While the Baltic countries and NATO have been working to defend themselves against cyber attacks, incidents in the Baltic Sea have revealed how vulnerable critical infrastructure is to conventional kinetic damage. While Lithuania, like all NATO members, is stepping up efforts to protect its facilities, experts stress that there is simply too much infrastructure to guard it all.
NATO’s focus
Last year, three explosions damaged the Nord Stream gas pipelines running underneath the Baltic Sea between Russia and Germany. This autumn, damage was done to the Balticconnector pipeline and two communication cables linking Estonia to Finland and Sweden, probably by a Chinese ship.
“The threat has been overlooked for too long, partly because the sheer number of facilities makes it difficult to prevent such incidents. It is also typical that threats are not addressed before they materialise,” Matti Pessu, an expert at the Finnish Institute of International Affairs (FIIA), told LRT.lt.
At the NATO summit in Vilnius last July, member states agreed to set up a new Critical Underwater Infrastructure Centre at the NATO Naval Command in the UK. Earlier this year, the EU and NATO set up a joint working group on critical infrastructure resilience.
NATO Secretary General Jens Stoltenberg attended the EU Foreign Affairs Council last week. Meeting with EU defence ministers, he said that cooperation between NATO and the EU in protecting critical underwater infrastructure was very important.
Following the incidents in the Baltic Sea, the alliance has increased the number of reconnaissance flights and patrols in the Baltic and North Seas, deployed additional minesweepers, and the UK-led Joint Expeditionary Force (JEF).
Responsibility for protecting Lithuania’s critical infrastructure is divided among four ministries, while the physical protection of facilities is the responsibility of facility managers and the Public Security Service. MP Laurynas Kasčiūnas, chairman of the parliamentary Committee on National Security and Defence, said that “all areas need to be improved”.
Therefore, in September, the Lithuanian ministers of energy and finance set additional requirements for the highest level of physical security around energy infrastructure facilities: their managers must install detection and neutralisation systems for unmanned aircraft, physical barriers to reduce the consequences of explosions and fires at transformer and inverter sites, the Energy Ministry said in a written comment to LRT.lt.
It also considers installing protective measures against electromagnetic radiation and building up a reserve of materials and equipment for faster repairs. The importance of quick repairs became particularly evident during the Russian attacks on Ukraine’s energy infrastructure last winter.
Lithuania is also beefing up the protection of its maritime border and critical infrastructure near the sea, and will therefore re-establish the Coast Guard Detachment of the State Border Guard Service from next year.
“The security plans for strategic facilities will also include algorithms for interaction with the Lithuanian Armed Forces. Taking into account the lessons learned from the war in Ukraine, it is important that the Lithuanian Armed Forces become involved in the protection of strategic objects even before a state of war,” the Interior Ministry told LRT.lt.
Russia in crosshairs
Russia is the biggest threat in the region. Just last year, Nordic broadcasters published a joint investigation which revealed that Russian ships were surveying and mapping Europe’s critical infrastructure in the North Sea. According to a former long-time Dutch intelligence officer, this is a clear signal that Russia is preparing for war with the West.
“Underwater infrastructure is the weakest link. It is extremely difficult to monitor, which makes it vulnerable to sabotage,” says Pessu. Most vulnerable are the undersea internet cables that run along the Atlantic seabed from Ireland to the US. Underwater fibre-optic cables still transmit 95 percent of the world’s data.
“These cables are quite often damaged by passing ships, and the damage is quite small because there are many cables and they compensate for the lost capacity. But in the event of a conflict, facilities such as LNG terminals would be heavily guarded and the impact of their loss would be enormous. Therefore, any defence strategy has to take this into account and allocate resources to adequately defend such facilities,” Tony Lawrence, a researcher at Estonia’s International Centre for Defence and Security (ICDS), told LRT.lt.
Following the incidents in the Baltic Sea, Latvia has suspended plans to build a liquefied gas terminal in the village of Skulte, northeast of Riga, and the need for it will be decided by the parliament’s National Security Committee. Prime Minister Evika Siliņa has also ordered a review of the security of Latvia’s critical infrastructure and its preparedness for potential risks.
The Lithuanian Navy deployed its mine countermeasures ship to inspect the NordBalt cable after the incidents in the Baltic Sea, and NATO forces are now providing enhanced security around underwater infrastructure.
“Moreover, enhanced surveillance of energy infrastructure (including the Būtingė oil terminal) in the territorial sea and the Exclusive Economic Zone of the Republic of Lithuania is being carried out with technical means. The Lithuanian Armed Forces and the representatives of the Būtingė terminal have agreed on the coordination of actions and timely exchange of data,” the Defence Ministry told LRT.lt.
Defence by allies
The war in Ukraine has shown how Russia can weaponise energy and attack civilian infrastructure to disrupt the Ukrainian public sector and society.
The new NATO defence plans outline which critical infrastructure allied forces would defend in the event of war. The protection of such facilities is defined in each country’s defence plans.
Following the Nord Stream bombings last year, NATO set up a Critical Infrastructure Coordination Unit at the Alliance Headquarters in February, to ensure cooperation between the private sector, the military and civilians, and to share best practices in the protection of underwater critical infrastructure. It has carried out a security assessment of such facilities and presented a report to the allies.
Critical infrastructure protection in the Baltic states is primarily seen through the lens of the Russian threat, but also the Belarusian threat. For some time, there have also been warnings of possible threats from China, as Beijing was seeking to invest in the port of Klaipėda and proposing to build a tunnel from Tallinn to Helsinki, among other projects. However, analysts believe that China would draw no benefit from targeting Europe infrastructure.
The war in Ukraine has shown how important it is to be prepared to fix damage quickly, and to involve civilians.
“Attacks can be carried out relatively cheaply using drones and missiles. An adversary prepared to attack civilians can achieve strategic-level effects with relatively few resources. This means that our societies need to ensure the resilience of critical infrastructure – not just to protect it, but to be better prepared to repair it,” says Lawrence.
What to do in peacetime?
Malicious acts against critical infrastructure are not tantamount to an act of war – security expert Elisabeth Braw classifies them as grey-area aggression. “No Western country has yet figured out exactly how to punish such aggression without involving troops or military weapons,” the analyst notes in her Politico article.
There is plenty of evidence that the damage to pipelines and cables in the Baltic Sea was done by the Chinese vessel Newnew Polar Bear: it took an unusually long 52 hours to make the journey from Kaliningrad to St. Petersburg, it was at all three connections at the time of the incidents, and when the anchor that damaged the Balticconnector was pulled up from the seabed, the vessel was photographed missing one of its own.
Countries that suffer from such incidents face the dilemma: how to react, respond and punish such grey zone aggression? The use of military measures may be perceived as brandishing weapons, escalation and met with threats, but a simple condemnation of aggression may not be effective enough to prevent such incidents in the future.
Therefore, the breach of the Balticconnector and the communication cables will be a test. Estonia, Finland and Sweden know that they will have to react once investigations clearly identify the culprits.
Although there have been several public calls in the aftermath of the incidents for a ban on Russian ships in the Baltic Sea, Moscow would probably perceive such a step as an escalation and an outright declaration of war. Therefore, such a step will not be taken.
“Countries should increase information sharing and find the best ways to deter such threats. This could mean increasing military presence at critical infrastructure, developing new surveillance tools. It should also be communicated to Russia that NATO and its allies may pose a threat to Russia’s critical infrastructure. Moreover, Russia needs to know that it will not achieve its political objectives by sabotaging allied facilities,” says Pessu.
NATO has repeatedly warned that a serious hybrid attack, which could include an attack on critical infrastructure, could trigger the activation of Article 5 of its collective defence treaty.
“But it is unlikely that such an attack would cross that threshold in peacetime,” Lawrence believes. “NATO insists that defending against hybrid threats is a national responsibility, but we have lessons to learn from each other and a common approach could be beneficial. We should also think about more deterrent messages.”
Experts are also calling on Western countries to diversify their strategic infrastructure, supply and energy chains to reduce the importance of individual sites.
“An adversary won’t bother destroying our underwater infrastructure if they know that supplies can simply be diverted,” concludes Lawrence.
Newsletter
Every Friday morning.
