In this ISJ exclusive Michael Kolatchev, Principal and Lina Kolesnikova, Senior Consultant of Rossnova Solutions explore subsea infrastructure, AI and strategic stability.
A single disruption to subsea infrastructure can interrupt global data flows, degrade military communications and generate escalation risks without clear attribution or intent.
Despite growing investments in surveillance, AI-enabled monitoring and resilience measures, the subsea domain remains one of the least governable and most strategically ambiguous spaces in contemporary security.
This article argues that subsea infrastructure constitutes a distinct strategic domain in which classical deterrence logic systematically breaks down, shifting security outcomes toward deterrence by denial, resilience and contested governance rather than punishment.
Globalisation and deepening economic interdependence have increased reliance on digitised and transnational infrastructure systems, intensifying the challenge of their protection across borders.
Beyond traditionally recognised assets such as highways, airports and power grids, some of the most strategically consequential infrastructure lies beneath the seabed.
Subsea networks that transmit data, energy and resources underpin global economic activities, military operations and political connectivity, making them critical nodes in contemporary international security.
Disruptions to the subsea critical infrastructure (CI) can therefore generate strategic effects disproportionate to the scale of the initiating act, complicating crisis management and escalation control.
Subsea CI such as submarine data cables, energy pipelines, offshore installations and associated control systems is inherently vulnerable.
These assets are geographically dispersed, difficult to monitor and defend continuously, yet comparatively easy to damage or sabotage.
Vulnerabilities are especially acute at maritime choke points such as the Suez Canal, the English Channel and the Luzon Strait, where congestion and limited redundancy amplify systemic risk.
Governance arrangements have not kept pace with these vulnerabilities, leaving significant regulatory gaps, particularly in international waters.
Subsea infrastructure as a strategic vulnerability
The security environment is further complicated by dual-use activity and persistent attribution challenges. Civilian vessels can be employed for covert operations, enabling plausible deniability and obscuring intent.
As a result, subsea infrastructure has emerged as a contested domain in grey-zone competition and hybrid conflict, allowing states to pursue strategic objectives below the threshold of armed confrontation.
Threats range from deliberate sabotage and cyber-physical attacks to accidental damage, while jurisdictional fragmentation and blurred public–private responsibilities undermine effective deterrence and response.
Taken together, these dynamics position subsea CI not merely as a technical or commercial concern but as a growing strategic vulnerability with direct implications for deterrence stability, escalation dynamics and international order.
Surveillance and governance: Necessary but insufficient
Protecting subsea CI requires a layered approach integrating technical, legal and institutional measures. At the operational level, surveillance and detection are central, relying on unmanned underwater vehicles, naval patrols near sensitive sites, seabed sensors and satellite-based monitoring of vessel activity along infrastructure routes.
However, the physical characteristics of the undersea environment limit persistent monitoring, creating surveillance gaps exploitable by state and non-state actors.
At the governance level, initiatives often described as “cable diplomacy,” together with emerging legal and regulatory efforts, seek to clarify norms of behavior and improve coordination among states and operators.
These efforts aim to reduce strategic ambiguity, facilitate information sharing and support collective response mechanisms, particularly in areas beyond national jurisdiction where enforcement capacity remains limited.
Resilience is commonly pursued through redundancy, including alternative routing and reserve capacity designed to contain systemic disruption.
Because much subsea infrastructure is privately owned and operated, effective protection depends on structured public–private cooperation involving major technology firms, energy companies and infrastructure operators.
The central role of private actors complicates governance by blurring boundaries between national security imperatives, commercial interests and strategic competition.
Efforts to secure subsea CI are further shaped by a pronounced security dilemma. Defensive monitoring and protection measures may be perceived by other states or commercial competitors as intrusive, escalatory or dual-use.
This ambiguity is especially salient in hybrid threat contexts, where actors seek strategic effects while avoiding attribution.
As a result, subsea CI protection challenges traditional deterrence models based on credible attribution, signaling and proportional response.
In the absence of shared norms and confidence-building mechanisms, defensive initiatives risk reinforcing mistrust and intensifying strategic competition in the maritime domain.
New trends in detection and surveillance: AI and maritime domain awareness
A central contribution of AI lies in anomaly detection and sensor fusion. Machine-learning systems trained on AIS data, radar feeds, satellite imagery and sensor inputs establish baselines of normal maritime behavior and flag deviations such as route deviations, AIS manipulation, loitering near sensitive areas or proximity to subsea assets.
By integrating heterogeneous data streams into a coherent operational picture, AI-assisted triage reduces information overload and supports timely decision-making in data-dense maritime environments.
Predictive analytics add an anticipatory dimension by combining behavioral histories, environmental conditions, proximity to critical assets and geopolitical context to identify elevated risk patterns.
While such assessments remain probabilistic, they enable earlier intervention and more proactive risk management, particularly where response timelines are compressed and attribution is contested.
Limits of AI-based surveillance: False positives, attribution and escalation risks
Despite its growing role in subsea infrastructure protection, AI-based surveillance has inherent limitations that constrain its effectiveness as a security instrument.
A primary concern is the risk of false positives. Maritime environments are characterised by operational noise, dual-use activity and persistent ambiguity. Routine behavior by fishing vessels, research ships, maintenance operations or accidental deviations can generate patterns resembling hostile intent, increasing the risk that AI-driven anomaly detection misclassifies benign activity and contributes to misinterpretation or unnecessary escalation.
Attribution poses a second structural challenge. While AI enhances detection and pattern recognition, it does not resolve the core problem of assigning responsibility in the subsea domain.
Sabotage operations are often designed to obscure intent and identity, exploiting the remoteness of the seabed and the opacity of maritime activity.
Improved surveillance may indicate that an incident has occurred, but rarely establishes whether it was deliberate, accidental or state-directed.
This limitation undermines traditional deterrence mechanisms that rely on credible attribution and signaling.
AI-based surveillance may also introduce escalation risks. Enhanced detection can compress decision timelines in environments defined by uncertainty and incomplete information.
In grey-zone contexts, early warning may paradoxically increase instability by encouraging preemptive or defensive measures that others perceive as intrusive or provocative.
The deployment of autonomous or semi-autonomous monitoring systems further raises governance questions regarding command authority, human oversight and rules of engagement, particularly in international waters.
Finally, reliance on AI risks fostering a false sense of control. Although advanced analytics can improve situational awareness, they cannot eliminate ambiguity or substitute for political judgment.
Absent clear governance frameworks, shared norms and confidence-building measures, enhanced surveillance may shift patterns of competition rather than stabilise them.
AI-based surveillance should therefore be understood not as a substitute for deterrence and governance, but as a complementary capability whose strategic effects depend on how it is embedded within broader security and diplomatic architectures.
AI-powered subsea cable security and cyber-physical resilience
In practice, subsea cable operators increasingly deploy AI-enabled tools—such as AIS-based vessel monitoring, acoustic sensors, autonomous underwater vehicles and digital twins—to enhance situational awareness and support cyber-physical resilience.
While these capabilities improve detection and operational response, they face familiar constraints, including false positives in complex maritime environments, limited availability of labelled training data and vulnerability to spoofing or signal manipulation.
Moreover, the absence of robust international legal frameworks governing persistent maritime surveillance and intervention complicates accountability and escalation management, limiting the strategic effectiveness of such measures.
Cyber-physical resilience as a strategic imperative
Cyber-physical resilience refers to the capacity of systems integrating software, networks, sensors and physical components such as subsea cables, offshore platforms, pipelines and power grids to withstand, absorb and recover from combined cyber and physical disruptions.
Rather than prioritising prevention alone, resilience emphasises the continuity of critical functions under conditions of degradation, failure, or attack, including hybrid threats and natural hazards.
Strategic investment in cyber-physical resilience has gained prominence as societal and economic dependence on subsea infrastructure deepens.
Submarine data cables, often mischaracterised as niche assets, are central to the global internet and therefore represent a significant source of structural leverage.
Major technology firms increasingly invest in subsea infrastructure to secure connectivity between data centers, shaping not only commercial outcomes but also the resilience of the global digital ecosystem.
This investment landscape is further complicated by the rise of hybrid threats, as illustrated by incidents such as the Nord Stream sabotage and cyberattacks targeting operational technology.
As finance, energy and telecommunications become more tightly interconnected, systemic risk exposure increases.
Effective investment strategies must therefore balance returns with robust risk mitigation, particularly within public–private partnership frameworks that link commercial incentives with national and international security objectives.
Rethinking subsea infrastructure security
As with other forms of critical infrastructure, subsea systems require a shift from add-on protection toward security-by-design. Subsea cables should no longer be treated as isolated transmission lines but as distributed systems incorporating redundancy, alternative routing and backup connectivity, including satellite links.
Where persistent surveillance depends on autonomous surface or underwater vehicles, these platforms in turn require embedded support infrastructure, such as recharging points, autonomous power generation and resilient communications.
Over time, this logic transforms the notion of a “cable” into a network of interconnected lines and functional nodes capable of supporting monitoring, control and response along its route.
The subsea domain, like outer space, is effectively a no-man’s-land: inaccessible without specialised equipment and inhospitable to sustained human presence.
Just as early automobiles depended on roads and refueling networks to become operationally viable, autonomous subsea systems depend on integrated support architectures.
Embedding power, communication and monitoring capabilities directly into subsea infrastructure thus offers a pathway to sustained resilience, reducing reliance on episodic external intervention and strengthening long-term security.
Deterrence failure in the subsea domain
The subsea domain exposes fundamental limits of traditional deterrence. Classical deterrence relies on attribution, signaling and credible retaliation – conditions systematically undermined underwater by physical opacity, jurisdictional ambiguity and pervasive dual-use activity.
Sabotage can be conducted covertly, attributed with difficulty and plausibly framed as accident or technical failure, eroding deterrent credibility.
Enhanced surveillance, including AI-based monitoring, improves detection but does not resolve attribution or escalation control.
In some cases, it may increase instability by compressing decision timelines under uncertainty and incentivising preemptive or defensive actions perceived by others as escalatory.
As a result, deterrence by punishment is largely ineffective in the subsea domain.
Security therefore shifts toward deterrence by denial and resilience: reducing the feasibility, effectiveness and strategic value of attacks through redundancy, robustness and rapid recovery.
Absent complementary governance mechanisms and shared norms, however, the subsea domain is likely to remain a persistent grey-zone arena in which ambiguity favours coercion and technological advances alone are insufficient to ensure strategic stability.
Alternative consideration
The contemporary security environment is marked by a persistent deficit of trust among states and other capable actors.
This condition fundamentally constrains efforts to establish governance frameworks for critical infrastructure located beyond national jurisdictions.
Proposals to regulate or protect subsea infrastructure are frequently perceived not as collective security measures but as initiatives that disproportionately benefit a limited group of states.
Given that much critical subsea infrastructure primarily serves the economic and strategic interests of a small number of countries, such efforts are often interpreted as attempts to extend de facto control into areas that international law otherwise treats as beyond direct national jurisdiction.
These perceptions have direct security consequences. Infrastructure that is viewed as an extension of the national interests of dominant actors is more likely to be treated as a legitimate target by those seeking to contest the existing distribution of power.
As a result, governance deficits reinforce rather than mitigate risk, sustaining the subsea domain as a permissive environment for grey-zone activity and coercion.
In a context of sustained strategic competition, one possible approach involves differentiating between individual and shared zones of control.
In this context, “control” should be understood not as sovereignty, but as the collective capacity to ensure infrastructure accessibility for legitimate use while preventing its exploitation against the security interests of participating actors.
Although inherently difficult to negotiate, such arrangements could enable limited trust-building and risk reduction for selected categories of subsea infrastructure.
A functional, multi-dimensional framework could further complement geographic considerations with criteria related to use, access, monitoring and control.
Where feasible, certain infrastructures might be designated as non-dual-use, reducing their strategic value and associated incentives for interference.
However, such de-escalatory effects depend on the acceptance of credible oversight mechanisms and a broadly perceived balance of interests among the principal capable actors.
Existing international regimes offer instructive lessons. The Antarctic Treaty demonstrates that durable governance beyond national jurisdiction is possible when frameworks are perceived as equitable and non-discriminatory, while other regimes illustrate how erosion of these principles undermines trust and compliance.
For subsea infrastructure protection, any viable framework must therefore embed mechanisms for monitoring, enforcement, continuity and periodic review, while explicitly addressing the challenge of asymmetric interests and uneven starting positions among participants.
At minimum, progress requires a willingness by all relevant actors to engage in sustained dialogue and to negotiate in good faith.
Without such engagement, governance initiatives risk reinforcing existing mistrust, leaving subsea infrastructure security governed less by shared rules than by strategic competition and unilateral risk-taking.
