The Baltic Sea and new strategy

For decades the Baltic Sea stood somewhat apart from global geopolitical tensions. Surrounded largely by stable democracies and positioned away from the world’s main maritime trade routes, it was perceived as a predictable and secure region. Economic development progressed gradually: ports expanded, shipyards modernised and container traffic increased. Few regional governments believed they were exposed to dramatic security scenarios.

This perception began to erode after 2014, when Russia’s increasingly aggressive foreign policy reshaped the security environment in Europe. The full-scale invasion of Ukraine in 2022 accelerated this shift. The Baltic Sea is no longer simply an economic artery linking Poland, Germany and the Nordic states. It has become a space of strategic risk where hostile actors do not need missiles or warships to inflict serious damage.

The geography of the Baltic makes it particularly vulnerable. The sea is narrow, shallow and densely packed with infrastructure: energy cables, wind farms, pipelines, shipping lanes and port approaches. In such an environment, even minor incidents can create cascading effects across multiple sectors.

Russia’s growing presence

Increased Russian activity in the Baltic region is no longer a matter of speculation. NATO data, intelligence reports and naval observations indicate a rising number of incidents that fall into what analysts describe as the „grey zone” of hybrid operations.

Russian vessels now appear near energy infrastructure more frequently than in the past. These include reconnaissance ships, underwater support units, research vessels and commercial ships with opaque ownership structures. Officially, many of these activities resemble routine measurements or scientific operations. Yet they may also represent something more.

Technical services in countries such as Finland, Sweden, Estonia and Germany have recorded unusual acoustic signals, disturbances along cable routes and fluctuations in system parameters suggesting possible physical interference. An increasing number of vessels operating with their AIS transponders switched off has further intensified uncertainty. Any such vessel could potentially carry equipment capable of manipulating or damaging underwater cables.

In this environment, underwater sensors, sonar systems and maritime monitoring technologies have become critical elements of regional security.

The rise of underwater sabotage

Several incidents in the Baltic and North Sea have come to symbolise this new era of vulnerability. These include disruptions to the Estlink 2 electricity connection between Finland and Estonia, damage to communication cables such as C-Lion1 and the BCS East-West Interlink, unexplained signal losses from autonomous monitoring buoys, and suspicious movements of cargo ships operating without active AIS signals.

Unlike traditional military operations, underwater sabotage is extremely difficult to detect in real time. It can be carried out by civilian vessels, autonomous underwater vehicles, drones or specialised diving teams. Yet the consequences may be severe: disruption of electricity supplies, financial system instability, port shutdowns, broken telecommunications links and wider supply-chain disturbances.

These incidents have exposed a structural weakness in the region. Existing institutions and procedures were not designed to respond rapidly to such threats. As a result, the Baltic lacks a coherent architecture of resilience and coordinated response.

The shadow fleet problem

One of the most concerning developments is the emergence of the so-called shadow fleet: vessels registered under obscure flags, often without clear ownership structures, operating without insurance and outside standard inspection regimes.

Many of these ships transport sanctioned Russian oil. Yet their potential role may extend beyond commercial logistics. A vessel operating without AIS may linger above a subsea cable, deploy underwater drones or conduct reconnaissance of sensitive infrastructure. In a sea as dense with critical infrastructure as the Baltic, such activities introduce a dangerous level of unpredictability.

Multiple threats – hybrid attacks

The Baltic Sea has effectively become a testing ground for hybrid pressure. Infrastructure sabotage, cyber attacks on ports, disinformation campaigns, maritime intimidation and covert intelligence operations are not isolated phenomena. They reinforce one another.

Despite this growing convergence of threats, the region lacks a single operational structure capable of coordinating responses. NATO navies, national governments, cable operators, energy companies and port authorities all possess fragments of the picture, but no institution currently integrates them into a unified operational framework. This institutional gap increasingly defines the region’s security challenge.

A region rich in institutions

The Baltic Sea region is one of the most institutionally dense areas in Europe. Numerous formats and organisations operate there: NB8, CBSS, NORDEFCO, the European Union, NATO, HELCOM and several energy cooperation frameworks. At first glance, the region appears heavily governed. In practice, however, this abundance of institutions has become a weakness. Most organisations address only narrow aspects of cooperation and lack the operational mandate required to respond quickly to hybrid threats. The result is a paradox: a region filled with structures but lacking a central coordinating mechanism.

For instance, the NB8 format, bringing together Nordic and Baltic states, remains one of the region’s most respected diplomatic platforms. It facilitates political consultations and strengthens trust among governments. Yet NB8 was never designed as an operational security mechanism. It lacks a joint crisis response centre, a common analytical unit and systems for monitoring or protecting underwater infrastructure. In an era when damage to a single cable may cause billions in losses, purely political consultation frameworks are insufficient.

From Poland’s perspective, deeper engagement with Nordic cooperation formats – including NB8 – could still be beneficial. Such participation would signal Warsaw’s strategic interest in the northern region. However, any expansion of NB8 should remain sensitive to the perspectives of existing members, particularly the Baltic states, which sometimes fear that the growing influence of larger actors could overshadow their interests. The Council of the Baltic Sea States (CBSS) concentrates primarily on environmental protection, youth mobility, academic cooperation and economic projects. Its membership includes ten regional countries and the European Union.

CBSS enjoys considerable legitimacy and has delivered meaningful results, particularly in environmental cooperation. However, it openly acknowledges that military security and protection of critical infrastructure fall outside its mandate. This limitation reflects the organisation’s origins in a period when the region’s main challenges concerned environmental degradation rather than hybrid conflict.

NORDEFCO: advanced defence cooperation

Among existing frameworks, NORDEFCO – the Nordic Defence Cooperation – represents one of the most advanced regional defence initiatives in Europe. It coordinates military exercises, procurement cooperation and interoperability among Nordic armed forces. However, NORDEFCO has two structural limitations. First, it does not include Poland or the Baltic states. Second, it focuses on military cooperation rather than civilian infrastructure.

Yet many of the most pressing security threats in the Baltic region are hybrid rather than purely military. Ports, cables, logistics systems, energy infrastructure and satellite communications are just as important as warships or fighter aircraft. It must be added that Finland and Sweden’s accession to NATO has significantly strengthened the Alliance’s presence in northern Europe. The Baltic Sea has effectively become an internal maritime space for NATO.

Nevertheless, even NATO lacks a dedicated operational structure specifically designed to protect undersea infrastructure. Incidents involving cables, pipelines or underwater anomalies are handled by multiple units rather than a single integrated command. The Alliance has begun addressing this gap through initiatives such as the Maritime Centre for the Security of Critical Undersea Infrastructure, but this remains an initial step rather than a comprehensive solution.

BALTOPS and growing regional cooperation

The BALTOPS exercises, conducted annually since 1972, illustrate the growing integration of regional security structures. Recent exercises such as BALTOPS25 demonstrated increased emphasis on autonomous systems, maritime domain awareness and hybrid threat scenarios.

US and NATO forces tested the integration of unmanned systems near the Polish port of Ustka, while US Marines conducted HIMARS exercises across Poland and the Baltic states. These exercises enhance interoperability but also highlight a structural reality: regional security still relies heavily on American capabilities.

Europe’s reliance on the United States

Despite growing European defence spending and cooperation, many key elements of regional security – including command systems, intelligence capabilities and maritime situational awareness – remain heavily dependent on the United States.

Platforms such as USS Mount Whitney and the command structures of the US Sixth Fleet continue to play central roles in coordinating multinational operations. European allies are gradually expanding their capabilities, but their ability to independently conduct complex maritime operations remains limited. This reliance raises questions about Europe’s operational autonomy should American engagement in the region become constrained.

In which direction we should move?

At the same time, the Baltic Sea increasingly serves as a strategic testing ground for Europe’s future defence capabilities. The dense concentration of critical infrastructure, proximity to potential adversaries and prevalence of hybrid threats create an operational environment well suited for testing new concepts such as distributed intelligence systems, autonomous maritime platforms and resilient logistics networks. In this sense, the Baltic is not a peripheral theatre but a central arena where Europe’s strategic credibility is being shaped.

The central contradiction of the Baltic region is simple: threats are shared, but responses remain fragmented. Different countries maintain different levels of investment in underwater surveillance, cybersecurity and naval capabilities. Procedures for responding to incidents vary widely. This fragmentation has led policymakers to consider a more integrated framework – one that could combine military cooperation with infrastructure protection, energy security, cyber defence and maritime monitoring.

Increasingly, analysts discuss the idea of a Baltic military-economic macroregion: a structure that would integrate defence forces, ports, energy systems, transport networks and cyber capabilities into a coherent regional security architecture. What once seemed like a futuristic proposal is now increasingly viewed as a strategic necessity.