Subscribe
In an era defined by intensifying geopolitical rivalry and the rise of hybridised conflict, Europe’s most exposed vulnerabilities now lie far below the surface. Subsea infrastructure, once treated as an unremarkable backdrop to global connectivity, has become a critical battleground. The security of these assets is no longer a niche technical concern but a central pillar of continental resilience.
The European Council’s conclusions of 23 October 2025 made this plain. Its explicit call for strengthened protection of undersea infrastructure in the face of Russian hybrid aggression was not rhetorical signalling but a recognition that Europe’s digital and energy arteries are now targets in a slow-burning conflict. For the ECR Group, these developments underline an enduring principle: cooperation between Member States is essential, but it must be anchored in subsidiarity rather than drawn into the gravitational pull of Brussels’ centralising tendencies.
Ireland illustrates this tension with unusual clarity. As the EU’s westernmost outpost and the primary landing point for transatlantic data flows, the country embodies both the strategic risks and the opportunities inherent in decentralised, state-led security approaches. Its subsea cables carry the overwhelming share of Europe’s data traffic, making them not merely national infrastructure but foundations of continental economic life.
Recent parliamentary exchanges and national consultations have exposed the scale of this dependence. They also highlight the limits of top-down policymaking. Addressing vulnerabilities requires giving Member States the latitude to lead, share intelligence in a controlled manner, and build capabilities tailored to their own geographies.
The strategic weight of Ireland’s subsea network is difficult to overstate. Positioned at Europe’s edge, Ireland hosts the primary landing points for roughly 75 per cent of the Northern Hemisphere’s subsea fibre-optic cables. These lines transmit more than 95 per cent of global internet traffic, supporting everything from real-time financial trading to health systems, emergency coordination, and defence communications. Fourteen active cables currently make landfall in Ireland, including four direct links to North America. Expansion continues, with the Celtic Interconnector to France due online in 2027 and the Far North Fiber linking to Alaska, Japan, and Norway expected in 2026.
This infrastructure underpins Ireland’s data-centre-heavy economy, dominated by Google, Meta, Amazon, and Microsoft, and cements Ireland’s role as Europe’s “digital gateway” to the United States. For the EU, these cables are the nervous system of the single market’s digital economy. They enable AI development, offshore renewable integration, and the functioning of complex supply chains. A single disruption would reverberate through markets; simultaneous breaches could inflict billions in damage and weeks of operational paralysis.
In a geopolitical environment shaped by Russia’s war on Ukraine and deepening U.S.-China competition, subsea assets represent a soft underbelly. Hybrid warfare thrives in this space, blending cyber intrusion with physical sabotage while avoiding thresholds that would trigger overt conflict.
The ECR has consistently warned that credible resilience rests on targeted investments and state-led strategies, not broad federal mandates that dilute national responsibility. Most cable faults worldwide arise from accidental causes—fishing gear, anchoring, seismic events—yet deliberate threats are increasing. Russian naval vessels, including the surveillance ship Yantar, have repeatedly approached Irish routes, documented in 2021, November 2024, and March 2025. The ship’s deployment of submersibles suggests reconnaissance or pre-positioning for cuts.
These sightings follow a pattern seen in the Baltic Sea, including the 2023 Finland-Estonia line severance and the November 2024 damage affecting Finland-Germany and Sweden-Lithuania cables, incidents attributed to Russian proxies. China presents a different form of risk: a near-monopoly on cable manufacturing and repair, granting leverage over maritime supply chains and raising concerns about embedded technology and strategic denial.
Ireland’s geography compounds the challenge. Its exclusive economic zone spans 450,000 square kilometres—ten times its landmass—yet the Naval Service tasked with patrolling it faces chronic staffing shortages and operates with defence spending far below EU norms. Neutrality has preserved diplomatic autonomy but fostered a degree of maritime complacency: no submarine fleet, limited sonar coverage, and responsibilities split awkwardly across departments.
Cyber probes targeting Irish systems are already routine. A physical cable cut, combined with delays caused by the global shortage of repair vessels, would elevate a persistent threat into a full-scale crisis. Ireland’s 2023 National Risk Assessment identified subsea infrastructure damage as a top-tier threat, with a “reasonable worst-case scenario” involving coordinated strikes on gas interconnectors to the UK.
For ECR analysts, these developments demonstrate why security must remain primarily national. Supranational defence structures are slow to adapt, diffuse accountability, and can create false assurances. Effective resilience comes from Member States strengthening their own forces while sharing best practices.
Ireland’s domestic debate reflects this shift. Oireachtas activity in 2025 signalled a growing recognition of maritime vulnerability. On 8 May, during Defence Questions, Deputy Duncan Smith pressed Tánaiste and Defence Minister Simon Harris on safeguarding undersea infrastructure. Harris acknowledged a “fundamental change” in Ireland’s security environment and confirmed that the maritime domain had become a top government priority.
He outlined the Department of Defence’s role in developing Ireland’s first National Maritime Security Strategy (NMSS), designating subsea cables as “critical maritime infrastructure” requiring heightened vigilance. Risk assessments from the Office of Emergency Planning were blunt: a coordinated attack on gas interconnectors was deemed the plausible worst case amid rising physical and cyber threats.
Ireland has taken limited steps within EU structures. It is observing the PESCO project on Critical Seabed Infrastructure Protection—gaining insights without binding commitments—and has approved Defence Forces participation in the EU’s Common Information Sharing Environment (CISE), enabling secure data exchanges with other maritime authorities. Stress tests on energy infrastructure have been transmitted to the European Commission, feeding into a broader EU resilience audit.
Harris emphasised that PESCO participation “is one means of allowing Ireland to address and mitigate risks posed to sub-sea architecture,” while CISE would “play a crucial role in increasing awareness of maritime activities and improving responses to growing threats at sea, including physical and cyber-attacks on critical infrastructure.”
Momentum continued with the Tánaiste’s launch of a public consultation on the NMSS on 11 June 2025. The strategy, covering a five-year period, was framed as essential to addressing emerging risks and protecting undersea assets. Submissions closed on 11 July, with strong interest from energy firms, maritime agencies, and defence specialists. Harris underscored the stakes: as an island nation with one of Europe’s largest sea areas, Ireland needs a robust, coherent maritime security framework.
The strategy is expected to integrate upcoming naval upgrades—including €80 million in sonar enhancements scheduled for 2027—with new bilateral agreements, such as the UK-Ireland surveillance technology talks held in October 2025. For the ECR, this is subsidiarity functioning as intended: a Member State building capability tailored to its own EEZ while using EU mechanisms selectively.
Meanwhile, EU-level debate continues to accelerate. The Parliament’s SEDE hearing on 18 February 2025, titled “Hybrid War: Protection of Undersea Cables in the Baltic Sea,” served as a catalyst. Experts described Europe’s subsea grid as a “global nervous system” vulnerable to covert attack techniques designed to evade attribution. Their warnings fed directly into the Commission’s 2025 EU Action Plan on Cable Security, implemented through Recommendation (EU) 2024/779, which Parliament steered toward Member State leadership rather than Commission dominance.
This trajectory was reinforced in October with the Commission’s 23 October progress report, presented in Riga by Executive Vice-President Henna Virkkunen. The report contained the first comprehensive mapping of EU subsea cables by the Cables Expert Group, an important step in diagnosing system-wide exposure.
Yet the next challenge looms. There is growing pressure for an EU-level maritime security architecture that would centralise surveillance, incident reporting, and operational response. Proponents argue this would streamline collective defence. In practice, it would shift operational authority away from national governments and concentrate it in Brussels—a move that risks blurring command structures at a time when clarity is indispensable.
For the ECR, this is precisely the wrong direction. Security demands responsibility, and responsibility cannot be outsourced. Member States must retain control over their maritime domains to ensure rapid, accountable action.
Ireland’s subsea infrastructure is, in effect, Europe’s digital bulwark. Its protection requires vigilance, investment, and cooperation—but cooperation that strengthens national capacities rather than replacing them. Ireland’s recent actions, from Oireachtas scrutiny to the NMSS process, complement EU-level initiatives without surrendering sovereignty. Whether that equilibrium can survive the instinctive centralisation impulses within the EU remains uncertain.