Beyond the fire and fury of the battlefields of Ukraine, gray zone warfare has turned the Baltic's cold depths into an embattled sea. Since 2022, six suspected sabotages and 11 confirmed damages to subsea cables have been registered in 15 months. The recurrent culprit? Russia, potentially aided and abetted by China. Amid growing efforts to fight these tactics, the North Atlantic Treaty Organization (NATO) has looked to space to protect its data flows. However, despite this apparent flexibility, NATO strategy risks becoming a catch-22. Were there to be a major disruption to subsea cables, even if data flows were diverted to space they would still be under threat. Until now, NATO leaders have failed to recognize the dangers behind Russia's escalations in both the underwater and space domains. To avoid getting trapped by Russia's double-edged threat, NATO must change its strategy.
Subsea cables are the bedrock of the world's economic and technological infrastructure, carrying roughly 97-98 percent of the world's internet traffic. Incidents involving this global lifeline have shaped a concerning pattern around the Baltic coastlines. In the span of just three months, a spate of incidents involving undersea cables heightened the alert of Nordic NATO countries. In November 2024, the Chinese cargo ship Yi Peng 3 became the prime suspect for severing two subsea cables connecting the Baltic countries. Investigations alluded to the possibility that Russian intelligence may have coerced the Chinese captain into sabotage. In December 2024, another subsea cable in the Gulf of Finland suffered critical damage, resulting in Finland charging a captain of Russia's infamous shadow fleet for the sabotage. Lastly, in January 2025, another subsea cable was vandalized between Latvia and Sweden. Although some of these incidents were attributed to accidents, the coincidence and damage are too prominent for NATO countries to sit idle.
Finding digital safety between sea and space
The recent incidents throughout the winter renewed debates about Russia's possible involvement in damaging European underwater infrastructure. Unlike previous years, this time NATO allies in Europe were prepared. On January 14, 2025, NATO launched Baltic Sentry, a multi-pronged mission to deter further damage with a joint task force of NATO navies and air support patrolling the Baltic Sea. Since Baltic Sentry started, no incident involving NATO undersea infrastructure has been recorded. Yet, the current stability is volatile. Russia has proven remarkably adaptable on the seas. Not only has its shadow fleet evaded the NATO sanctions regime, but it has also threatened the global maritime order.
Baltic Sentry is not the only effort NATO has initiated to protect its data flows. On July 31, 2024, NATO announced Project HEIST, which aims to divert high-priority data traffic from undersea cables to satellites in the event of a threat. Although data speeds are considerably slower via satellite than subsea cables, the project is supposed to provide a prompt alternative and ensure continuous communications if disruptions in the underwater domain occur.
While Baltic Sentry serves as the first line of defense for NATO's data traffic, Project HEIST is a backup in case severe damage to subsea infrastructure occurs. Although patrolling the waters around the cables has proven effective, Russia's malicious behavior on the seas may render these operations unsustainable. Worse, Russia's escalatory actions in space make satellites an unreliable refuge.
Space is not a sanctuary from Russia
As a January 2025 RAND study warns, military competition in space between the United States and Russia is intensifying. Russia perceives U.S. and allied space technologies not only as enhancers of their conventional military capabilities, but also as existential risks comparable to nuclear weapons. In 2021, Russia tested a direct-ascent anti-satellite missile by striking a Russian satellite and creating over 1,500 pieces of orbital debris. The test showed Russia's prioritization of anti-satellite weaponry to ensure space dominance, as well as its disregard for the safety and stability of space operations. Indeed, weapons tests risk multiplying the amount of high-speed space debris and thus increasingly endangering U.S. space operations.
This test was merely the beginning of a new era of low-intensity space warfare. In the past four years, Russia has expanded its anti-satellite arsenal to include missile systems like the Nudol designed to target satellites in low-Earth orbit. The threat from these capabilities is double-edged. On the one hand, they threaten to destroy U.S. and allied satellites, thus hampering essential military functions such as GPS navigation, early-warning missile launch systems, and ISTAR (intelligence, surveillance, target acquisition, and reconnaissance). On the other hand, by leveraging anti-satellite and cyber capabilities to hijack and disrupt satellites, Russia could weaponize communications to exert psychological warfare on civilians, as it has already done in Ukraine.
An underestimated threat and a unique solution
In 2024, U.S. Department of Defense officials warned that Russia was developing an "indiscriminate" nuclear weapon specifically designed to attack satellites and wreak havoc on U.S. space technology. Although the Russian satellite linked to its nuclear anti-satellite weapons appears to no longer be functioning, Russia's militarization of space has generated alarm among United States lawmakers, as well as warnings from NATO Secretary General, Mark Rutte, and French Chief of the Defense Staff, Thierry Burkhard. Yet, neither U.S. nor European leaders have realized the double-edged nature of this threat. If Russia can attack Western satellites and disrupt undersea infrastructure at the same time, NATO digital flows will never be truly safe.
This will not only affect NATO military operations in the space and cyber domains, but also disrupt civilian financial operations and telecommunications. By holding NATO's ability to conduct essential civilian and military operations hostage, Russia has secured a powerful insurance against its own conventional military weaknesses and a critical strategic advantage in challenging domains like the seabed and space. NATO's lack of acknowledgement does not make the threat any less real -- rather, it makes it more dangerous. Indeed, Project HEIST is supposed to be a satellite-based backup in case of attacks on subsea cables. But if space is no longer safe from conventional and nuclear escalation, how safe of an alternative can Project HEIST be?
NATO blindness in both the space and undersea domains risks blindsiding the alliance in the long term. Despite the temporary safety of Baltic Sentry, NATO has not eliminated the threat to undersea infrastructure. It has only learned how to respond to it. Likewise, Russia has demonstrated an increased risk tolerance for strategic escalation in the space domain. This could render Project HEIST a useless backup plan. Whether Russia has purposefully pursued this strategy is unclear, but this is not preventing NATO from walking into the trap.
So far, the safest solution seems to be going offline. In May 2025, Nordic countries and Estonia began rolling out offline payment systems in case internet connections are lost from undersea cable sabotage. Cutting digital flows altogether while mitigating the consequences, especially for civilian populations, will eliminate a vulnerability that Russia can threaten. Prevention rather than response is the direction NATO strategy should follow, while failure to learn this lesson will trap NATO strategy in a catch-22 that could become the seed of NATO digital demise.
Anna Matilde Bassoli holds a M.A. in Security Studies from Georgetown University's Security Studies Program and a MLitt in Strategic Studies from the University of St Andrews. She also earned a B.A. in Political Science and International Relations from Catholic University of the Sacred Heart in Milan, Italy. She currently serves as the YPFP Rising Expert in Defense.