Editing Atlantic Ocean (section)

== Critical Maritime Infrastructure ==
Critical maritime infrastructure in the Atlantic region refers to a range of strategically important assets and systems across sectors such as shipping, communication, and energy. These infrastructures perform essential functions that are crucial to national security, economic stability, and the continuity of government operations. The resilience and protection of these assets are of paramount importance, given their vulnerability to both natural and human-made threats, including cyberattacks, espionage, terrorism, and geopolitical tensions.

=== Categories of critical maritime infrastructure ===
[[Critical infrastructure]] is a concept dating back to the 1990s and 2000s. The [[European Union]], refers it as “an asset, system, or part thereof […], which is essential for the maintenance of vital societal functions, health, safety, security, economic or well-being of people”.<ref>{{Cite web |title=Directive - 2008/114 - EN - EUR-Lex |url=https://eur-lex.europa.eu/eli/dir/2008/114/oj/eng |access-date=2025-05-12 |website=eur-lex.europa.eu |language=en}}</ref> Critical maritime infrastructure refers to maritime infrastructure that due to their importance for trade, energy, communication and food security are essential to the functioning of society, economies and thus require special protection for national security.<ref name=":0">{{Cite journal |last=Bueger |first=Christian |last2=Liebetrau |first2=Tobias |date=2023-09-01 |title=Critical maritime infrastructure protection: What’s the trouble? |url=https://www.sciencedirect.com/science/article/pii/S0308597X23003056?ref=pdf_download&fr=RR-12&rr=93ea4f22defa90ac |journal=Marine Policy |volume=155 |pages=105772 |doi=10.1016/j.marpol.2023.105772 |issn=0308-597X|doi-access=free }}</ref>

==== Shipping ====

===== Port infrastructure =====
With the rise of [[terrorism]] after the [[September 11 attacks]], terror attacks on port infrastructure have become increasingly likely.<ref>{{Cite web |title=Maritime Security and Piracy |url=https://www.imo.org/en/ourwork/security/pages/maritimesecurity.aspx |access-date=2025-05-12 |website=www.imo.org}}</ref> As a result the International Ship and Port Facility Code of the [[International Maritime Organization]] was written. In order to detect and prevent security threats it prescribes protective measures and responsibilities to governments, shipping companies, shipboard personnel. Potential targets in ports include individual vessels, ports and terminals, shipping lines, shipbuilders, intermodal transport operators, cargo and passenger handlers, vessel traffic control, maritime administrators.<ref>{{Cite news |last=Manchenton |first=Molly |date=19 April 2023 |title=Safe Harbors: Securing Ports to Protect the Nation’s Critical Maritime Infrastructure |url=https://www.mitre.org/news-insights/impact-story/securing-ports-protect-nations-critical-maritime-infrastructure |archive-url=https://web.archive.org/web/20250315051534/https://www.mitre.org/news-insights/impact-story/securing-ports-protect-nations-critical-maritime-infrastructure |archive-date=15 March 2025 |access-date=12 May 2025 |work=Mitre}}</ref> Due to the sometimes narrowness of port entrances and shipping lanes such as the [[Suez Canal]], disruptions could cascade into far reaching supply-line issues and reduced safety. As the NotPetya incident reveals, cyber attacks can paralyze global operations by locking operators out of essential systems and stealing sensitive information.<ref name=":1">{{Cite news |last=Greenberg |first=Andy |title=The Untold Story of NotPetya, the Most Devastating Cyberattack in History |url=https://www.wired.com/story/notpetya-cyberattack-ukraine-russia-code-crashed-the-world/ |access-date=2025-05-12 |work=Wired |language=en-US |issn=1059-1028}}</ref> As a result the [[International Maritime Organization]] has passed resolution MSC.428(98) which requires shipping companies to conduct a cyber threat assessment. Similarly the European Union's [[NIS 2 Directive|NIS2 Directive]] mandates minimal cyber risk management protocols to protect critical infrastructure.<ref name="admin">{{Cite web |last=admin |date=2025-01-16 |title=Ghost Ships and Digital Vulnerabilities: A Look into Maritime Cyber Espionage |url=https://maritimafrica.com/en/ghost-ships-and-digital-vulnerabilities-a-look-into-maritime-cyber-espionage/#:~:text=By%20injecting%20false%20data%20into,to%20collisions%20or%20other%20accidents |access-date=2025-05-12 |website=Maritimafrica |language=en-US}}</ref>

===== Maritime Surveillance and Navigation Systems =====
Maritime transportation in the Atlantic heavily depends on accurate navigation provided by the [[Global Navigation Satellite System]].<ref>{{Cite web |title=Maritime Navigation Under Threat: GFSS spoofing |url=https://www.riskintelligence.eu/analyst-briefings/maritime-navigation-under-threat |access-date=2025-05-12 |website=Risk Intelligence |language=en-US}}</ref> Recent success of Russian [[Spoofing attack|spoofing]] of Automated Identification Systems highlights the susceptibility of navigation systems to malicious activity. Likewise, by injecting false data into the Automated Identification System attackers can make ships disappear or appear in places where they are not.<ref name="admin"/> Vulnerability in the navigation systems can lead to unintentional accidents and increased susceptibility to piracy which in the Atlantic region is particularly relevant for the [[Gulf of Guinea]] and [[Caribbean]].

==== Communication ====
{{Main|Transatlantic communications cable}}

[[Telecommunications cable|Telecommunication cables]] are laid on the seabed between land-based stations to carry telecommunication signals across stretches of ocean and sea. As 95% of transnational data traffic runs through underwater fiber data cables the global communication system is highly vulnerable to potential malicious activity.<ref>{{Cite web |title=Why Southeast Asian Nations Must Do More to Protect Their Critical Maritime Infrastructure |url=https://thediplomat.com/2023/08/why-southeast-asian-nations-must-do-more-to-protect-their-critical-maritime-infrastructure/ |access-date=2025-05-12 |website=thediplomat.com |language=en-US}}</ref> The [[2024 Baltic Sea submarine cable disruptions]] show the vulnerability of underwater infrastructure to sabotage, accidents, natural catastrophes and other external factors like electric grid outages, operator bankruptcy or state failure.<ref name=":2">Bueger, C., Liebetrau, T., Franken J. (June, 2022). Security threats to  undersea communications  cables and infrastructure – consequences for the EU. Policy Department for External Relations. https://www.europarl.europa.eu/RegData/etudes/IDAN/2022/702557/EXPO_IDA(2022)702557_EN.pdf</ref> The vastness of the area to guard and the vulnerability of the infrastructure complicates preventative protection measures and highlights the importance of capable response and repair facilities.

==== Energy installations ====
[[Critical Energy Infrastructure Information|Critical Energy Infrastructure]] represents all systems used in the generation, distribution and supply and storage of energy.<ref name=":3">{{Cite journal |last=Doğan |first=Diren |date=October 2023 |title=Maritime Critical Infrastructure Protection |url=https://www.marseccoe.org/wp-content/uploads/2023/10/Maritime-Critical-Infrastructure-Protection-.pdf |journal=Maritime Security Centre for Excellence |pages=51}}</ref> Critical maritime energy infrastructure consists of fixed installations at sea, such as oil and gas platforms, windfarms and (planned) energy islands. It also includes the infrastructures through which energy flows to the land, such as underwater pipelines and electricity cables and their connecting points on shore.<ref name=":0" /> While there are no transatlantic oil or gas pipelines, several off-shore pipeline systems exist such as a vast [[Offshore oil and gas in the Gulf of Mexico (United States)|gas and oil pipeline network in the Gulf of Mexico]],<ref>Cranswick, D. (2001) Brief Overview of Gulf of Mexico OCS Oil and Gas Pipelines: Installation, Potential Impacts, and Mitigation Measures. OCS Report MMS 2001-067. U.S. Department of the Interior. https://www.boem.gov/sites/default/files/boem-newsroom/Library/Publications/2001/2001-067.pdf</ref> the NATO pipeline system<ref>{{Cite web |last=NATO |title=NATO Pipeline System |url=https://www.nato.int/cps/en/natohq/topics_56600.htm |access-date=2025-05-12 |website=NATO |language=en}}</ref> or the [[West African Gas Pipeline]]<ref>{{Cite web |title=West African Gas Pipeline Authority |url=https://www.wagpa.org/the-wagp/ |access-date=2025-05-12 |language=en-US}}</ref> which bring oil and gas to onshore facilities and tankers. Offshore oil and gas rigs are plentiful in the Atlantic and especially centered in the [[Gulf of Mexico]], [[West Africa|Western Africa]] and along the [[Brazil]]ian and [[Venezuela]]n coastline.<ref>{{Cite web |title=Number offshore rigs worldwide by region 2018 |url=https://www.statista.com/statistics/279100/number-of-offshore-rigs-worldwide-by-region/ |access-date=2025-05-12 |website=Statista |language=en}}</ref> While offshore wind energy is largely contained to the European side of the Atlantic, [[South America]]n and [[Africa]]n countries are increasingly exploring its potential.<ref>{{Cite web |last=Thomas |first=David |date=2024-09-20 |title=Morocco moves towards first offshore windfarm |url=https://african.business/2024/09/energy-resources/morocco-moves-towards-first-offshore-windfarm |access-date=2025-05-12 |website=African Business |language=en-GB}}</ref>

=== Threats and Vulnerabilities ===
Critical maritime infrastructure is exposed to a broad spectrum of threats, both in terms of actors and vectors. While [[counterterrorism]] has traditionally dominated the threat landscape, since the 2010s there has been a marked shift toward cyber and hybrid threats. Threat classifications often rely on distinctions such as intentional versus unintentional acts, and the identity of the threat actor, whether state-sponsored, terrorist, criminal, or individual. However, the rise of grey zone activities has increasingly blurred these boundaries.

In response to attacks on [[Telecommunications cable|communication cables]] in the [[Baltic Sea|Baltic]] [[Baltic Sea|Sea]] and [[North Sea]], the [[European Union]] established the Critical Undersea Infrastructure Cell in 2023. Based in Brussels, the Cell is tasked with identifying vulnerabilities and enhancing coordination across industry, civilian, and military sectors through information sharing and best practice dissemination.<ref>{{Cite web |last=Tang |first=Andreas |date=2024-12-19 |title=NATO determined to protect critical undersea energy infrastructure |url=https://windeurope.org/newsroom/news/nato-determined-to-protect-critical-undersea-energy-infrastructure/#:~:text=At%20its%202023%20Vilnius%20Summit,Cell%20became%20operational%20in%202023. |access-date=2025-05-12 |website=WindEurope}}</ref> An [[European Union]] parliamentary report has found four potential attack vectors in 1) weaponizing civilian vessels using improvised cutting devices (anchor or [[dredging]]), 2) undersea explosives with [[naval mine]]s or improvised maritime explosive devices, 3) submersible boats, crafts, drones and [[submarine]]s, 4) targeting of land based infrastructure such as landing points or power supply, 5) [[cyberattack]]s against [[Information technology|IT]] and [[Operational technology|OT]] infrastructure.<ref name=":2" /> A related potential target are the repair and maintenance facilities which due to their low number (as of 2022, the EU has 3 [[Cable layer|cable]] [[Cable layer|layer ships]]) are highly vulnerable.<ref name=":2" />

Due to the multitude of data cables between [[North America]] and [[Europe]], a singular attack on one cable does not translate to a total loss of communication. However vulnerabilities in the Atlantic include: [[Greenland Connect]], [[Greenland|Greenland's]] only communication cable connecting it with [[Iceland]] and [[Canada]]; [[Fortaleza]] landing point but more specifically [[Atlantis-2]], [[EllaLink]], [[SACS (cable system)|SACS]] and [[SAIL (cable system)|SAIL]] cable systems which represent the only four communication cables that directly link [[South America]] with [[Europe]] and [[Africa]]; the [[Strait of Gibraltar]] which connects the [[Mediterranean Sea|Mediterranean]]  with the Atlantic through 7 cables and due to the volume of maritime traffic presents ideal cover for malicious activities.<ref>{{Cite web |last=TeleGeography |title=Submarine Cable Map Trivia |url=https://www2.telegeography.com/submarine-cable-map-trivia |access-date=2025-05-12 |website=www2.telegeography.com |language=es}}</ref><ref name=":2" />

The critical maritime energy infrastructure threat profile is dominated by [[cyberattack]]s.<ref name=":3" /> Cyberattacks targeting the [[Digital control|digital control systems]] of [[Oil platform|offshore oil rigs]], [[Submarine pipeline|undersea pipelines]], and [[Liquefied natural gas terminal|LNG terminals]], which are increasingly automated and vulnerable to remote interference due to [[automation]] and network dependencies. Likewise natural hazards, including hurricanes, rough seas, and long-term climate change effects like sea-level rise and increased storm intensity, also endanger infrastructure integrity and continuity of operations.

Deliberate attacks on port infrastructure are rare and port security is much more relevant in the domain of blue crime. However as the [[USS Cole bombing]] or [[2008 Mumbai attacks]] highlight, port infrastructure can become a target for terror attacks. Similarly to energy infrastructure the threat vector adversaries take is increasingly in the cyber domain, with ransomware attacks such as the NotPetya attacks on [[Maersk|A.P. Møller-Maersk]].<ref name=":1" />