In October 2025, the North Atlantic Treaty Organisation (NATO) published its revised Maritime Strategy; a political statement designed to deter adversaries while reassuring allied nations and their publics. Inevitably, commentators have paid significant attention to the contribution of the alliance’s maritime elements to deter and defend members states’ interests in the event of full-scale peer conflict. From the nuclear Continuous At-Sea Deterrent (CASD) to conventional forces drawing upon the unique attributes of maritime forces, the revised Maritime Strategy is clear: NATO’s sea-based forces are ‘Always on watch – ready to fight’.

Russia is given primacy as a source of maritime threats facing NATO. Additionally, terrorism and international criminal organisations utilising the maritime environment for profit also receive attention. The People’s Republic of China (PRC), although a more distant threat given its Indo-Pacific location, is also present in the strategy.

The emphasis that the strategy places upon non-traditional, sub-threshold security threats is significant, with references to these throughout the document. Destabilising and disruptive actions targeting free and open nations’ infrastructure, alongside drugs and weapons smuggling and human trafficking, all receive attention – as does the ‘shadow fleet’ operated by sanction-avoiding states.

The security significance of the North Sea

The North Sea has served as a vital means of communication and trade for centuries. Today, it is a crucial source of energy – and consequently wellbeing – for Western Europe’s citizenry through its vast oil and gas reserves. While these remain critical energy sources, the North Sea has strategic importance in Europe’s energy future and the transition to sustainability. It hosts some of the world’s largest offshore wind energy systems, which in turn offer potential for hydrogen production, and local geology offers potential for offshore carbon storage.

For the communities surrounding the North Sea, energy production has generated tens of thousands of jobs in technology, engineering and construction – as many onshore as offshore. In an increasingly volatile era, the energy provided by the North Sea region is critical to Europe’s societal security.

Both now and in the future, the North Sea energy system relies upon complex integrated systems. Oil and gas platforms, offshore wind turbines and internet communications require a vast array of undersea cables and pipelines, offshore nodes and landing sites. As shown in Box 1, nowhere is this more evident than in the Humber Estuary:

Box 1: Case study of the Humber Estuary

Situated at the centre of the United Kingdom’s (UK) North Sea littoral, the Humber Estuary is the largest port complex in Britain, and a hub for North Sea maritime communications. It has a vibrant and vital offshore renewables industry, which has led to it being known as the UK’s ‘Energy Estuary’. It hosts oil terminals and storage, ferries and cargo movement alongside landing hubs for undersea cables and pipelines connected to the North Sea energy network.

In total, 25% of Britain’s energy requirements flow through the Humber region annually. Drax Power Station, located near Selby, is the UK’s largest power station and source of renewables, generating 5% of Britain’s power and 10% of its renewables. Without the port at Immingham, however, it could not function.

The Humber Estuary also provides access to ports deeper inland than any other river in the UK. At the centre of the vast estuarine complex is Kingston-upon-Hull; a city with a rich maritime history. The University of Hull shares this history, and today adds to it with its ambition to create a fairer, brighter, carbon-neutral future for all through sustainable maritime and energy security.

As well as being transit points for cargoes and people, North Sea ports provide support vessels to this maritime infrastructure. However, these ports, and critical energy infrastructure, are incredibly vulnerable to disruption by Britain’s adversaries.

The sub-threshold threat

Through its Main Directorate of Deep-Sea Research (GUGI), Russia has one of the most sophisticated deep-sea operations, enabling continuous and persistent activity in and around the North Sea. Dedicated to covert deep-sea intelligence gathering and sabotage, GUGI has excellent technological capabilities, especially in deep-sea submersibles, as well as a capable array of surface support ships. However, it is not the only – nor arguably main – threat to offshore infrastructure.

In recent years, sub-threshold attacks on offshore infrastructure have increased around Europe. Perhaps most noteworthy is the damage to the Nord Stream 1 and 2 pipelines in September 2022. Nevertheless, the Baltic Sea in particular has seen several other disruptive attacks, including on the Balticconnector pipeline in October 2023; the BCS-interlink between Sweden and Lithuania, and the C-Lion1 between Finland and Germany in November 2024; the Estlink 2 cable between Finland and Estonia in December 2024; and the TV and radio cable off the coast of Gotland in January 2025.

Additionally, in February 2025, new damage to the C-Lion link was discovered, and after the shadow fleet vessel Boracay was boarded by French forces in October 2025, an extra twist came with extensive drone activity that resulted in the closing of Danish airports. Notwithstanding these examples – and they are not exhaustive – the shadow fleet represents unrealised potential.

There are thousands of shadow fleet vessels operating under false flags, manipulating Automatic Identification Systems (AIS) via renaming and false registry. Ostensibly designed to avoid sanctions – especially in transporting oil – they offer a wide range of other attributes, including movement of illicit cargoes such as drugs and weapons, and movement of persons, military or otherwise.

Russia operates the largest global shadow fleet, but it does not do so alone. It is suspected that most of the disruption previously noted was carried out by Chinese vessels, utilising a relationship which sees Russian shipping acting reciprocally for the PRC off the coast of Taiwan and elsewhere.

It is important to note that ‘suspected’ is the keyword here. In none of the noted activities was an actual suspect proven to any legal standard. Plausible deniability is key to sub-threshold action.

NATO in the North Sea

At the launch of NATO’s revised Maritime Strategy, Safe Seas – a leading research network dedicated to maritime security and ocean governance – reported that the alliance had undertaken the widest dissemination of the strategy among stakeholders in the maritime security community. It also noted that NATO draws increasingly upon data generated by industry.

This is significant. If the intelligence necessary to attribute disruptive attacks is to be generated, a whole-of-industry approach is required. At the most basic level, intersubjective agreement is necessary to establish what needs to be protected, how it should be protected, and by whom. While commercial operators have this information, intersubjective agreement is not always reached – as highlighted in a Joint Committee on National Security Strategy report.

NATO’s ultimate goal behind such an approach is to gain persistent maritime situational awareness; the basic requirement for any effective maritime security structure. In this regard, alliance engagement with stakeholders should be contextualised with its actions elsewhere, such as the establishment of the Critical Undersea Infrastructure Coordination Cell at NATO Headquarters in Belgium and the Centre for Critical Undersea Infrastructure at Allied Maritime Command (MARCOM) in the UK. Another important act is the development of the ‘Mainsail’ project, which aims to nurture the persistent maritime situational awareness vital to generating necessary maritime intelligence.

Technology will be critical in generating intelligence and data for offshore and subsea infrastructure. However, it is important to note that when considering surface activity around critical undersea infrastructure – as well as ports and land-based critical infrastructure – traditional human intelligence remains vital. This is also true of threats generated by terrorist and cross-border criminal activity.

Here, a problem arises. All too often, workplace personnel are unaware of what to look for, and whom to inform when discrepancies arise. Large swathes of ports and other facilities are open, with limited security. For security staff and police tasked with protecting onshore infrastructure, the creation of secure, reliable networks to generate and process information are vital to gathering the necessary intelligence to deter and thwart disruptive attacks.

All of this requires a whole-of-industry approach to security and intelligence gathering. British policymakers cannot focus solely on offshore and undersea issues. Liminality is a key feature of maritime security problems; considering maritime security as an offshore issue in isolation is futile.

Dr Christopher Martin is Senior Lecturer in War Studies and Contemporary Security in the School of Criminology, Politics and Law at the University of Hull. He was awarded the Julian Corbett Prize for Research in Modern Naval History in 2005, and his book The UK as a Medium Maritime Power in the 21st Century was shortlisted for the UK Maritime Foundation’s Mountbatten Award in 2017.

This article is published in association with the University of Hull as part of the International Sea Power Conference 2025.

To stay up to date with Britain’s World, please subscribe or pledge your support!

What do you think about this Memorandum? Why not leave a comment below?