It is no secret that Russia is stepping up undersea sabotage operations against the UK.
Three Russian submarines carried out a month-long surveillance operation targeting undersea cables and pipelines in northern UK waters, the Defence Secretary revealed this month. A British warship and aircraft were deployed to track the Russian fleet, ending its operation, which was likely aimed at mapping critical infrastructure, John Healey said.
Yet this particular Russian spy operation was more sophisticated than usual, involving distraction tactics – with an Akula-class submarine deployed to divert British forces – prompting fears that sabotage operations are only escalating – and the possibility of taking the UK offline is rising, experts have said.
As an island, the UK is reliant on around 60 undersea cables, carrying over 90 per cent of daily internet traffic. There is growing concern that Russia could try to sever or damage these and other essential channels in the event of war, causing widespread political and economic disruption. In September, a report by a parliamentary committee on the National Security Strategy highlighted the risk of attacks on the small number of cables around the UK’s outlying islands, which are targets for sabotage. It cited previous damage to cables connecting the Shetland Islands, Orkney and Banff which caused mobile, landline, and internet issues.
The report also warned about essential data being concentrated in high-capacity subsea cables. It emphasised that government and industry were not preparing enough for attacks – and that the UK had “strategic vulnerability in the event of hostilities”. The report stressed that the committee was “not confident that the UK could prevent such attacks or recover within an acceptable time period”.
The UK has implemented changes in recent years including the Cyber Security and Resilience Bill, which proposes new laws for essential businesses in managing risks, and the Atlantic Bastion blueprint, launched in December, which will create a hybrid force comprising autonomous vessels, AI technologies, warships and aircraft to defend British waters and protect undersea cables.
Yet these efforts are seeing slow uptake, and are far from comprehensive. This month, the Defence Secretary brought together telecoms companies to discuss collaboration on defence, but no plans for public and private collaboration have yet been implemented. Experts are also warning that the UK needs better recovery plans.
One small state in Europe’s far east could provide a model for how Britain protects its infrastructure lifelines.
Estonia has revolutionised cyber security and is leading the way in defence against Russian cable and cyber sabotage. The Estonian navy has sent patrol ships to protect its cables, and telecoms companies have duplicated their connections to avoid being fully cut off in the event of attacks. Estonia would also be able to use other sea cables – or land cables – through neighbouring Latvia.
But Estonia is also prepared for attacks through a broad and deep approach to cybersecurity. Referred to as e-Estonia, the country of just over one million has been a world pioneer in creating a digital society. The Republic of Estonia’s Information System Authority report on cyber security 2026 argued that “cybersecurity should be layered, like a millefeuille”, embracing both the protection of cables, and wider connections in case these fail.
Bordering Russia, Estonia stands on the front line of Moscow’s threats. Like Britain, Estonia and its Nato neighbours have been grappling with attacks on undersea cables in the Baltic Sea – which they share with Russia – in recent years. There are over 35 cables in the Baltic Sea, a shallow body of water, which makes it easier to attack. It is also a region integral to global shipping, leaving it even more vulnerable. Since Russia’s full-scale invasion of Ukraine in 2022, there have been numerous reports of damage to cables and gas pipelines, including those connecting Finland and Estonia, Sweden and Estonia, and Sweden and Lithuania. In the latter case, a fifth of Lithuania’s internet capacity was reduced as a result of the cut cable.
The threat of damage to Baltic Sea infrastructure is particularly significant given Russia’s geopolitical ambitions. The Baltic states – Lithuania, Latvia and Estonia – were annexed by the Soviet Union in 1940, although this was not recognised by the West. Ukraine has recently warned that these tiny states might face a Russian attack so Moscow can regain influence in the east.
Estonia was the first nation to face cyber warfare and sabotage attacking an entire country. By the early 2000s, it was leading in cyber capabilities, after the restoration of its independence in 1991 prompted digital modernisation. But in 2007, there was a series of devastating series of attacks on government, banking, and media websites. These coincided with a disagreement with Russia on the relocation of a Soviet-era grave marker. In late April of that year, the online services of government institutes, banks and media faced blackouts, with cash machines brought down, emails disrupted, and spam disseminated. The attacks peaked on 9 May, Victory Day in Russia.
After that, Estonia embraced cyber security as a necessity. The Ministry of Defence developed a cybersecurity strategy – one of the first to be written in the world – which promoted co-operation between the public and private sector, an awareness of cyber threats, and improvement in cyber training. Programmes on cyber security were launched at Estonia’s universities in the capital, Tallinn, and second-largest city, Tartu, and a Nato-accredited Cooperative Cyber Defence Centre of Excellence was also created. A Cyber Defence Unit of the Estonia Defence League – a voluntary national defence organisation – was also established in 2010. It includes IT professionals who practice cyber defence by modelling attacks. The Unit also networks between the public and private sector to defend the nation’s cyber connections.
Estonia has also developed a blockchain-based technology to protect its digital infrastructure. This technology shows if any information has been altered – protecting against attacks. It also enables the Government to handle large amounts of data with speed. Estonia also operates the world’s first “data embassy” in Luxembourg – allowing backups of data if the nation were attacked.
Estonian public services are now 100 per cent online, 24/7, meaning cyber security is essential.
Despite its tiny size and threats of war, Estonia’s model offers a useful lesson for the UK. The Estonian recognition of threat from government, and the rapid implementation of nationwide protection plans – including innovations in technology and defence, public and private collaboration, and recovery plans – are what the UK needs to protect its essential cables. Britain’s current approach, as experts warn, is too slow in implementation, and too limited in focus: a widespread awareness of dangers, and a cross-government approach, is required to ensure valuable resources are protected.
Juliette Bretan is a researcher and journalist, currently based in Cambridge, who has written about Eastern European politics, culture, and history for a decade