“We see you.”

This is an unusually direct message from Defence Secretary John Healey to a nuclear-armed state, delivered publicly and as a direct warning to Vladimir Putin, in response to suspected Russian submarine activity near critical subsea infrastructure north of the UK. Governments have monitored such activity for decades. The analytical significance lies not in the activity itself—Russia has loitered near Western cable infrastructure for decades—but in Britain’s decision to move from covert monitoring to public attribution before any damage was reported. This shift from retrospective investigation to real-time signaling represents a meaningful change in how NATO governments are choosing to manage gray zone threats to subsea infrastructure.

The activity in question is consistent with long-standing patterns associated with GUGI—Russia’s Main Directorate for Deep-Sea Research, a specialist unit within the Ministry of Defence tasked with deep-sea intelligence collection and potential interference with subsea infrastructure. Reporting around the recent North Atlantic operation described an Akula-class submarine acting in a diversionary role, alongside specialist deep-diving platforms operating near undersea cable routes. No damage to infrastructure was confirmed, and UK statements indicated that Russian vessels subsequently left the area. Yet the strategic relevance does not depend on kinetic effects. The distinction is between destruction and positioning, or latent capability and activated capability. Mapping, surveillance, and loitering around subsea cables constitute preparation for contingency rather than execution of it. In this sense, they function as intelligence preparation of the battlespace—or at minimum, persistent peacetime positioning—rather than isolated peacetime activity

A Pattern of Positioning

This pattern is consistent with wider regional developments. In November 2024, the BCS East-West Interlink (Sweden-Lithuania) and C-Lion1 (Finland-Germany) subsea cables in the Baltic Sea were severed within days of one another. Cable damage from anchor drag and fishing activity is routine—the majority of the 150-200 global cable faults annually have mundane causes. This is precisely why attribution remains difficult. However, European governments treated the Baltic incidents as consistent with deliberate interference in critical infrastructure. The response was not limited to investigation. NATO expanded maritime patrol activity and moved towards more structured protection of undersea infrastructure, including standing surveillance frameworks such as Baltic Sentry naval deployments and the Maritime Centre for Security of Critical Undersea Infrastructure. The April 2026 UK operation sits within this broader trajectory in which subsea infrastructure has moved from technical—largely commercial—assets to contested strategic domain.

The central analytical question is why the UK chose to announce this activity publicly. The traditional model of response to such incidents has been discreet. This model has comprised persistent monitoring, shadowing, and private signaling between states. It assumed ambiguity to be stabilizing; the emerging pattern suggests the opposite. Ambiguity is now assessed as operational advantageous to the actor conducting gray zone activity. Public attribution alters that balance. By naming both the activity and the actor, the UK seeks to reduce plausible deniability and increase diplomatic, reputational, and operational costs—pursuing deterrence through exposure rather than threat of force. It forces a choice between continuing activity under heightened scrutiny or accepting reduced operational freedom. In this context, visibility becomes a tool of statecraft rather than a by-product of detection.

Limits of the Law

This response is largely shaped by structural constraints embedded in the maritime legal order. Under the United Nations Convention on the Law of the Sea (UNCLOS), much of this activity occurs within Exclusive Economic Zones (EEZ) rather than territorial waters. In the EEZ, coastal states retain sovereign rights over seabed resources and infrastructure, but do not exercise full sovereignty over the waters above, where foreign military vessels retain significant freedoms (Articles 56, 58). Submerged navigation passage is generally permitted; surveillance and military hydrographic surveying in EEZ waters remain contested in customary international law, though state practice is inconsistent. This creates a legal and operational gap between activity that is lawful and activity that is strategically significant. It also constrains the range of response available to coastal states, which may track and signal but face limitations on direct interdiction absent clear thresholds of damage or imminent threat.

The strategic implication is that mapping and surveillance of cable systems can generate latent coercive leverage—knowledge for future disruption—without crossing legal thresholds that would justify escalation. Subsea cable networks carry 99% of UK data traffic and land at dozens of points along the coastline, creating systemic dependence on infrastructure that was designed for commercial efficiency, rather than contested strategic resilience. Repair capacity is also limited, vessels are ageing, and restoration requires coordination across multiple jurisdictions and permitting regimes that can delay response times even under cooperative conditions. Within this environment, knowledge of cable topology, redundancy, and repair constraints has operational value. Mapping therefore constitutes pre-crisis preparation, enabling future action that is faster, more precise, and harder to mitigate.

The decision to make Russian activity public should be understood in this context. It reflects both capability and constraint. Operationally, it signals that activity is being detected and monitored in real time, increasing the cost of operating under assumptions of concealment. Strategically, it externalizes the issue, reinforcing NATO’s evolving posture towards persistent protection of undersea infrastructure and normalizing cable security as a standing defense concern rather than a niche maritime issue. This is reflected in expanded patrol activity in the Baltic and broader allied efforts to institutionalize monitoring of critical undersea systems.

Visibility Without Resolution

However, visibility is not a comprehensive solution. It is a posture that operates within structural limits. Repeated public attribution risks diminishing returns if not accompanied by improvements in resilience or enforcement capacity. Adversaries can adapt through improved operational discipline or counter-surveillance measures, while the underlying legal and physical vulnerabilities remain unchanged. The same structural features that permit mapping activity in the EEZ also constrain the ability to prevent it.

The significance of the Defence Secretary John Healey’s statement is therefore not that it reveals previously unknown activity, but that it marks a shift in how such activity is being managed. Subsea cables are no longer treated as passive commercial infrastructure observed discreetly in the background of maritime security. They are now explicitly framed as strategic assets subject to ongoing contestation. The question that follows is whether public visibility represents the emergence of a coherent deterrence strategy, or whether it reflects the limits of what can be achieved in a domain where exposure is rising faster than control.

Visibility may not deter Russia indefinitely, but it establishes a precedent. Western governments are prepared to name threats to subsea infrastructure publicly, absorb the diplomatic friction that follows, and treat cable security as a standing defense concern rather than a niche maritime problem. Whether that precedent hardens into a coherent protection strategy—or remains a posture without adequate physical and legal infrastructure behind it—is the question the next incident will test.