“Check against delivery”
Dear President, Honourable Members,
In recent months we have seen a series of further incidents affecting subsea critical infrastructure.
The latest was on Christmas Day and resulted in the damage of an undersea power transmission cable between Finland and Estonia, and four undersea data cables.
So, first of all, let me commend the swift action taken by Finland and Estonia, as well as their transparency in sharing information with the Commission and Member States.
We strongly condemn any deliberate destruction of Europe’s critical infrastructure, including damage to energy infrastructure and undersea cables.
These events demonstrate the vulnerability of the critical infrastructure which we rely on for carrying data, gas, and electricity.
This must be seen against a backdrop of geopolitical tension and Russia’s hybrid attacks against the EU.
The damage of one single cable may not necessarily have a big impact in our telecommunications. However, their systemic disruption may cause severe consequences for the affected regions and the Union as a whole.
Such damage could also entail significant risks for the environment and maritime safety in Europe.
We can best respond to these challenges if we act together – combining civil and military response.
The joint statement of the Baltic Sea NATO Allies Summit of 14 January shows the value of cooperation in tackling hybrid threats. Together we are stronger.
Against this background, we must prepare for the worst-case scenario and take a whole-of-government approach to threat actors, who are prepared to use an array of tools while trying to destabilise democratic societies.
Let me explain how the EU Commission is working on three fronts:
- improving coordination,
- enhancing governance, and
- increasing funding.
On coordination, the legal instruments we need when it comes to prevention and preparedness are already in place.
The Directive on the resilience of critical entities (‘CER Directive’) and the Directive on a high level of cybersecurity across the Union (‘NIS 2 Directive) entered into application in October 2024.
These sister directives are the basis for coordination and preparedness against threats and disruption.
The CER Directive improves the physical security and resilience of critical entities.
The NIS 2 Directive improves the overall cybersecurity and digital resilience of critical infrastructure from cyber, physical, and environmental threats.
This means that providers of digital critical infrastructure must also ensure protection against unauthorised physical access, damage, sabotage, and interference.
The necessary rules are in place, but we need more efforts on transposition. We continue to support Member States and call on them to transpose both directives as soon as possible. We also have infringement proceedings going on.
Last week we also published the Cyber Solidarity Act.
It provides coordinated digital preparedness testing in the highly critical sectors, including digital infrastructure and related cables.
The Act also creates the EU Cybersecurity Reserve which can respond to significant or large-scale cybersecurity incidents.
Following the explosions along the Nord Stream 2 gas pipeline, the Council Recommendation on critical infrastructure resilience addressed preparedness, response and international cooperation with concrete measures.
Member States have also conducted voluntary stress tests of critical infrastructure in the energy sector to identify vulnerabilities, and this pilot initiative should be expanded to further sectors.
The Commission is also working with Member States and ENISA under the Recommendation from February 2024 on Secure and Resilient Submarine Cable Infrastructures to:
- perform a mapping of cables and assess related risks,
- develop a Cable Security Toolbox of mitigating measures, and
- draw up a list of Cable Projects of European Interest.
These measures all focus on prevention and preparedness. Yet we also need to hold actors accountable for sabotage and other attacks. For this, our coordinated action using sanctions is worth mentioning:
In December 2024, the Council adopted its 15th sanctions package against Russia, focusing, among other aspects, on the shadow fleet.
As part of these sanctions, 52 additional vessels were added to the list of those banned from accessing ports and from receiving a wide range of maritime transport services.
Second, on governance.
In the EU We are lacking a common governance of cable technologies and cable-laying services, to ensure rapid and secure repair and maintenance of cables.
We need to work in complementarity with NATO, which is a key actor when it comes to deterrence in the high seas.
At the recent Summit of Baltic Sea nations governments, the Commission and NATO outlined concrete and coordinated action to address the challenges in cable resilience, protection, and repair.
We welcome actions launched by the NATO allies, such as new patrol and surveillance operation to protect critical infrastructure in the Baltic Sea.
The European Commission is ready to do more and better in our prevention, early detection as well as response and recovery capacities.
We are currently working on identifying concrete actions and steps to be taken immediately, and some more structurally, to improve the resilience and security of the undersea cables.
Third, funding.
This includes our already substantial investments in the security and resilience of submarine cables through the Connecting Europe Facility Digital programme, including in the Baltic area. There we currently finance 8 projects worth 35.6 million euros.
In addition, there are 540 million euros earmarked for connectivity infrastructure in the CEF Digital work programme 2024-2027. A first is call ongoing, worth 128 million euros.
Furthermore, under the CEF, we are supporting the deployment of smart cable systems that can be used to monitor nearby activities and anticipate threats and vulnerabilities, acting as early warning system.
We are also looking into how to further reinforce our ability to deploy and repair cables, so that we are equipped with the necessary fleet capable to rapidly intervene in all EU regions.
Keeping Europe safe is my priority, including safeguarding our critical infrastructure, on sea, land, and space.
Now I look forward to hearing your views.
Thank you for your attention.
Dear President, Honourable Members,
Thank you for this debate.
Keeping Europe safe is my priority during this mandate.
Much has been done, but much more is needed. You can count on the Commission to ensure that this happens.
We will together defeat Putin’s war of aggression and hostile actors sabotaging our security.
We will remain vigilant. We will build our own resilience and strengthen our ability to hold those behind attacks accountable for their actions. We stand ready to respond fast and decisively to all threats.
Thank you.
Source – EU Commission