Security Implications of Nord Stream Sabotage

On September 27, large leaks were detected in both Nord Stream 1 and Nord Stream 2 pipelines, driving speculation about a new escalation in the energy brinksmanship between Europe and Russia. The underwater pipelines were built to carry natural gas from Russia to Europe but were not delivering gas after the Russian invasion of Ukraine. On September 29,  NATO issued a statement saying the leaks were the result of deliberate sabotage and stating that attacks on allies’ critical infrastructure would be met with a “united and determined response.”

Q1: What will be the immediate impact on EU energy security?

A1: The damage to the Nord Stream 1 and 2 will have limited immediate impact on the supply of natural gas to Europe, as neither pipeline was operational. On September 2, Gazprom indefinitely shut down gas flows through Nord Stream 1, citing malfunctions on a key turbine along the pipeline. Even prior to the shutdown, flows through Nord Stream 1 were low, averaging around 30 million cubic meters per day (around 20 percent of total capacity) since late July.

The outlook for European energy supply and security remains dire. While gas prices have fallen significantly since the peak in late August, the damage to the pipelines sparked a surge in European prices amidst questions surrounding Russian gas supply through alternative pipelines remain. No volumes have been delivered through the Yamal pipeline since May, but some flows have continued through Ukrainian transit and the TurkStream pipeline. While these volumes remain low, every bit counts for Europe heading into the winter.

Despite these challenges, Europe has made significant progress ahead of the winter. To date around more than 80 percent of EU storage has been filled, surpassing the bloc’s target ahead of winter. However, even storage filled to 100 percent of capacity will likely not be sufficient to meet winter demand without rationing and further industrial shutdowns. Strong import levels of liquified natural gas (LNG) have also eased some immediate supply fears. U.S. LNG supplied most of Europe’s daily imports, averaging 381 million cubic meters through August and September.

Q2: Has Russia previously threatened European undersea infrastructure?

A2: In recent years, Russian activity around undersea Euro-Atlantic infrastructure has increased. Governments on both sides of the Atlantic, as well as NATO, have issued particular warning of Russian submarine presence near undersea cables in the North Atlantic Ocean. The anxiety in Europe and the United States has primarily focused on undersea fiber-optic cables, another piece of critical infrastructure that carries over 95 percent of international data. It has been speculated that Russian activity near the cables has primarily been an effort to map the lines.

Undersea cables are frequently damaged, but the most common culprit is accidental physical damage from commercial ships or natural disasters (150 to 200 disruptions per year, on average). To date, neither the United States nor its allies and partners have publicly blamed Russia for a break in undersea infrastructure. In early 2022, however, an undersea cable linking the Norwegian archipelago of Svalbard to mainland Norway was suddenly cut. The Norwegian authorities reported only that there was human involvement in the incident. Russian vessels and submarines frequently traverse the waters around Svalbard and Russia has frequently complained about Norway’s implementation of the treaty governing foreign access to Svalbard, including a recent flare-up in summer 2022.

Q3: If Russia is responsible, why would it attack Russian-owned infrastructure?

A3: European leaders have indicated they suspect sabotage, especially given three pipelines experienced explosions in quick succession. The chief suspect is the Russian Federation, which has the motive, the means, and the opportunity to conduct such an operation.

Context is important. The explosions come after Russia has mobilized for war, organized sham referendums, and made nuclear threats to make up for its floundering invasion of Ukraine. Russia may feel the West is underestimating its strength and wants to send a clear message that it must be taken seriously.

However, the Kremlin’s motives for conducting an attack on its own pipelines are not fully clear. Russia may be warning and signaling to Europe and the West that it is willing to target civilian infrastructure. Attacks on gas pipelines today could foreshadow attacks on undersea data cables tomorrow. In other words, Russia is signaling that it could escalate its hybrid warfare or gray zone efforts against the West—moving from disinformation and influence efforts to a more kinetic direction targeting infrastructure (an approach that could also include attacks in cyberspace, as discussed above).

Additionally, by severing the pipelines carrying Russian gas to Europe, Russia could be signaling to Europe that it is Russia, not Europe, that has decided to cut energy ties and decouple and that there is no going back. This would seem to contradict the conventional wisdom that Russia was hoping Europe will buckle this winter due to rising energy costs and will seek to pull back from sanctions and pressure Ukraine to negotiate. But Putin may have realized that such hopes were fanciful—especially as Europe has found ways to restock its gas supply for the winter—and is now resorting to new tactics.

Q4: What about other infrastructure?

A4: The most immediate concern will be for the security of pipelines connecting Norway and Europe, including the newly opened Baltic Pipeline. Beyond pipeline explosions, vulnerability to cyberattacks could pose a significant threat to the energy system. In May 2021, a cyberattack against the Colonial Pipeline in the United States halted operations and led to fuel shortages and panic buying across the East Coast. Earlier this year, a cyberattack at the Amsterdam-Rotterdam-Antwerp refining hub led to significant delays in oil and refined product shipments and local shortages of fuels.

There is an important U.S. element to this story. In today’s market, an attack against U.S. gas infrastructure could have significant impacts for global supply and prices. The Freeport LNG fire earlier this year highlighted Europe’s vulnerability to any disruption. The Freeport outage removed nearly 17 percent of U.S. LNG exports and EU gas prices spiked by around 12 percent on the news. With Russian gas supplies at minimal levels, the importance of U.S. LNG could make these facilities a prime target for cyberattacks. While U.S. LNG facilities have been investing in their cyber defenses, significant risks remain. It will not be enough just to hope that another outage such as the explosion at U.S. Freeport liquefaction plant will not happen again.

In an escalating energy war, attacks on the grid will also be a concern, as Russian hackers have previously demonstrated their ability to disrupt operations. In 2015, Russian hackers carried out an attack on the Ukrainian power grid, resulting in power outages for 230,000 people. Successful attacks against the grid could result in power outages impacting critical operations including healthcare and access to water.

Addressing some of these vulnerabilities will likely require significant investment and cross-Atlantic cooperation on cyber and physical security of energy infrastructure. Beyond malicious attacks, downtime due to aging infrastructure or outages due to accidents will have outsized impacts on tight energy markets. Energy security for Europe will increasingly entail securing and maintaining critical infrastructure, including in the United States.

Joseph Majkut is director of the Energy Security and Climate Change Program at the Center for Strategic and International Studies (CSIS) in Washington, D.C. Allegra Dawes is a research associate with the CSIS Energy Security and Climate Change Program. Leslie Palti-Guzman is a senior associate (non-resident) with the CSIS Energy Security and Climate Change Program. Max Bergmann is director of the CSIS Europe Program. Colin Wall is a research associate with the CSIS Europe, Russia, and Eurasia Program.

Critical Questions is produced by the Center for Strategic and International Studies (CSIS), a private, tax-exempt institution focusing on international public policy issues. Its research is nonpartisan and nonproprietary. CSIS does not take specific policy positions. Accordingly, all views, positions, and conclusions expressed in this publication should be understood to be solely those of the author(s). 

© 2022 by the Center for Strategic and International Studies. All rights reserved. 

Joseph Majkut
Director, Energy Security and Climate Change Program
Leslie Palti-Guzman
Senior Associate (Non-Resident), Energy Security and Climate Change Program
Max Bergmann
Director, Europe, Russia, and Eurasia Program and Stuart Center
Colin Wall

Colin Wall

Former Associate Fellow, Europe, Russia, and Eurasia Program

Allegra Dawes

Research Associate, Energy Security and Climate Change Program