The Conversation

Nord Stream pipeline sabotage: how an attack could have been carried out and why Europe was defenceless

Whatever caused the damage to the Nord Stream gas pipelines in the Baltic Sea, it appears to be the first major attack on critical “subsea” (underwater) infrastructure in Europe. It’s now widely thought – not least by Nato – that the explosions that led to major leaks in the two pipelines were not caused by accidents. The alliance says they were a deliberate act of sabotage.

The attacks occurred in the exclusive economic zones of Denmark and Sweden and demonstrate the risks that Europe’s subsea infrastructures are facing. This raises the question of the vulnerabilities of European pipelines, electricity and internet cables, and other maritime infrastructure. Europe will have to revisit its policies for protecting them.

But it is still unclear how the attacks were carried out. The investigations will probably take months to complete, but there are two likely scenarios. A first option is that the attacks could have been carried out as an underwater operation using advanced submarine technology.

This implies that we are looking at a state and its navy. Although the attacks took place outside the territorial waters of the Nato members Denmark and Sweden, they could be interpreted as an act of war.

The second scenario is an operation launched from a privately owned surface vessel, such as a fishing boat being used as a platform for divers or submersibles to place explosives. In this case, the attack vessel was hiding in everyday maritime traffic.

This scenario points us to so called “grey-zone” tactics: an attack by a group acting indirectly on behalf of state interests. The involvement of any government will then be very difficult to verify. This scenario implies that the Nord Stream attack was likely to have been the first ever recorded grey-zone activity in the European subsea.

Grey-zone tactics are increasingly common at sea, and have been associated with the Iranian Revolutionary Guards seizing ships, or the Chinese fishing fleet advancing territorial claims.

Grey-zone tactics at sea have not been extensively studied, but similar tactics are well understood in the cyber domain. In that domain it is usually a hacker group operating formally “independent” from governmental agencies that carry out an attack.

The comparison to the cyber world is useful as it gives us insights into why the maritime domain is very vulnerable. The sea is more similar to cyberspace than first meets the eye.

Like cyberspace, the sea is crowded with a highly complex set of state and non-state actors and multiple overlapping jurisdictions. That makes it easier to hide, and more difficult to trace and identify responsible actors. The legal ambiguities also raise the question of how to prosecute any perpetrators.

Unregulated space

As our research shows, the subsea is an ocean space that is often forgotten, yet increasingly vital. Pipelines ensure the flow of gas and oil. Electricity cables across Europe and the Mediterranean are key to the green energy revolution. Underwater data cables transport 95% of data and ensure digital connectivity.

Yet Europe has no policy in place that would provide for the surveillance and protection of this underwater infrastructure. Europe is effectively subsea blind.

Three European Union agencies – the European Maritime Safety Agency (EMSA), the European Fishery Control Agency (EFCA) and the European Border and Coastguard Agency (Frontex) – address ocean surfaces. But none of them has a mandate to look underwater.

These three agencies, however, run a tight surveillance scheme to monitor maritime activities, known as the Common Information Sharing Environment.

A first step to increase the protection of subsea infrastructure is to draw upon this platform to systematically provide surveillance of suspicious activities on the surface in vicinity to infrastructures and to coordinate patrols. This will help to deter perpetrators and prevent a future grey-zone scenario.

Eye in the sea

Monitoring underwater activities is a more difficult and costly affair. The seabed is a vast space – and cables and pipelines cover thousands of kilometres. The European Defence Agency runs a number of projects to improve under water surveillance.

However, as we have shown in a recent report to the European Parliament, not only technological advancement is the route to better resilience. Navies and coastguards need to develop better collaboration with the private industry that operates and maintains underwater infrastructure.

Industry holds important data, and is needed to ensure swift responses for any future attack. The EU has a major role to play in enabling this collaboration through its agencies. It must also ensure that industry holds sufficient repair capabilities for cables and pipelines.

All of this calls for an explicit underwater policy for the EU and mandating its agencies to contribute to critical maritime infrastructure protection. The ongoing drafting of the new European Union Maritime Security Strategy is a window of opportunity.

Initiated in 2022, the purpose of the strategy is to provide direction and ensure coordination between EU institutions and the member state agencies that deal with the maritime. The strategy is expected for 2023. It must address the subsea and outline how underwater infrastructure can be better protected.

Christian Bueger receives funding from the Velux Foundation for a research group on Ocean Infrastructures.