Executive Summary
Events over the last eighteen months indicate that the risk environment for submarine cables has very likely escalated, and the threat of state-sponsored malicious activity targeting submarine cable infrastructure is likely to rise further amid heightened geopolitical tensions. Insikt Group’s assessment of the current risk environment for submarine cables aligns with the findings of our 2023 assessment, which highlighted the convergence of geopolitical, physical, and cyber threats. Based on an analysis of 44 publicly reported cable damages occurring in 32 distinct groupings in 2024 and 2025 (Appendix A), Insikt Group assesses that three factors in the submarine cable ecosystem –– lack of redundancy in cable networks, lack of diversity of cable routes, and limited global repair capacity –– very likely increase the likelihood of significant outages from damages. Regions with low redundancy, such as parts of West and Central Africa, isolated Pacific islands, and certain secondary European routes, are more likely to suffer disproportionate impact from cable damage, especially when geopolitical tensions coincide with infrastructure constraints.
While accidents will very likely continue to cause the majority of day-to-day interruptions, recent incidents in the Baltic Sea and around Taiwan indicate that submarine cable systems remain vulnerable to threats such as anchor dragging, which states can use as a low-sophistication tactic to target adversaries’ critical infrastructure while maintaining plausible deniability. Insikt Group identified four incidents involving eight distinct cable damages in the Baltic Sea and five incidents involving five distinct cable damages around Taiwan in 2024 and 2025. At least five of these nine incidents were attributed to ships dragging their anchors, including four Russia- or China-linked vessels operating under suspicious circumstances or with opaque ownership structures, although the resulting investigations have highlighted the difficulty of attributing cable cuts to state-sponsored sabotage. Such campaigns attributed to Russia in the North Atlantic–Baltic region and China in the western Pacific are likely to increase in frequency as tensions rise, leveraging deniable tactics in both shallow and deep water to apply political pressure without overt escalation.
Without a significant expansion of dedicated repair vessels, repair capacity is very likely to lag behind demand, pushing median restoration times beyond the current 40‑day benchmark. National permitting delays and conflict zone access restrictions will likely extend repair times further, making streamlined diplomatic clearance processes an increasingly critical element of submarine cable resilience. Satellite and microwave links will almost certainly remain partial stop‑gaps, restoring only a fraction of lost bandwidth during major outages. To mitigate these challenges, joint public-private partnerships investing in repair and maintenance capabilities, improving real-time monitoring and security measures around submarine cable infrastructure, and conducting comprehensive stress tests are critical to improving resilience and guarding against a low-probability but high-impact event in which damages to multiple cables cause prolonged connectivity issues.
Key Findings
- Insikt Group identified a total of 44 publicly reported cable damages in 2024 and 2025 occurring in 32 distinct groupings. Unknown causes accounted for the largest number of damages (31%), followed by anchor dragging (25%) and seismic activity or other natural phenomena (16%).
- Of the identified cable damages, three caused significant and prolonged outages. These cases indicate that three factors –– lack of redundancy, lack of diversity of cable routes, and limited repair capacity –– very likely raise the risk of severe impact from damages to submarine cables.
- Insikt Group identified four incidents in the Baltic Sea involving eight distinct submarine cable damages and five incidents around Taiwan involving five distinct submarine cable damages in 2024 and 2025, four of which involved China- or Russia-linked vessels with opaque ownership or suspicious maneuvers near the damaged cables.
- Geopolitical tensions –– namely, Russia’s war against Ukraine and China’s coercive actions toward Taiwan –– very likely remain the primary drivers of state-linked sabotage activity targeting submarine cables.
- Joint public-private partnerships promoting investment in cable repair and maintenance capabilities, enhancing security and surveillance of critical submarine infrastructure, and improving resilience in current and future cable networks will be critical to addressing rising threats to cable infrastructure.
Background
There are currently 597 subsea cables in operation or under construction as of April 2025, compared to 559 subsea cables in 2024. These cables account for an estimated 99% of international data traffic, representing critical infrastructure underpinning global telecommunications and financial flows. In 2024, 24 new cable systems came online, according to the Submarine Telecoms Forum (SubTel Forum) –– eight in the Europe-Middle East-Africa region, six in Oceania, four in the Indian Ocean, four in the Americas, and two transpacific systems.
Among commercial suppliers of cable systems, three companies –– France’s Alcatel, the US’s SubCom, and Japan’s NEC –– lead in the number of systems delivered, kilometers of cable produced, and future systems planned, although China’s HMN Technologies (Hengtong) is playing an increasing role. Between 2020 and 2024, Alcatel delivered 23 systems, SubCom delivered thirteen, NEC ten, and HMN seven. Alcatel, the largest player, is also involved in nine planned future cable systems, representing 39% of future projects, while NEC is involved in four (17%) and SubCom two (9%).
There are approximately 80 vessels globally dedicated to maintaining and expanding submarine cable infrastructure, with the United Kingdom’s (UK) Global Marine Systems (13%), France’s Orange Marine (13%), SubCom (11.6%), Alcatel Submarine Networks (ASN) (10%) and Malaysia’s Optic Marine Services (10%) owning the most vessels.
Damage to submarine cables is not uncommon, with an average of 150 to 200 faults occurring globally each year, according to the International Cable Protection Committee (ICPC). Most of these faults never reach the threshold of public reporting, since the majority do not cause detectable issues due to the availability of alternate routes for traffic. From 2015 to 2024, SubTel Forum identified a total of 237 publicized cable fault incidents globally –– likely a fraction of the total cable faults –– the vast majority of which were attributable to human activities, namely fishing and anchor dragging. Regionally, the “AustralAsia” region accounted for 36.3% of all reported faults during this period, making it the most fault-prone area, followed by Europe, the Middle East, and Africa (28.7%) and the Americas (20.3%) The ICPC reports that the most common cause of cable damage is a ship anchor or fishing equipment contacting a cable in depths of less than 200 meters. Undersea abrasion and natural phenomena –– such as underwater rockslides and seismic activity –– account for approximately 10% of faults.
While cable faults are relatively common, they require significant resources to repair; the ICPC reports that cable repairs average between $1 and $3 million, require “specialized cable ships with highly trained crews,” and can take months to complete.
Submarine Cable Risk Environment
Submarine cable systems very likely continue to face an escalating risk environment, driven in part by increasing geopolitical tensions –– aligning with our July 2023 assessment. In 2024, SubTel Forum –– a leading industry platform for submarine cable analysis and reporting –– reported 46 incidents, the highest figure since it began publishing data on subsea cable faults in 2013 and a sharp uptick from the fifteen reported in 2023. This corresponds to heightened public awareness of submarine cable vulnerabilities amid several recent high-profile damages and related concerns about intentional malicious actions, such as sabotage –– although the increase may be partially attributable to increased reporting on subsea cable faults, as opposed to strictly reflecting an increase in incidents. However, most recent incidents have not resulted in prolonged connectivity disruptions.
An assessment of the three most impactful damages in 2024 and 2025 –– located in the Red Sea, West Africa, and South Africa –– indicates that the greatest threat to submarine cables is almost certainly where damages occur in areas with limited redundancy and repair capacity, regardless of whether the result of malicious targeting driven by geopolitical interests, unintentional human activity, or natural phenomena.
Most Impactful Cable Damages of 2024–2025
Insikt Group identified 44 publicly reported submarine cable damages occurring in 32 groupings in 2024 and 2025 (Appendix A). Of these, three cases caused damage to multiple submarine internet cables resulting in substantial and prolonged disruption to internet and telecommunications traffic. In each case, disruption to services resulted from damages to multiple submarine cables at once, with the most impacted countries lacking reliable alternative routes for traffic, exacerbated by limited repair capabilities and permitting issues that prolonged repair timelines.
- In February 2024, a UK-owned vessel struck by a Houthi-fired missile sank in the Red Sea, damaging the Asia Africa Europe-1 (AAE-1), Europe India Gateway (EIG), and SEACOM cables and disrupting 25% of traffic between Asia, Europe, and the Middle East. According to Hong Kong telecommunications company HGC Global Communications, the damage caused “a significant impact on communication networks in the Middle East.”
- In March 2024, an underwater rock slide damaged four submarine cables off West Africa: the West African Cable System (WACS), Africa Coast to Europe (ACE), MainOne, and SAT-3 cables. NetBlocks reported disruptions to internet connections in at least sixteen Central and West African countries, with disruptions to mobile payments and cloud applications for several days. CloudFlare reported a significant impact on a total of thirteen countries. In Liberia, disruptions lasted more than twelve hours. The outage also left multiple Nigerian banks offline, severely impacted connectivity in Ghana, and incurred estimated repair costs of $8 million.
- In May 2024, damage to two cables off the coast of South Africa –– SEACOM and the Eastern Africa Submarine System (EASSy) –– significantly reduced connectivity between East and South Africa, and caused internet outages for Kenya and several other East African countries. According to Netblocks, the cut disrupted internet services in twelve countries, with Tanzania, Mozambique, and Malawi particularly affected.
Risk Factors for Submarine Cable Systems
Three primary factors –– lack of redundancy, lack of diversity of cable routes, and limited repair capacity –– very likely raise the likelihood of severe outages caused by damage to submarine cables. Additionally, permitting issues stemming from different regulatory environments and geopolitical tensions can extend the timeline for cable repairs, as can kinetic conflicts in the vicinity of cable breaks.
Lack of Redundancy
Jurisdictions with limited alternate options to reroute traffic are most vulnerable to prolonged or significant disruptions. Following the May 2024 damages to SEACOM and EASSy, Kenya rerouted traffic to the TEAMS cable, with Safaricom and Airtel reporting they had activated alternative connectivity, but Tanzania experienced greater disruption due to its fewer connectivity options (Figure 2). In this case, the earlier February 2024 Red Sea damages further limited alternate options for connectivity, with Microsoft stating that the two incidents together “had reduced the total network capacity for most of Africa’s regions.” By contrast, Cloudflare reported that two cable cuts in November 2024 in the Baltic Sea –– the BCS East-West Interlink connecting Sweden and Lithuania, and the C-Lion1 cable connecting Finland and Germany –– “resulted in little-to-no observable impact to the affected countries … in large part because of the significant redundancy and resilience of Internet infrastructure in Europe.” Highlighting the importance of redundancy measures, the European Commission reported in 2024 that “many islands in the Union, including the three island Member States [Cyprus, Ireland, and Malta], as well as the EU outermost regions and overseas countries and territories, are almost entirely dependent on such submarine cables for intra-Union communications,” indicating a likely higher level of vulnerability.
While satellites provide edge connectivity and connect locations that do not have easy access to physical infrastructure, they account for a small amount of overall global capacity and typically cannot replace fiber-optic submarine cables, which also move large amounts of data faster and more cheaply. TeleGeography reports that “cables can carry far more data at far less cost than satellites,” and only a small percentage of intercontinental data traffic is transmitted via satellite, according to Cloudflare. For example, the US Federal Communications Commission (FCC) reports that satellites account for just 0.37% of all US international capacity. According to the ICPC, “a trans-pacific fibre-optic call need only travel about 5,000 miles point-to-point,” compared to a satellite call, which must travel 22,235 miles from the Earth to a satellite and then another 22,235 back. Illustrating this, a backup microwave system was activated following damages to two submarine cables connecting Taiwan and the Matsu Islands in February 2023, but only restored an estimated 5% of the bandwidth that the cables had provided, with full internet access not restored until April 2023.
Lack of Diversity of Cable Routes
Deploying submarine cables along similar geographic routes very likely increases systemic risk by creating single points of failure. Countries with multiple submarine cables routed along varying geographic routes are more insulated from major connectivity losses; conversely, those with fewer connecting cables, placed in close proximity to each other, are almost certainly more susceptible to multiple cable damages and associated disruptions. Recent incidents of damage to multiple cables at once indicate that threat actors could attempt to exploit the concentration of cables along similar routes in an effort to cause prolonged outages across a geographic area. For example, the Red Sea cable cuts in February 2024, detailed above, illustrated the importance of route diversity. The March 2024 damages to four cables off West Africa, which all occurred due to an underwater landslide in the “Le Trou Sans Fond” canyon off of Côte d’Ivoire, illustrated how a concentration of cables at one point can make multiple cables susceptible to human-made threats or, as in this case, natural phenomena (Figure 3). Similarly, Egypt is a critical internet chokepoint through which multiple submarine cables connecting Europe, Africa, and Asia run; the vulnerabilities associated with this arrangement were apparent following June 2022 damages to both the AAE-1 and the SeaMeWe-5 cables. In December 2024, the US Department of Homeland Security noted that “while incidents in geographic chokepoints are relatively rare, each one brings much-needed attention to the vulnerability of similarly concentrated cables around the world.”
The concentration of submarine cables at a single cable landing station increases the likelihood that damage to or near a landing site will impact multiple cables. These stations provide multiple functions, including supplying power to the cable and connecting it to terrestrial networks, and their locations are often chosen based on access to existing infrastructure or regulatory factors, rather than because they offer particularly high protection from natural disasters or physical threats, such as sabotage or surveillance. As a result, cables frequently cluster around or at the same landing site –– raising the threat that sabotage or espionage operations could impact multiple cables at once by targeting landing stations. For example, according to the US FCC, landing sites on the southeastern US coast are clustered in three primary locations in Florida, with nearly all landing sites developed to support multiple submarine cables. In October 2022, cybersecurity company Zscaler warned that cuts to multiple cables at landing stations in Marseille linking the city to Milan, Barcelona, and Lyon “impacted major cables with connectivity to Asia, Europe, US and potentially other parts of the world.” In August 2023, the European Union Agency for Cybersecurity (ENISA) reported that landing stations represent a weak point in the ecosystem due to their vulnerability to “espionage attacks, deliberate power cuts, sabotage attacks with explosives, or even missile attacks in the case of a military conflict.”
Limited Repair Capacity Poses Long-Term Problem
Repair capacity, which continues to lag behind the expansion of submarine cable networks, almost certainly represents an underappreciated point of vulnerability in the submarine cable ecosystem. As cable systems have expanded dramatically, investment in ships that can service these cables has lagged behind, resulting in the growth of cable systems outpacing repair capacity. Most of these vessels are therefore focused on laying new cable systems, constraining their ability to respond immediately to cable faults. According to ENISA, given the complex nature of repairs and limited repair capacity, “a coordinated attack against multiple subsea cables could have a major impact on global internet connectivity.” For example, the Léon Thévenin, a cable repair ship docked in Cape Town, South Africa, was the only vessel dedicated to serving Africa at the time of the March 2024 cable outages, extending the repair timeline. In February 2023, all five of Vietnam’s operational undersea cables suffered partial or total damage at the same time, resulting in the loss of 75% of its data transmission capacity. With nearby ships busy, repairs on all cables were not fully completed until late November 2023, and telecommunications firms were forced to purchase spare terrestrial capacity to help stabilize connections. Reflecting concerns regarding the limited availability of repair vessels, the US established the Cable Security Fleet in 2020 with two dedicated US-flagged cable repair ships (the CS Dependable and CS Decisive) to speed repairs to submarine cables relevant to US national security.
Unless significant investments are made in streamlining repair processes and expanding cable ship repair capacity, repair times are likely to continue trending upward. According to SubTel Forum, the average repair time for the restoration of cable faults has risen from 2015 to 2024, with the average repair time in 2023 consisting of 40 days. Vietnam’s five submarine cable systems, which account for most of its international bandwidth, experience an average of fifteen incidents annually; prior to 2022, repairs lasted one to two months per incident, but have recently lasted longer, extending disruptions. This is almost certainly a result of the increasing gap in the rates of subsea cable infrastructure expansion and stagnating repair capabilities.
Regulatory Factors, Conflict, and Territorial Disputes Likely to Prolong Repair Timelines
Regulatory hurdles, such as complex and lengthy permitting processes for repair ships that vary by national territory, likely prolong repair timelines, exacerbating the impact of limited repair capacity. Cable damage in areas subject to territorial disputes and ongoing kinetic conflicts almost certainly increases the prospect of prolonged outages due to the denial of access to repair vessels. The International Institute for Strategic Studies reports that repairs in the Asia-Pacific region take up to 30 days on average from notification of an incident, compared to fifteen in North America, due to more stringent permitting requirements. For example, repairs to April 2024 damages to the SeaMeWe-5 cable in Indonesian waters, which reduced Bangladesh’s internet capacity by a third, were not completed until June 28, 2024, as Jakarta’s cabotage policy delayed repairs for several weeks. In March 2024, telecommunications provider SEACOM reported that it would likely take longer than expected to repair three cables in the Red Sea damaged by a ship hit by Houthi strikes since permitting could take up to eight weeks to obtain. The Yemeni government refused to grant permission to initiate repairs of the damaged AAE-1 cable to the cable’s operating consortium, which includes telecommunications firm TeleYemen, as one of the firm’s two branches is under the control of the Houthi group. An investigation of the consortium reportedly delayed repairs of the AAE-1 until July 2024. Further, SubTel Forum reported that ongoing threats posed by the Houthi group likely limited companies that agreed to carry out repairs and incurred high premiums.
Additionally, amid ongoing territorial disputes between China and the Philippines in the South China Sea, the China Coast Guard (the CCG) has attempted to block Philippine resupply operations to vessels at the Second Thomas Shoal, Scarborough Shoal, and Sabina Shoal. In addition to harassing Philippine vessels, the CCG and other Chinese forces have for decades interfered with vessels from other claimants in the South China Sea, as well as vessels operated by outside powers like the United States. These incidents suggest that Beijing could take similar action to block repair vessels from accessing damaged submarine infrastructure in the event of a potential escalation of tension or outbreak of hostilities around Taiwan.
To read the entire analysis, click here to download the report as a PDF.
Source: RecordedFuture
Source Link: https://www.recordedfuture.com/research/submarine-cables-face-increasing-threats