To offset the emerging, but now enduring, threat to seabed critical underwater infrastructure (CUI), navies are looking to build CUI security through co-operating on information sharing and operational responses. Innovative technology and information analysis are playing a key role in enhancing such cooperation and response.
The explosions suffered by the two Nordstream gas pipelines on the Baltic seabed in September 2022 could seem on the surface to have been an isolated event. Yet a pattern of incidents relating to the security of critical underwater infrastructure (CUI) on the seabed had perhaps been developing for some time prior to the Nordstream explosions.
In November 2021, reports emerged that large sections of seabed cable had been removed from an environmental monitoring network off Lofoten, northern Norway. In January 2022, news surfaced of reported damage to seabed communications cables connecting the SvalSat satellite ground station on Norway’s Svalbard Island to the Norwegian mainland. In October 2022, communications cables connecting Scotland, the Shetland Isles, and the Faroe Islands were reported to have been damaged. While the source of or explanation for each incident has not been confirmed publicly, human activity was reported to have been involved in each case.
Certainly, military leaders across several NATO countries had been warning publicly for some time of the greater risk to CUI security. For example in December 2017, in one of the first public discussions by a senior Western military official of the growing threat, the then-UK Chief of Defence Staff (CDS) Air Chief Marshal Sir Stuart Peach told the Royal United Services Institute’s annual CDS lecture that Russia’s growing focus on ‘grey zone’ warfare was creating “a new risk to our way of life”, especially through the potential exploitation of “the vulnerability of the cables that criss-cross the seabed”.
Such mentions by senior Western officials are now routine. For example, speaking to media during a visit to Jagel airbase, Germany in June 2023, NATO Secretary General Jens Stoltenberg said “We know that CUI, such as gas pipelines, oil pipelines, [and] not least older internet cables, are critical for our modern societies and they are vulnerable …. We are stepping up what we do to protect critical infrastructure.”
NATO’s steps have included establishing: the Critical Undersea Infrastructure Co-ordination Cell at NATO headquarters in Brussels, to provide a strategic-level contact point for countries, militaries, industry, and other stakeholders to engage and co-ordinate in addressing the risk; and the NATO Maritime Centre for the Security of Critical Undersea Infrastructure at NATO Allied Maritime Command (MARCOM), Northwood, UK, to be the operational-level contact point for such stakeholders to engage, including on key tasks such as building an enhanced maritime situational awareness (MSA) picture.
The centrality of the seabed CUI risk for NATO in the context of the wider security threats the alliance faces was reflected in the fact that the issue was addressed in the communique released following NATO’s latest summit, held in July in Vilnius, Lithuania.
“The threat to CUI is real and it is developing,” the communique stated. “We are committed to identifying and mitigating strategic vulnerabilities and dependencies with respect to our critical infrastructure, and to prepare for, deter, and defend against the coercive use of energy and other hybrid tactics by state and non-state actors.” “The protection of CUI on allies’ territory remains a national responsibility, as well as a collective commitment,” the communique added.
Risk Context
Certainly, the CUI risk is regarded by Western state and multinational actors as being a clear and present danger. This is especially so given the context of Russia’s invasion of Ukraine in February 2022 and the ongoing war, Russia’s targeting of Ukrainian economic infrastructure ashore during the conflict, and continuing patterns of Russian naval and wider maritime activity in the vicinity of key CUI nodes at sea across the Euro-Atlantic theatre.
According to social media reports on Twitter (now ‘X’), for example on The Lookout military and defence analysis page, in May 2023 a group of Russian surface ships spent several days in the North Sea and in waters off Bergen, Norway. Also in May 2023, Irish media outlets reported that Irish Naval Service and UK Royal Navy (RN) vessels were monitoring a group of Russian ships sailing off Ireland’s West coast, with other Russian ships reported to be conducting unusual manoeuvres off Galway near a newly-laid seabed cable.
In April 2023, a BBC report cited a joint Danish, Finnish, Norwegian, and Swedish media investigation noting that a group of Russian ships including research vessels and fishing trawlers was conducting activities around CUI sites in the North Sea. Also in April, UK Defence Secretary Ben Wallace told a media briefing during a visit to Washington, D.C. that Russian submarines operating in the North Sea, Irish Sea, and wider North Atlantic were using “some strange routes they normally wouldn’t do”.
In February 2023, Reuters reported that the Netherlands’ military intelligence agency (MIVD) had revealed in a media briefing that a Russian ship had been escorted away after being detected sailing close to an offshore windfarm in the North Sea.
In December 2022, a Russian naval group was shadowing a US Navy carrier strike group sailing in the Straits of Otranto, between Albania and Italy, and a tanker from the group detached to operate close to a CUI site having turned off its Automatic Identification System (AIS) signal.
As regards the September 2022 Nordstream incident, NATO and Baltic regional countries publicly attributed the explosions to an act of sabotage. Following the incident, official and media reports noted that Russian vessels including an auxiliary ship had been present in the vicinity of the site several days prior to the explosions.
Range of Risk
These prominent activity patterns are clearly one component of the seabed CUI risk. Other components include the vast expanses and depths of water that must be surveilled across a range of different geographical regions, and the fact that there are many different types of CUI, such as: oil and gas rigs and pipelines; offshore windfarms; and cables carrying power, military communications or sensors, telephone communications, or internet and financial data.
Moreover, climate change may bring increased geophysical risk to CUI, such as rising sea levels threatening cable connections on land, stormier seas generating larger waves and currents that can move or damage seabed cables, and extreme weather impacting energy production sites at sea.
The challenge in monitoring and securing the array of CUI types across the depths and distances is compounded by the fact that an adversary like Russia has a range of platforms that can be used to conduct seabed operations. For Russia, these platforms include: submarine types designed specifically for seabed activities; surface ships and other submarine types that can deploy uncrewed underwater vehicles (UUVs) as part of their routine naval operations; auxiliary vessels including intelligence, surveillance, and research ships; and even commercial vessels like fishing trawlers. Simply put, it is not just ‘grey ships’ that are involved.
Set against the geographic coverage the West must generate to secure CUI that is of significant national and international strategic value, and set too in the context of deteriorating Euro-Atlantic security as illustrated by war in Ukraine, Russia’s range of capabilities affords it an opportunity to exploit Western CUI security vulnerabilities.
Experts assess there are clear implications.
Speaking to ESD in a personal capacity, Dr Paolo Braca – a senior scientist, and project manager for data knowledge and operational effectiveness (DKOE), at the NATO science and technology office’s (STO’s) Centre for Maritime Research and Experimentation (CMRE) in La Spezia, Italy – said “This is why they are mapping now, so that they know where to go.” Dr Braca was co-author, with several CMRE colleagues, of a paper titled ‘Monitoring of Critical Undersea Infrastructures: the Nordstream and Other Recent Case Studies,’ published in the IEEE Aerospace and Electronic Systems Magazine in June 2023. The paper discussed the use of data in CUI protection.
Military operators need to gather and process increasing amounts of data, with different military operators needing access to different data depending on their different domain requirements. This data then must be assessed, turned into information, and disseminated, both between platforms and – in the case of CUI security – between countries. Within a focus on developing capability for all-domain situational awareness, a common MSA picture for the maritime domain is essential, including for tackling the CUI threat.
CMRE’s DKOE programme looks broadly at the role of science and technology research in improving MSA, but particularly at how emerging technologies like artificial intelligence (AI), ‘Big Data’ analytics, and improved computing power, alongside emerging concepts like intelligence and information fusion (I2F), can be integrated to enhance MSA overall, in particular providing capacity to address current challenges like detecting risks to CUI, including through enhancing the process of information collation, distillation, and dissemination.
Data Analytics and Information Sharing
The extensive and varying nature of the threat underlines the need to approach the development of any solution from a co-operative, integrated, and holistic perspective, Dr Braca explained. From his personal perspective, he said, “There isn’t a silver bullet for this problem. There isn’t a single vessel that can do it: [we] need a range of connected assets and sensors.”
Perhaps more significantly, Dr Braca underlined the importance of how data gathering and analysis can be developed to better understand movements at sea in risk areas, in order to better predict where a CUI vulnerability may emerge and where a threat to that CUI asset may come from.
Taking the Nordstream incident as an example, from the scientific perspective Dr Braca noted that the issue was not so much needing to know who was responsible, but rather what was the pattern of activity and how could any anomalies be identified to indicate that somebody was doing something unusual. Here, he explained, commercial ships for example conduct transits in a certain way, such as sailing directly from point A to point B.
Even a government or commercial maritime asset conducting search-and-rescue tasking, which by definition requires repeat transits over certain areas, would use patterns that are commonplace. A vessel – or, more notably, a group of vessels – conducting suspect activity at a CUI site may spend several days there and may operate in an unusual manner.
Mapping and monitoring CUI is a complex, time-consuming task. This is the case for conducting operations from both offensive and defensive perspectives. Russian strategic focus on CUI sites is such that ships conducting these missions are often doing so in groups of vessels. However, even though extended presence of such groups could indicate an imminent risk, if such presence is not detected, then the alarm cannot be sounded.
Increasing Information
“The key point for monitoring is to increase the number of sensors that can collect information,” said Dr Braca. The sensors need either to carry, or have a connection to, an on-site ‘hub’ that can collect, process, and assess data, and then pass on the information gleaned and/or sound the alarm.
The role of on-site ‘hubs’ for processing data and sharing information underlines the importance of being able to combine multiple data sets when identifying risks to CUI. Dr Braca noted that combining multiple data sets – ranging from strategic intelligence data on an adversary’s activities down to geophysical data like seabed topography – is a key development that can assist with CUI risk assessment, along with understanding key geographical risk points and observing locations that an adversary tends to prioritise. While an adversary may avoid an area where there is a significant presence of NATO forces, such presence can also be an indicator to an adversary that the area is of importance.
Speaking in his personal capacity, Dr Braca highlighted a key point: “The biggest problem is you do not have assets to protect the whole area. What you can do is send assets to protect critical parts,” he said. This highlights the issue of limited asset numbers – certainly, at least in terms of crewed platforms – but also underlines the role of networking and information sharing in delivering expanded, integrated presence.
The development of integrated sensing and communications capability to support effective CUI security can be enhanced through using AI and data analytics. Here, Dr Braca explained, AI can be used to predict the position of a ship looking a few hours ahead into the future. “Why is this important?” he asked. “It is because we know that, if the vessel is predictable, then it is not going to do anything [it shouldn’t do].” The capability already exists to use AI to predict ship positions in order to avoid collisions, Dr Braca added.
Risk Response
In sum, to enhance capacity to respond effectively to the CUI risk, there may be a need to map the CUI network and understand its vulnerabilities, to provide networked sensing capability from seabed to space to monitor suspicious movements on or below the surface, and to be able to deploy appropriate assets to the scene to deter or defend in response.
As regards the networked sensing capability itself, there is the question of whether CUI nodes, including cables, can be designed to carry sensing capability. Dr Braca noted that, given the requirement to add sensing capacity, the CUI network could be developed to carry sensors, conduct processing, integrate with other information sources, and sound the alarm if required.
The spate of recent events, including the Nordstream explosions, and the regularity of a sustained Russian vessel presence in certain regions raises the question of what further steps NATO countries could take to improve their capacity to address the CUI risk.
At the strategic level, improved information sharing – relating for example to the locations both of CUI nodes and national assets able to provide CUI protection – should be a priority. Speaking at the RN-led ‘First Sea Lord’s Sea Power Conference 2023’, held in partnership with the Council on Geostrategy and King’s College London at Lancaster House, London on 16-17 May 2023, the Royal Norwegian Navy’s (RNoN’s) Chief of Navy Rear Admiral Rune Andersen said that, in the wake of the Nordstream incident, the RNoN contacted the Norwegian oil and gas commercial sector and found out that the sector owned up to 600 commercial UUVs. Norway then came together with Denmark, Germany, the Netherlands, and the UK to surveil 9,000 km of cables and pipelines in the Northern European region in three months, with countries in the region recognising the strategic need to grant underwater access to their CUI sites to allow surveillance to take place.
In previous times, countries were barely prepared to publicly discuss underwater security matters, never mind allowing even their closest allies to access sensitive waters and information. In the wake of the Nordstream incident and the wider emergence of the risk to CUI, this pattern is evidently changing.
Dr Lee Willett