response at Union level to disruptions of critical infrastructure with significant cross-border relevance – Council of the European Union – June 2024

Military protection and deterrence: the Baltic becomes a reference case

One of the preceding chapters’ strongest thematic signals was that undersea infrastructure is now “patrolled” in ways that resemble more traditional security domains. NATO launched Baltic Sentry to strengthen protection of critical infrastructure, enhance military presence in the Baltic Sea, and improve the ability to respond to destabilizing acts. NATO launches ‘Baltic Sentry’ to increase critical infrastructure security – North Atlantic Treaty Organization – January 2025

From a policy editor’s perspective, the key shift is not the name of the activity but the political message: critical infrastructure protection is being framed as a deterrence posture, not just a post-incident cleanup. NATO launches ‘Baltic Sentry’ to increase critical infrastructure security – North Atlantic Treaty Organization – January 2025

Regulation and licensing: how states shape cable security without owning cables

A major tension in this domain is that cables are frequently private, multinational investments, but the consequences of failure are public and systemic. Governments’ most powerful lever is therefore not ownership—it is licensing and conditions for market access.

The Federal Communications Commission (FCC) issued a major Report and Order (FCC 25-49) that describes the Commission’s authority over submarine cable landing licenses (deriving from the Cable Landing License Act and Executive Order 10530) and its coordination with Executive Branch agencies to address national security and related concerns. FCC 25-49 – Federal Communications Commission – August 2025

The Federal Register publication of the FCC’s modernization and streamlining of submarine cable rules emphasizes facilitating faster and more efficient deployment while “ensuring the security” of the system—an explicit dual mandate of speed plus security. Federal Register Vol. 90, No. 205 (Report and Order excerpt PDF) – Government Publishing Office – October 2025

For a non-technical policymaker, the point is simple: licensing regimes can force disclosures, impose compliance obligations, and set standards that ripple through the private market. In practice, this shapes who can build and operate cables, under what conditions, and with what reporting and oversight—without requiring the state to directly run the infrastructure. FCC 25-49 – Federal Communications Commission – August 2025

Cyber risk is not separate from cable risk—because logistics and response are cyber-dependent

The earlier chapters also connected a critical dot: even when the threat is physical (cuts, sabotage, disruption), response depends on cyber-enabled logistics, vendor coordination, and operational management systems. That means a cyber campaign against the broader logistics and technology ecosystem can indirectly increase the duration and severity of infrastructure outages.

A joint Cybersecurity Advisory titled Russian GRU Targeting Western Logistics Entities and Technology Companies describes a state-sponsored cyber campaign targeting logistics entities and technology companies. Russian GRU Targeting Western Logistics Entities and Technology Companies – National Security Agency (with partners) – May 2025 The advisory explicitly frames the campaign as “cyber espionage-oriented” and contextualizes it within broader targeting patterns. Russian GRU Targeting Western Logistics Entities and Technology Companies – National Security Agency (with partners) – May 2025

Separately, a fact sheet titled PRC State-Sponsored Cyber Activity: Actions for Critical Infrastructure Leaders warns that a PRC state-sponsored actor has been “pre-positioning” in critical infrastructure networks to enable disruption or destruction of services in the event of increased geopolitical tensions. PRC State-Sponsored Cyber Activity: Actions for Critical Infrastructure Leaders – Federal Bureau of Investigation – March 2024 This document explicitly identifies critical sectors such as Communications and Energy as part of the risk framing. PRC State-Sponsored Cyber Activity: Actions for Critical Infrastructure Leaders – Federal Bureau of Investigation – March 2024

The “why it matters” is straightforward: cable security is not only about guarding cables; it is also about ensuring that the supply chain, monitoring, incident response planning, and restoration mechanisms are not compromised when you most need them. That is why resilience guidance increasingly includes supply chain risk, exercises, and leader-level resourcing decisions rather than only technical patch lists. PRC State-Sponsored Cyber Activity: Actions for Critical Infrastructure Leaders – Federal Bureau of Investigation – March 2024

The societal impact: why this is not “just infrastructure”

At this point, it’s worth stepping back. The societal importance of subsea connectivity is not merely that it supports internet browsing or streaming. Major public institutions frame submarine cables as essential to “modern life and the economy” and tie them to strategic resilience, security, and continuity of essential services. Commission increases submarine cable security with €347 million investment and new toolbox – European Commission – February 2026

The European Commission Daily News briefing explicitly states that submarine data cables carry 99% of intercontinental internet traffic, and it links that dependence to the urgency of enhanced security and resilience measures. Daily News 05 / 02 / 2026 – European Commission – February 2026 While the percentage figure is widely repeated, what matters here is that it is being used as a policy justification at the highest level: dependence is so high that disruptions become economy-wide risk events rather than sectoral outages. Daily News 05 / 02 / 2026 – European Commission – February 2026

And the impact is uneven. Institutional guidance emphasizes the vulnerability of remote and underserved areas—where redundancy is often limited and response capacity may be constrained—making “resilience” a question of equity and inclusion as well as security. The Porto Declaration on Submarine Cable Resilience – International Telecommunication Union – February 2026

What the “next five years” logically looks like—based on what institutions are already building

Rather than making speculative predictions untethered from evidence, the most responsible way to describe likely evolution through the next five years is to follow the implementation trajectories already set out in official documents and programs.

First, expect institutionalization of regional surveillance and coordination hubs, because the EU’s repair capacity call explicitly references a broader ecosystem approach that includes regional mechanisms to detect threats and trigger emergency actions. Call: CEF-DIG-2026-Submarine Cables Repair Capacity – European Commission – February 2026 The call document ties its repair approach to the broader EU Action Plan on Cable Security and discusses building operational capabilities that can be requested via these mechanisms. Call: CEF-DIG-2026-Submarine Cables Repair Capacity – European Commission – February 2026

Second, expect investment to increasingly separate “commercial repair” from “strategic emergency repair,” because the EU call is designed precisely for scenarios where commercial services are not available quickly enough to prevent severe damage. Call: CEF-DIG-2026-Submarine Cables Repair Capacity – European Commission – February 2026 That implies an emerging dual system: normal private repair markets for routine faults, and public emergency capabilities for high-impact disruption events. Daily News 05 / 02 / 2026 – European Commission – February 2026

Third, expect regulation to increasingly focus on disclosure, ownership, and compliance, because the US licensing approach is being modernized explicitly to address evolving national security concerns while also streamlining deployment. Federal Register Vol. 90, No. 205 (Report and Order excerpt PDF) – Government Publishing Office – October 2025 The FCC has also articulated the national security coordination logic that underpins licensing oversight in this sector. FCC 25-49 – Federal Communications Commission – August 2025

Fourth, expect more military-adjacent protection activity in high-risk basins, because the NATO framing treats critical infrastructure protection as a security priority requiring presence and improved response capability. NATO launches ‘Baltic Sentry’ to increase critical infrastructure security – North Atlantic Treaty Organization – January 2025

Finally, expect cyber risk management to be integrated more explicitly into infrastructure resilience planning, because official advisories frame nation-state cyber operations as pre-positioning and targeting of critical infrastructure sectors and enabling ecosystems. PRC State-Sponsored Cyber Activity: Actions for Critical Infrastructure Leaders – Federal Bureau of Investigation – March 2024 At the policy level, this pushes leaders toward governance measures like tabletop exercises, vendor risk management, and resourcing decisions to sustain detection and response—precisely because these are the controls that fail first under sustained pressure. PRC State-Sponsored Cyber Activity: Actions for Critical Infrastructure Leaders – Federal Bureau of Investigation – March 2024

The bottom line for decision-makers

If you are a policymaker trying to “hold the whole picture,” here is what the preceding chapters collectively established:

• Subsea cables are now formally treated as critical infrastructure spanning both digital and energy domains. EU Action Plan on Cable Security – European Commission / High Representative – February 2025
• Resilience is being operationalized through mapping, risk assessment, toolboxes, and prioritized projects backed by significant public funding. Daily News 05 / 02 / 2026 – European Commission – February 2026
• Repair capacity is being redesigned as an emergency capability with explicit time-to-operational constraints and modular logistics. Call: CEF-DIG-2026-Submarine Cables Repair Capacity – European Commission – February 2026
• Cross-border crisis governance is treated as a first-order requirement, including coordinated communications and readiness exercises. Council Recommendation of 25 June 2024 on a blueprint to coordinate a response at Union level to disruptions of critical infrastructure with significant cross-border relevance – Council of the European Union – June 2024
• Deterrence and security posture—sometimes military-adjacent—are entering the cable domain explicitly. NATO launches ‘Baltic Sentry’ to increase critical infrastructure security – North Atlantic Treaty Organization – January 2025
• Cyber risk is tightly coupled to physical resilience, because adversaries can degrade response capacity by targeting logistics, technology ecosystems, and critical sectors. Russian GRU Targeting Western Logistics Entities and Technology Companies – National Security Agency (with partners) – May 2025

In practical terms, the next phase of cable resilience is less about discovering that cables matter—and more about whether governments can execute the unglamorous work: harmonizing rules, financing redundancy, shortening repair timelines, practicing response, and building credible deterrence against intentional disruption. The Porto Declaration on Submarine Cable Resilience – International Telecommunication Union – February 2026

Global Subsea Infrastructure Reality Map: Telecom Cables, Power Cables, Chokepoints, Ownership and Repair Economics

What the global seabed network actually is (and what it is not)

The modern subsea system is best understood as two overlapping critical-infrastructure layers: submarine telecommunications cable systems and submarine electricity cables. JOINT COMMUNICATION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL — EU Action Plan on Cable Security – European Commission/EEAS (EUR-Lex) – Feb 2025

Telecommunications subsea cables are engineered fiber-optic systems that function as the primary backbone for cross-border digital connectivity, and the physical reality is a network of roughly 500 cable systems spanning more than 1.7 million kilometres. Porto Summit drives critical cooperation on submarine cable resilience – ITU – Feb 2026

Electricity subsea cables (notably interconnectors) are grid assets that integrate electricity markets and enable offshore renewable energy delivery, which is why the EU explicitly treats them as strategic infrastructure whose security and resilience must be strengthened. JOINT COMMUNICATION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL — EU Action Plan on Cable Security – European Commission/EEAS (EUR-Lex) – Feb 2025

What the seabed network is not is a single “internet cable” that can be severed to switch off the world. The system’s operational risk profile is defined by concentration (where many cables share corridors and landing regions), repair latency (how fast faults can be located and fixed), and governance friction (permits, jurisdiction, security constraints). Porto Summit drives critical cooperation on submarine cable resilience – ITU – Feb 2026

The resilience cycle that now governs policy (the new baseline doctrine)

A decisive change in 2025–2026 is that governments are formalizing a full-cycle resilience model that treats cables as security assets rather than purely telecom utilities. JOINT COMMUNICATION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL — EU Action Plan on Cable Security – European Commission/EEAS (EUR-Lex) – Feb 2025

The EU defines its approach as a whole resilience cycle of prevention, detection, response & repair, and deterrence. JOINT COMMUNICATION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL — EU Action Plan on Cable Security – European Commission/EEAS (EUR-Lex) – Feb 2025

This four-part structure matters because it forces an operational reframe:

• Prevention becomes route diversity, protection-by-design, landing-station hardening, and regulatory streamlining that reduces restoration delays. International Submarine Cable Resilience Summit 2026 — Key Outcomes – ITU – Feb 2026
• Detection becomes maritime domain awareness plus data-driven risk prevention and monitoring, explicitly endorsed as a priority outcome of the Porto summit process. International Submarine Cable Resilience Summit 2026 — Key Outcomes – ITU – Feb 2026
• Response & repair becomes a cross-border operational discipline—shorter repair times, clearer authority, and joint maintenance coordination. International Submarine Cable Resilience Summit 2026 — Key Outcomes – ITU – Feb 2026
• Deterrence becomes credible accountability and consequences for destabilizing acts, including explicit attention to the role of “shadow fleet” behaviors in EU thinking. JOINT COMMUNICATION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL — EU Action Plan on Cable Security – European Commission/EEAS (EUR-Lex) – Feb 2025

This is not rhetorical. It is a deliberate migration of subsea infrastructure into the same doctrinal category as other strategic critical infrastructure, with explicit civil-military complementarity. JOINT COMMUNICATION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL — EU Action Plan on Cable Security – European Commission/EEAS (EUR-Lex) – Feb 2025

The legal spine: why enforcement is hard (and why ambiguity is structurally “built in”)

The foundational global legal order for cables is shaped by UNCLOS, but its enforcement reality is constrained by jurisdiction and practical attribution. United Nations Convention on the Law of the Sea (Vol. 1833, No. 31363) – United Nations Treaty Series – Nov 1994

A key structural feature is that UNCLOS obliges states to adopt domestic laws to criminalize willful or negligent breaking or injury of cables beneath the high seas when the conduct is connected to a ship flying their flag or persons under their jurisdiction—meaning the system leans heavily on flag-state enforcement rather than universal policing. United Nations Convention on the Law of the Sea (Vol. 1833, No. 31363) – United Nations Treaty Series – Nov 1994

That jurisdictional design is one reason grey-zone activity can thrive: a suspicious incident can be framed as accident, the evidentiary bar for sabotage can be very high, and the enforcement pathway may require cooperation from actors whose incentives diverge. United Nations Convention on the Law of the Sea (Vol. 1833, No. 31363) – United Nations Treaty Series – Nov 1994

A second structural feature is that the treaty system publicly records entry into force and depositary details, reinforcing that this is not a “policy preference” but a binding multilateral architecture that still shapes state practice. United Nations Convention on the Law of the Sea – United Nations Treaty Collection – Nov 1994

The “invisible cabinet”: who really governs cable outcomes day-to-day

Even at peak geopolitical tension, the most decisive operational levers are often held outside cabinet rooms:

Regulators and licensing authorities (the “permission layer”)

Cables are not repaired solely by engineering capacity; they are repaired by engineering capacity plus legal authorization to operate, dock, survey, and work in specific zones. Porto Summit drives critical cooperation on submarine cable resilience – ITU – Feb 2026

The Porto summit explicitly framed resilience as requiring policy engagement and operational readiness, signaling that permitting and coordination are treated as first-order variables. Porto Summit drives critical cooperation on submarine cable resilience – ITU – Feb 2026

The EU mirrors this by presenting cable security as a cross-border issue that requires stronger EU-level action to complement national measures due to the economic relevance and transnational nature of subsea cables. JOINT COMMUNICATION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL — EU Action Plan on Cable Security – European Commission/EEAS (EUR-Lex) – Feb 2025

Military and alliance coordination (the “security presence layer”)

In January 2025, NATO launched “Baltic Sentry” as a military activity to strengthen protection of critical infrastructure, explicitly including undersea infrastructure. NATO launches ‘Baltic Sentry’ to increase critical infrastructure security – NATO – Jan 2025

NATO stated that the activity would include assets such as frigates, maritime patrol aircraft, and naval drones, and that it would work to integrate national surveillance assets to improve the ability to protect critical undersea infrastructure and respond if required. NATO launches ‘Baltic Sentry’ to increase critical infrastructure security – NATO – Jan 2025

This matters for cables because it moves from reactive investigations to a posture that treats persistent monitoring as deterrence-by-presence. NATO launches ‘Baltic Sentry’ to increase critical infrastructure security – NATO – Jan 2025

National security regulators (the “trust boundary layer”)

The United States has been modernizing its submarine cable landing license rules in response to national security and foreign policy risks, explicitly describing cables as carrying 99% of global Internet traffic in an official FCC fact sheet. FCC FACT SHEET — Review of Submarine Cable Landing License Rules and Procedures – Federal Communications Commission – Jul 2025

The same FCC document frames the modernization as responding to evolving security threats and geopolitical developments, indicating that cable governance is increasingly fused with strategic risk management. FCC FACT SHEET — Review of Submarine Cable Landing License Rules and Procedures – Federal Communications Commission – Jul 2025

Chokepoints: why geography dominates strategy

The global network’s risk is not uniform; it is concentrated where routes converge and where shallow-water exposure meets dense maritime activity. Porto Summit drives critical cooperation on submarine cable resilience – ITU – Feb 2026

The Porto summit outputs explicitly stressed data-driven risk prevention and monitoring and the importance of accelerating repairs and joint maintenance, which is an indirect acknowledgement that some routes and regions can become “single points of failure” for entire populations. International Submarine Cable Resilience Summit 2026 — Key Outcomes – ITU – Feb 2026

A second asymmetry is developmental: remote islands, small communities, and under-resourced regions can face disproportionate harm because economic incentives and rapid response mechanisms are more limited, as explicitly stated by the ITU press release quoting Prof. Sandra Maximiano. Porto Summit drives critical cooperation on submarine cable resilience – ITU – Feb 2026

This is strategically important: chokepoints create leverage. If an actor can increase downtime or restoration friction even modestly, they can generate outsize political and economic effects without needing catastrophic destruction. JOINT COMMUNICATION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL — EU Action Plan on Cable Security – European Commission/EEAS (EUR-Lex) – Feb 2025

Telecom vs. power subsea systems: different physics, different failure cascades

Telecom cables: packets reroute, but congestion becomes the weapon

Telecommunications systems can often reroute traffic across alternative paths, but rerouting depends on available spare capacity and can produce congestion and degraded performance rather than total outage. Porto Summit drives critical cooperation on submarine cable resilience – ITU – Feb 2026

Because telecom cables are described by ITU as carrying “most of the world’s data traffic,” partial degradation can still have systemic impacts across financial flows and state services even if connectivity is not fully severed. Porto Summit drives critical cooperation on submarine cable resilience – ITU – Feb 2026

The FCC underscores the stakes by describing cables as the backbone of global communications and linking updated licensing to national security and foreign policy risks. FCC FACT SHEET — Review of Submarine Cable Landing License Rules and Procedures – Federal Communications Commission – Jul 2025

Power cables: fewer substitutes, faster political coercion

Power interconnectors support market integration and security of supply, but electricity cannot be “packet-switched” around damage in the same way; grid constraints and interconnector topology can cause immediate supply stress. JOINT COMMUNICATION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL — EU Action Plan on Cable Security – European Commission/EEAS (EUR-Lex) – Feb 2025

This is why the EU explicitly covers both communications and electricity cable infrastructure inside a unified security action plan. JOINT COMMUNICATION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL — EU Action Plan on Cable Security – European Commission/EEAS (EUR-Lex) – Feb 2025

In practical risk terms, this means a future hybrid campaign could use telecom disruptions for cognitive pressure (uncertainty, blame, confidence shocks) while using power cable incidents for immediate political leverage (public disruption, industrial impact). JOINT COMMUNICATION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL — EU Action Plan on Cable Security – European Commission/EEAS (EUR-Lex) – Feb 2025

Repair economics: the “time-to-restore” variable that most forecasts underweight

The Porto summit declaration and recommendations were framed as practical guidance designed to strengthen international cooperation and enhance resilience, including shortening cable repair times and improving operational readiness. Porto Summit drives critical cooperation on submarine cable resilience – ITU – Feb 2026

The Porto Declaration explicitly describes the recommendations as guidance for enabling policy and regulatory environments that support development, operation, and resilience of submarine cable systems and address barriers that may delay deployment or restoration. The Porto Declaration on Submarine Cable Resilience – ITU – Feb 2026

This reveals the operational truth: a substantial fraction of downtime risk is not “engineering difficulty” but “friction cost”—permits, coordination failures, unclear authority, or security constraints that slow restoration even when a repair vessel exists. The Porto Declaration on Submarine Cable Resilience – ITU – Feb 2026

The EU mirrors this emphasis by treating the ability to prevent, detect, respond, recover, and deter incidents as a measure of coordination and solidarity, implying that rapid restoration is a strategic capability rather than a maintenance detail. JOINT COMMUNICATION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL — EU Action Plan on Cable Security – European Commission/EEAS (EUR-Lex) – Feb 2025

The Porto-to-Abuja continuity: why the summit process matters operationally

The Porto summit is explicitly positioned as the second summit, built on momentum from Abuja 2025, with endorsement of the Porto Summit Declaration and approval of three sets of recommendations. International Submarine Cable Resilience Summit 2026 — Key Outcomes – ITU – Feb 2026

The ITU press release states the summit was organized by ANACOM in partnership with ITU and the ICPC, and that it hosted a meeting of the International Advisory Body on Submarine Cable Resilience, established by ITU and ICPC in 2024. Porto Summit drives critical cooperation on submarine cable resilience – ITU – Feb 2026

This is not cosmetic: it creates a standing institutional mechanism that can continuously harmonize regulatory expectations, publish practical recommendations, and normalize cross-border operational cooperation—exactly the factors that reduce restoration friction in crises. The Porto Declaration on Submarine Cable Resilience – ITU – Feb 2026

Analysis of Competing Hypotheses (ACH) within Chapter 1: what explains the “security turn”?

Observed pattern: a rapid elevation of subsea cable security into national and alliance-level strategy in 2025–2026. JOINT COMMUNICATION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL — EU Action Plan on Cable Security – European Commission/EEAS (EUR-Lex) – Feb 2025

H1: Governance modernization is driven by dependence and scale
The scale claim—about 500 cable systems over 1.7 million kilometres—supports a baseline that sheer dependence makes resilience governance inevitable. Porto Summit drives critical cooperation on submarine cable resilience – ITU – Feb 2026

H2: Hybrid threat environment is forcing civil-military integration
The EU explicitly references acts of sabotage as potential elements of larger hybrid campaigns and frames cable security as having civil-military implications and complementarity with NATO. JOINT COMMUNICATION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL — EU Action Plan on Cable Security – European Commission/EEAS (EUR-Lex) – Feb 2025

H3: The deterrence gap is visible, so alliances are creating presence missions
NATO’s launch of Baltic Sentry explicitly responds to growing threats to critical undersea infrastructure and formalizes monitoring and response capabilities as a standing activity. NATO launches ‘Baltic Sentry’ to increase critical infrastructure security – NATO – Jan 2025

Chapter 1 judgment: H1 is the structural base; H2 and H3 explain the acceleration and the shift from telecom-regulatory framing toward security doctrine and deterrence posture. JOINT COMMUNICATION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL — EU Action Plan on Cable Security – European Commission/EEAS (EUR-Lex) – Feb 2025

Operational “Reality Map” — the minimum viable model for understanding risk

If a decision-maker must compress the real situation into a field-usable model, it is this:

• The network is huge, but strategic risk clusters around corridor convergence and landing bottlenecks. Porto Summit drives critical cooperation on submarine cable resilience – ITU – Feb 2026
• The dominant security variable is time-to-restore, which is shaped as much by governance and coordination as by engineering. The Porto Declaration on Submarine Cable Resilience – ITU – Feb 2026
• The geopolitical contest is moving from “can it be cut?” to “can it be disrupted with plausible deniability while slowing restoration and shaping narratives?” JOINT COMMUNICATION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL — EU Action Plan on Cable Security – European Commission/EEAS (EUR-Lex) – Feb 2025
• Institutional responses are now formal and accelerating: Porto 2026 recommendations and declaration, EU four-priority action plan, and NATO operational presence posture. Porto Summit drives critical cooperation on submarine cable resilience – ITU – Feb 2026 JOINT COMMUNICATION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL — EU Action Plan on Cable Security – European Commission/EEAS (EUR-Lex) – Feb 2025 NATO launches ‘Baltic Sentry’ to increase critical infrastructure security – NATO – Jan 2025
• For the United States, licensing and trust boundaries are being tightened explicitly in response to national security risks, while reiterating the global dependence figure of 99% of Internet traffic. FCC FACT SHEET — Review of Submarine Cable Landing License Rules and Procedures – Federal Communications Commission – Jul 2025

That is the real situation: massive dependence, asymmetric geography, slow-attribution dynamics, and a fast-shifting governance and defense posture that is trying to catch up to the strategic value of disruption. Porto Summit drives critical cooperation on submarine cable resilience – ITU – Feb 2026

Threat Evolution 2026–2031: Grey-Zone Operations, Kinetic Sabotage, Cyber-Physical Intrusions and FININT-Enabled Deniability

The five-year threat environment: what is structurally changing by 2031

The global subsea domain is being reclassified from “critical infrastructure that sometimes breaks” into “critical infrastructure that will be contested,” and the strongest official signal is the Porto Summit framing that submarine cable resilience is a shared responsibility requiring improved maintenance efficiency, emergency preparedness, and investment. Porto Summit drives critical cooperation on submarine cable resilience – ITU – Feb 2026

The physical baseline remains that the global network is approximately 500 submarine cable systems with more than 1.7 million kilometres of undersea routes, which defines both scale and attack surface. Porto Summit drives critical cooperation on submarine cable resilience – ITU – Feb 2026

The economic baseline remains that subsea cables are treated by the Federal Communications Commission as carrying nearly 99% of global internet traffic and enabling international voice, data, and internet services. Review of Submarine Cable Landing License Rules and Procedures to Assess Evolving National Security, Law Enforcement, Foreign Policy, and Trade Policy Risks – Federal Communications Commission – Aug 2025

The financial baseline includes the FCC statement that financial institutions report transmitting over $10 trillion in transactions every single work-day via undersea cables, implying that disruption risk is simultaneously technical and systemic. Review of Submarine Cable Landing License Rules and Procedures to Assess Evolving National Security, Law Enforcement, Foreign Policy, and Trade Policy Risks – Federal Communications Commission – Aug 2025

The security baseline now includes alliance-level posture: NATO announced “Baltic Sentry” as a dedicated activity to increase critical infrastructure security, explicitly referencing undersea infrastructure and the use of frigates, maritime patrol aircraft, and naval drones. NATO launches ‘Baltic Sentry’ to increase critical infrastructure security – NATO – Jan 2025

Analytic judgment (high confidence): the 2026–2031 threat evolution will concentrate less on spectacular “one-time” severing events and more on repeatable, deniable, and multi-domain “friction campaigns” that reduce cable availability, slow restoration, and shape narratives while staying below the threshold of overt armed conflict. The Porto Declaration on Submarine Cable Resilience – ITU – Feb 2026

That trajectory is reinforced by official cyber risk signals showing adversaries prioritizing critical infrastructure access for pre-positioning and disruptive potential rather than purely commercial theft. PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure – CISA – Feb 2024

The threat taxonomy for subsea disruption: four layers of attack surface

Layer A — The seabed asset layer (cable, repeaters, branching units)

The most basic hostile objective is physical damage or impairment at the seabed, but the strategic innovation is where and how to do it to maximize restoration delays. The Porto Declaration on Submarine Cable Resilience – ITU – Feb 2026

The Porto Declaration frames resilience explicitly in terms of addressing barriers that may delay deployment or restoration, which implicitly recognizes that restoration latency is itself a vulnerability. The Porto Declaration on Submarine Cable Resilience – ITU – Feb 2026

Analytic judgment (moderate confidence): by 2031, the most geopolitically meaningful physical incidents will cluster in zones where legal permissions, security escort, and maritime conflict conditions slow repair operations, because that is where adversaries can extract maximum leverage from minimal physical action. The Porto Declaration on Submarine Cable Resilience – ITU – Feb 2026

Layer B — The maritime interaction layer (anchors, trawling, “routine” vessel behavior)

The dominant real-world mechanism for damage remains maritime interaction, and that fact is precisely what makes the environment attractive for grey-zone tactics, because “accident” is a plausible default explanation. The Porto Declaration on Submarine Cable Resilience – ITU – Feb 2026

Analytic judgment (moderate confidence): between 2026 and 2031, adversaries will increasingly seek to operationalize “routine maritime noise” as cover, selecting behaviors that resemble negligent anchoring or trawling while generating strategic-level disruption. The Porto Declaration on Submarine Cable Resilience – ITU – Feb 2026

Layer C — The terrestrial edge layer (landing stations, backhaul, power feeding, permits)

The FCC describes submarine cables as critical to commerce and finance and also references national security and foreign policy risk considerations in modernizing cable landing license processes, which signals that landing stations and license governance are a national-security boundary. FCC FACT SHEET — Review of Submarine Cable Landing License Rules and Procedures to Assess Evolving National Security, Law Enforcement, Foreign Policy, and Trade Policy Risks – Federal Communications Commission – Jul 2025

Analytic judgment (high confidence): many “cable attacks” in 2026–2031 will not target the seabed first, but instead will target the terrestrial edge—where access is easier, surveillance is different, and disruption can be achieved by degrading power feeding systems, compromising landing-station networks, or creating regulatory/operational paralysis. FCC FACT SHEET — Review of Submarine Cable Landing License Rules and Procedures to Assess Evolving National Security, Law Enforcement, Foreign Policy, and Trade Policy Risks – Federal Communications Commission – Jul 2025

Layer D — The cyber-operations layer (network management, OT/IT, supply chain, and “pre-positioning”)

CISA, NSA, and FBI assessed that PRC state-sponsored actors have compromised U.S. critical infrastructure and maintained persistent access, with the advisory explicitly warning of risk to critical infrastructure organizations. PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure – CISA – Feb 2024

The same advisory’s existence as a joint product of CISA, NSA, and FBI is itself a key indicator that state cyber activity is being treated as strategic preparation rather than episodic intrusion. PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure – CISA – Feb 2024

Analytic judgment (high confidence): in 2026–2031, the most dangerous operational pattern will be a hybrid chain in which cyber access is used to enable, disguise, or amplify physical disruption of subsea connectivity and restoration processes, because cyber enables timing, deception, and scaling. PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure – CISA – Feb 2024

The likely “playbook shift”: from sabotage to degradation campaigns

Why full severing is often unnecessary

Because subsea cables carry nearly 99% of global internet traffic, even partial reductions in capacity can create outsized consequences for finance, cloud services, and cross-border coordination. Review of Submarine Cable Landing License Rules and Procedures to Assess Evolving National Security, Law Enforcement, Foreign Policy, and Trade Policy Risks – Federal Communications Commission – Aug 2025

Because the FCC explicitly highlights dependency for “commerce and finance” and “emergency communications,” the threat value of non-catastrophic degradation is high, since it can impose costs without requiring a black-and-white outage. Review of Submarine Cable Landing License Rules and Procedures to Assess Evolving National Security, Law Enforcement, Foreign Policy, and Trade Policy Risks – Federal Communications Commission – Aug 2025

Analytic judgment (high confidence): the next five years will privilege “availability warfare” over “destruction warfare,” meaning attackers will aim to reduce redundancy, congest routes, and induce chronic instability rather than produce a single spectacular event that invites decisive retaliation. The Porto Declaration on Submarine Cable Resilience – ITU – Feb 2026

Why restoration delay becomes the strategic objective

The Porto Declaration explicitly identifies the need to address barriers that delay restoration and stresses coordination among authorities and industry, which indicates that speed of restoration is a recognized global resilience priority. The Porto Declaration on Submarine Cable Resilience – ITU – Feb 2026

Analytic judgment (high confidence): in 2026–2031, the most effective disruption operations will attempt to: (1) trigger a fault, (2) obscure root cause, and (3) slow restoration through legal, security, and operational friction, because the “third step” is where geopolitical leverage accumulates. The Porto Declaration on Submarine Cable Resilience – ITU – Feb 2026

Analysis of Competing Hypotheses (ACH): what strategic motives fit the emerging pattern

Hypothesis 1 — Deterrence testing and alliance bandwidth exhaustion

NATO’s Baltic Sentry was launched specifically to increase critical infrastructure security, suggesting an alliance perception that threat pressure is high enough to merit ongoing operations. NATO launches ‘Baltic Sentry’ to increase critical infrastructure security – NATO – Jan 2025

H1 motive (analytic): actors probe and pressure undersea infrastructure to test whether alliances can sustain persistent monitoring and rapid response without escalation fatigue, using ambiguity to force continuous resource allocation. NATO launches ‘Baltic Sentry’ to increase critical infrastructure security – NATO – Jan 2025

Hypothesis 2 — Pre-conflict shaping via critical infrastructure pre-positioning

The joint CISA/NSA/FBI advisory assesses persistent access to critical infrastructure by PRC state-sponsored actors, which aligns with a pre-positioning model. PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure – CISA – Feb 2024

H2 motive (analytic): adversaries seek latent access that can be activated during crisis escalation, including to support disruptions, misdirection, or selective denial of service in the logistics and communications backbone. PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure – CISA – Feb 2024

Hypothesis 3 — Economic coercion and market confidence manipulation

The FCC describes undersea cables as supporting critical commerce and finance and references large-scale financial transaction transmission via undersea cables, making the market impact channel explicit. Review of Submarine Cable Landing License Rules and Procedures to Assess Evolving National Security, Law Enforcement, Foreign Policy, and Trade Policy Risks – Federal Communications Commission – Aug 2025

H3 motive (analytic): targeted degradation can create sector-wide uncertainty, raise insurance and routing costs, and impose political pressure on governments without triggering immediate “armed attack” thresholds. Review of Submarine Cable Landing License Rules and Procedures to Assess Evolving National Security, Law Enforcement, Foreign Policy, and Trade Policy Risks – Federal Communications Commission – Aug 2025

ACH interim conclusion: all three motives can co-exist, but the 2026–2031 operational signature most consistent with official posture is a blended campaign model combining probe-and-test dynamics with pre-positioning and episodic economic coercion. NATO launches ‘Baltic Sentry’ to increase critical infrastructure security – NATO – Jan 2025

Cyber threat evolution specific to cable ecosystems (what will change by 2031)

The operational center of gravity: “living-off-the-land” persistence in critical infrastructure

The joint advisory on PRC state-sponsored activity is explicitly framed as persistent access against U.S. critical infrastructure, which implies long dwell time and operational security focus rather than smash-and-grab intrusion. PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure – CISA – Feb 2024

Analytic judgment (high confidence): cable operators and adjacent infrastructure owners should assume that the highest-risk threat actors will increasingly prioritize stealthy persistence in environments that support restoration and routing decisions (landing stations, network management systems, logistics scheduling, vendor access), because that is where disruption can be timed and disguised. PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure – CISA – Feb 2024

Logistics and maritime adjacency: cyber pressure on the repair-and-response chain

A joint cybersecurity advisory authored under U.S. Department of Defense distribution channels highlights Russian GRU targeting of Western logistics entities and technology companies, indicating that logistics is a strategic cyber target set. Russian GRU Targeting Western Logistics Entities and Technology Companies – NSA (media.defense.gov) – May 2025

Analytic judgment (high confidence): because subsea restoration depends on specialized vessels, port access, parts supply, and coordination, cyber targeting of logistics and maritime support chains can indirectly increase restoration times even without touching the cable operator’s core systems. Russian GRU Targeting Western Logistics Entities and Technology Companies – NSA (media.defense.gov) – May 2025

The “cyber-physical handshake”: using cyber to create plausible deniability

Analytic judgment (moderate confidence): cyber intrusion can be used to manipulate logs, delay alarms, or confuse incident triage at landing stations, enabling an attacker to claim that any observed degradation was a technical fault rather than interference. FCC FACT SHEET — Review of Submarine Cable Landing License Rules and Procedures to Assess Evolving National Security, Law Enforcement, Foreign Policy, and Trade Policy Risks – Federal Communications Commission – Jul 2025

This model is consistent with the official framing that evolving national security risks motivate modernization of cable landing licensing processes, which is a governance response to a cyber-enabled risk environment. FCC FACT SHEET — Review of Submarine Cable Landing License Rules and Procedures to Assess Evolving National Security, Law Enforcement, Foreign Policy, and Trade Policy Risks – Federal Communications Commission – Jul 2025

Physical and hybrid attack evolution (what will change by 2031)

From “single cut” to “multi-point stress” events

The Porto Declaration and summit outcomes emphasize improved maintenance efficiency and emergency preparedness, which are the precise capabilities needed when multiple faults occur across corridors and jurisdictions. Porto Summit drives critical cooperation on submarine cable resilience – ITU – Feb 2026

Analytic judgment (high confidence): in 2026–2031, adversaries will favor “multi-point stress” patterns—multiple faults in a short window or across adjacent corridors—to saturate limited repair capacity and create longer mean-time-to-restore without requiring complex high-risk sabotage. The Porto Declaration on Submarine Cable Resilience – ITU – Feb 2026

The deterrence environment: presence missions and surveillance as a forcing function

NATO’s Baltic Sentry explicitly states integration of national surveillance assets and the use of unmanned systems, suggesting that the alliance is adapting toward persistent detection. NATO launches ‘Baltic Sentry’ to increase critical infrastructure security – NATO – Jan 2025

Analytic judgment (moderate confidence): the growth of persistent surveillance will shift hostile behavior toward lower-signature actions (short loiter windows, deniable proximate causes, and cyber-assisted misdirection), rather than eliminating threats outright. NATO launches ‘Baltic Sentry’ to increase critical infrastructure security – NATO – Jan 2025

FININT-enabled deniability: how money and governance can shape the battlespace

The Porto Declaration stresses coordination among relevant authorities and marine stakeholders, which implicitly includes the governance and enforcement layer that determines whether negligent or suspicious maritime behaviors are deterred. The Porto Declaration on Submarine Cable Resilience – ITU – Feb 2026

Analytic judgment (moderate confidence): by 2031, “financial deniability” will increasingly matter in cable security because ownership opacity, insurance complexity, and multi-jurisdictional maritime operations can obstruct attribution and accountability after incidents. The Porto Declaration on Submarine Cable Resilience – ITU – Feb 2026

Five-year forecast matrix (2026–2031) — what decision-makers should expect

Most likely: chronic disruption pressure (high frequency, low attribution certainty)

Analytic judgment (high confidence): the modal scenario through 2031 is not a “global blackout,” but recurring regional degradation and restoration friction that accumulates economic costs and political stress. Review of Submarine Cable Landing License Rules and Procedures to Assess Evolving National Security, Law Enforcement, Foreign Policy, and Trade Policy Risks – Federal Communications Commission – Aug 2025

High impact: synchronized cyber + physical incidents (lower frequency, higher strategic effect)

The existence of joint advisories emphasizing persistent access to critical infrastructure supports the plausibility of timed, synchronized disruption potential. PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure – CISA – Feb 2024

Analytic judgment (moderate confidence): synchronized incidents are most plausible during high-tension geopolitical windows where deniability is valuable and escalation control is prioritized. The Porto Declaration on Submarine Cable Resilience – ITU – Feb 2026

Emerging: “restoration sabotage” (targeting repair capacity rather than cables)

The Porto process focuses on improving maintenance efficiency and emergency preparedness, which aligns with the strategic logic that repair capacity and readiness are primary resilience levers. Porto Summit drives critical cooperation on submarine cable resilience – ITU – Feb 2026

The U.S. joint advisory on Russian GRU targeting of logistics suggests that repair ecosystems and logistics are a plausible indirect target set. Russian GRU Targeting Western Logistics Entities and Technology Companies – NSA (media.defense.gov) – May 2025

Analytic judgment (high confidence): “restoration sabotage” will rise through 2031 because it can amplify downtime without requiring direct seabed interaction. Russian GRU Targeting Western Logistics Entities and Technology Companies – NSA (media.defense.gov) – May 2025