The Baltic Sea and Its Security Future

The Baltic Sea and Its Security Future

February 2024

Executive Summary

  • The Baltic Sea & Green Energy: The Baltic Sea remains an important maritime economic zone, accounting for 15% of the world’s cargo shipping. The ongoing global shift towards green energy is resulting in its global significance increasing, especially as Europe begins to transition out of its impactful and prolonged energy crisis.
  • Geopolitical rivalry heightens Baltic Threat Landscape: The Baltic’s growing importance to Europe’s economic security has heightened its threat profile vis-à-vis Russia, especially as the Baltic states continuously shift towards NATO and provide prolonged support to Ukraine. Such tensions have increased the threat posed by Russia’s “grey zone” activity against not only public but also private sector organisations – such as energy, communication, and maritime firms.
  • Business Environment Risks: The aforementioned grey zone activity is likely to take a variety of forms, with the Nordstream attack and Baltic Connector sabotage incident constituting the most severe type of Russian retaliatory attacks. However, these grey zone activities are also highly likely to take the form of cyber intrusions, with cyber espionage and disruptive attacks – such as ransomware or wipers– persistent potential financial and business continuity threats to all Baltic-located organisations.  

Commercial Importance of the Baltic Sea

The Baltic Sea is an important maritime economic zone and is an area accounting for 15% of the world’s cargo shipping. In addition, the Baltic Sea also functions as an important communications and energy hub. Gas pipelines and communication cables anchored in the seabed are used to connect various countries – such as Denmark, Sweden, the North Sea, Poland, Germany, Estonia, and Finland – to each other. This infrastructure highlights not only its importance to businesses but also the national security of the countries in the region.

Europe's reduced reliance on Russian oil and gas was exacerbated by the attack against the Nordstream gas pipeline in September 2022 and the sabotage of the Baltic Connector gas pipeline in October 2023

However, rising tensions with Russia have led Baltic countries to reduce their dependency on Russian oil and gas. Russian seaborne export of oil has significantly reduced since the Ukraine conflict, with the trend further exacerbated by the attack against the Nordstream gas pipeline in September 2022 and the sabotage of the Baltic Connector gas pipeline in October 2023, both of which are suspected of being Russian state-directed operations. As a result, all Baltic countries have increasingly turned towards green energy production offshore, such as wind energy. The development of offshore wind energy is a crucial part of the EU’s Green Deal. While the Baltic offers energy firms a plethora of business opportunities in the offshore energy production market, heightened global geopolitical tensions are impacting the region’s traditional energy production.

The Baltic from a Russian Perspective & Post-Ukraine War Shift

The targeting of this Baltic Sea-located critical infrastructure underscores both the historical importance it holds for Moscow and how ongoing geopolitical tensions in the area threaten its interests. Russia has been a major and often dominant power in the Baltic, with the Cold War seen as the height of its control in the region. However, after the Cold War, inter-Baltic free trade turned, and Estonia, Latvia, and Lithuania became independent. Eventually, all Baltic countries formerly under Soviet control joined the EU and NATO, which significantly reduced Russia’s strategic influence in the region.

The start of Russia’s 2022 invasion of Ukraine in February had major ramifications for the security situation in the Baltic Sea region. For Russia, an unwanted side-effect of the Ukraine War has been the rapid change in public opinion in Sweden and Finland, formerly neutral nation-states between the East and the West since the end of the Cold War and the dissolution of the USSR. Both Baltic governments decided to apply for NATO membership to ensure their future security. Finland joined in the spring of 2023, with Sweden’s application de facto approved in February 2024. Sweden’s recent approval has resulted in all countries bordering on the Baltic Sea being members of the EU and NATO, turning the Baltic into a NATO lake bordering Russia.

As such, Russia’s assertive foreign policy has worsened its strategic position in the Baltic Sea region. Its position is more vulnerable than ever, especially that of the exclave of Kaliningrad, home of the Russian Baltic Fleet. In the short run, while Russia will be unable to change the strategic situations significantly, it will attempt to destabilise and punish the region through asymmetric actions, such as targeting Baltic-located businesses with cyber sabotage or kinetic attacks. In the mid to long term, Russia intends to build up its regional military capabilities. Given the importance of the Baltic Sea to Russia, these efforts are expected to continue even if the war in Ukraine ends, presenting a long-term and enduring threat to businesses operating in the region of strategic importance, such as energy or communication firms.

Grey Zone Aggression in the Baltic Sea

Russia’s assertive foreign policy in the Baltic region can largely be categorised as ‘grey zone aggression’ or hostile and aggressive activity that does not rise to the level of acts of war. grey zone aggression gives threat actors a form of plausible deniability to their actions whilst also serving an immediate purpose of causing destabilisation/punishment or functioning as a form of reconnaissance for a future direct military confrontation. While Moscow’s involvement in the more kinetic Baltic-located attacks has not been proven beyond a reasonable doubt, both the Nordstream attack in September 2022 and the Baltic Connector attack in October 2023 are highly likely to be incidents of Russian state-sponsored sabotage. These incidents underscore the high financial cost and business continuity concerns posed to firms operating in the region in its current elevated geopolitical landscape.

Moscow’s other grey zone operations – such as in cyberspace - in the Baltics have intensified since the start of the conflict in Ukraine, especially against the smaller Baltic states of Estonia, Latvia, Lithuania, and Finland. These nation-states have been increasingly targeted by alleged Russian state-directed cyberattacks and operations, with 36% of all Russian state-directed cyberattacks targeted against NATO member states – including the Baltic members – in 2023 according to Microsoft’s 2023 Digital Defence Report.

30% of Russian state-directed cyberattacks in 2023 were targeted against think tanks/NGOs, energy, and defence sector firms

While government agencies remained the most targeted sectors by this malicious activity (targeted by 27% of all Russian cyberattacks), sectors with strong ties to the government were also impacted by this Russian activity as well. Most notably, 30% of the Russian state-directed cyberattacks detected by Microsoft were targeted against think tanks/NGOs, energy, and defence sector firms. These cyber operations have largely taken the form of cyber espionage to gain insights into Baltic states’ policies towards matters of strategic importance to Moscow, such as its financial or military support to Ukraine or economic development plans for the Baltic region.

In concert, these attacks have also expressed themselves through disruptive cyberattacks – such as wiper or ransomware – aimed at sabotaging critical infrastructure in the region to cause severe financial damage to businesses maintaining this infrastructure and economic loss to the countries reliant on it. Given these factors and the growing economic importance of offshore wind energy projects in the Baltic states, there is a high likelihood that organisations operating in the region – such as the energy sector – will become targets of additional grey zone aggression, including both physical and cybersabotage/ espionage.

What now?

Given the major strategic importance of the Baltics to Russia, there is a high likelihood that Moscow’s grey zone aggression – e.g. cyberattacks, espionage, sabotage - in the region will remain a persistent and enduring threat for the foreseeable future, even in the event of a pause or end to the war in Ukraine. To mitigate these threats, private sector firms operating in high-risk industries– such as the transport, communication, and energy sectors – will need to ensure they maintain a robust geopolitical function and implement policies within their organisation. These policies could include:

  1. Integrate Cyber Threat Intelligence (CTI) into your security framework via the “security by design” approach either in-house or via a third party. Integrating CTI in this manner will allow companies to monitor on a strategic level, which cyber threat actors are active in the Baltics, including not only State-linked actors but also cyber proxy groups such as ransomware gangs. Moreover, this approach will also give companies insights into cyber actors’ geopolitical motivations, which of their assets are most likely to be targeted by these groups, and which tactics, techniques, and procedures (TTP) are most likely to be used.
  2. Regarding more physical threats, continuously re-evaluate what constitutes an acceptable risk when assets transit the region and explore alternative transport methods that limit the potential of serious business disruption.
  3. To stay abreast of regional developments, implement frequent comprehensive monitoring and reporting by experienced risk consultancy companies.


Proximities can help you gain these key insights and turn them into tangible material.Using our ‘What?’, ‘So What?’, ‘What if?’ and ‘What Now?’ narratives, we help partners and clients not only understand the importance of trends and events but, more specifically, to understand what it means for you and your business from strategic to operational consequences. Curious and interested to see how we could help you? Don’t hesitate to contact us, we will be happy to support you.

Stay ahead

subscribe to our

Subscribe to our monthly insights and receive
the latest security insights straight to your inbox

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.