ESTONIAN AND FINNISH AUTHORITIES INVESTIGATE BALTIC SEA UNDERSEA COMMUNICATION CABLE DAMAGE AND RADIO COMMUNICATION FAILURE DISRUPTS CIVIL AVIATION TRAFFIC IN GREECE

January 1-7, 2026 | Issue 1 - Emergency Management, Health, and Hazards (EMH2) Team

Agathe Labadi, Khushi Salian, Lucy Gibson, Jacob Fields, Indira Hankins, Chiara Michieli, Camilla Montemarano, Andrew Britland, Ignacio Valdés Fuentes, Marija Lazic, Jeffrey Glibowski, Nimaya Premachandra, Nirmal Jose

Clémence Van Damme, Senior Editor; Jennifer Loy, Chief Editor

Monitoring Communications Networks^[1]

Date: December 31, 2025

Location: Kantvik, Uusimaa District, Finland

Parties involved:  Estonia; Estonian authorities; Estonian citizens; Finland; Finnish authorities; Finnish citizens; citizens of countries bordering the Baltic Sea; Russia; Russian nationals; Russia-linked organisations; NATO; EU; affected EU member states; European troops; EU Hybrid Rapid Response Teams (HRRT);  joint patrols, response teams

The event: Estonian and Finnish authorities are investigating the damage to undersea communication cables in the Baltic Sea.^[2] 

Analysis & Implications:

• The EU will likely enhance cooperation with NATO on the security of undersea cables by improving their organizational resilience and common crisis management strategy through the allocation of dedicated operational squads. NATO and the EU will likely strengthen detection measures by increasing and diversifying patrol routes of their flotilla and European troops in the Baltic Sea to improve continual and real-time monitoring. The diversified routes and joint patrols will likely adjust access measures to controlled areas, with a roughly even chance of reducing potential malicious acts. To reinforce these expanded monitoring and enforcement efforts, EU-NATO cooperation will very likely enhance the deployment capabilities of quick response teams, such as the HRRT, to address hybrid threats to Cable Protection Areas by providing increased operational assistance to affected EU member states.

• Regardless of the outcome of the investigation, Estonian and Finnish citizens will very likely perceive an increased sense of insecurity, likely increasing paranoid behaviors. Citizens of countries bordering the Baltic Sea will very likely come into contact with online echo chambers and biased news reports attributing the incident to Russia, very likely exploiting existing ethnic tensions to create engagement. These amplified ethnic tensions will likely generate paranoia towards Russian nationals and Russia-linked organisations, very likely intensifying hate speech in the region that threat actors will instrumentalize. Conservative right-wing factions of these countries will likely exploit these tensions to spread propaganda fed on civilians’ fear of Moscow’s aggression and paranoia, with a roughly even chance of creating civil unrest and inciting violence.

• The Finnish-Estonian undersea cable incident will likely degrade connectivity resilience in the short term, creating conditions that will very likely challenge cyber detection and response capabilities. The loss of this cable will likely reduce available redundancy in cross-border data flows, increasing operational pressure on remaining connectivity capacity. This strain will very likely make these countries more vulnerable to threats such as an increase in detection time for cyber-attacks on critical infrastructure. To mitigate the operational strain revealed by this incident, these countries will likely invest in stronger Intrusion Detection Systems (IDS), Intrusion Response Systems (IRS), and firewall protection infrastructures, enabling more robust monitoring and faster response across critical networks.

Date: January 4, 2026

Location: Greece

Parties involved: Greece; Hellenic Civil Aviation Authority (HCAA); authorities; Greek airports; EU stakeholders and neighbors; EU Aviation Safety Agency (EASA); European Court of Justice (ECJ);  aviation controllers;  key personnel; malicious actors; hackers; extremist groups

The event: A radio communication failure caused a temporary disruption to civil aviation traffic.^[3] 

Analysis & Implications:

• The temporary disruption of the air traffic control (ATC) system will very likely result in long-lasting reputational damage to Greek airports and aviation systems.  EASA will very likely conduct an in-depth investigation into the HCAA’s air traffic management (ATM) system, likely tarnishing its public image by increasing media scrutiny of possible new referrals to the ECJ for violating ATC regulations. Recurring regional connectivity disruptions will likely expose the gap between Greece’s stated modernization priorities and the actual condition of aviation infrastructure, very likely reinforcing negative perceptions. There is a roughly even chance that perceived inadequacies of Greece’s aerospace management will lead EU stakeholders and neighbors to view Greece as an unreliable aviation partner, very likely preventing it from becoming a regional air traffic hub.

• There is a roughly even chance that the ATC disruption will incentivize malicious actors to attack Greece’s aviation infrastructure by impeding communications. Malicious actors, such as extremist groups or hackers, will likely attempt to disrupt communications resilience and defense systems with targeted electromagnetic pulses or distributed denial-of-service to incapacitate the country's aviation infrastructure. This will very likely prolong Greece’s attack response by targeting key personnel, cargo, or air-ground communication networks. Malicious actors will likely use this prolonged disruption to test the resilience and response times of telecommunication systems to refine their tactics for possible future attacks.

• The ATC system failures will very likely drive Greece to align with the European ATM Master Plan by implementing redundant radio, satellite, and AI-enabled backup systems. Authorities will likely adjust cybersecurity measures by applying updated systems, such as the Iris Programme for satellite-based communication, and enhanced tactical conflict detection & resolution (CD&R) services, very likely improving resource management and controller workload. Greece will very likely adopt new systems to prevent mass outages and technical failures. Such modernized systems will very likely enhance resilience through anti-fragility systems that mitigate emerging risks across all phases of flight.

[1] Monitoring Communications Networks, generated by a third party image database (created by AI)

[2] Kaksi miehistön jäsentä pidätetty, ankkurin ja kaapelin hajoamis­paikan tutkinta alkanut, Helsingin Sanomat, January 2026, https://www.hs.fi/suomi/art-2000011723776.html (translated by Google)

[3] Thousands stranded across Europe as Greece airspace disrupted, BBC, January 2026, https://www.bbc.com/news/articles/cgezjlzwz1do