The Iranian Conflict and Europe’s Energy Security: Geopolitical Risks

Europe finds itself at the intersection of two geopolitical crises that, while separated by thousands of kilometres, share a common strategic target: energy supply. Russia's ongoing war in Ukraine, and the subsequent halt of European energy imports from Russia, triggered a sustained campaign of sabotage against undersea energy infrastructure in the Baltic Sea, and the conflict now escalating in the Middle East is threatening to choke off the global oil and LNG flows that Europe depends on as a replacement for Russian gas. Together, they are converging on a vulnerable energy system that was largely built on the idea of energy sovereignty at the top of its concerns, rather than adversarial use cases in mind. However, adversaries are beginning to exploit its vulnerabilities through prepositioning, which consists in the act of integrating capabilities within the target’s operating systems to create a status of readiness for action in the moment of need – such as placing covert operatives in relevant insider positions within foreign critical infrastructure – and using hybrid tactics to test adversaries’ vulnerabilities and responses in preparation for escalation.

The Hormuz chokepoint

The Strait of Hormuz has been a pressure point in global energy security long before the current conflict.

Iran has repeatedly used the Strait as a lever, such as during the Tanker War of the 1980s, in the tensions of 2011-2012, and again during the 2019–2020 heightened geopolitical tensions due to the imposition of sanctions.

Via Reuters: https://www.reuters.com/markets/commodities/iran-war-leaves-deep-costly-scar-mideast-energy-2026-03-19/ 

Such episodes have repeatedly demonstrated that physical disruption is only part of the damage caused. Impacts on insurance premiums, shipping routes, investor risk appetite, linger well after traffic resumes. A recent example is provided by Houthi activity in the wake of the beginning of the full scale Israeli Palestinian conflict in October 2023. Despite the combined ceasefires – between the Houthis and Saudi Arabia in May 2025 and between Palestine and Israel in October 2025 – traffic through the Bab el-Mandeb strait is yet to return to pre-October 2023 levels. Due to renewed tensions, it is likely to remain under capacity for longer.

The current situation is of a different order of magnitude. Roughly 20% of global oil supply goes through the Strait of Hormuz, as Bab el-Mandeb constitutes the second step on the route to Europe. Since the strikes on Iran last month, commercial traffic has been severely disrupted; insurers, shipowners, and energy traders treat it as functionally impaired. Iran has not mined or blockaded the strait outright but has instead used drones and low-cost weapons to strike a targeted number of vessels - a small fraction of the more than one hundred commercial ships that transit on a typical day. This deliberate asymmetry makes the disruption cheaper to sustain long-term and just as effective in undermining confidence in the route.

The consequences extend well beyond oil prices. On March 4th Qatar – which alone provides roughly 20% of global LNG supply – declared force majeure on its LNG exports following Iranian drone attacks on Ras Laffan oil infrastructure. This is a direct threat to Europe’s energy security as EU states pivoted heavily toward LNG after severing dependence on Russian pipeline gas post-2022, ultimately becoming the world’s largest LNG importer.

From adaptation to prepositioning

Since 2022, Europe has moved with renewed speed speed to reconfigure its energy system. REPowerEU and its successor initiatives have accelerated LNG import capacity from other providers – especially the US – expanded renewable generation and reduced Russian pipeline gas from 45% of supply to 13%. This shift replaces traditional energy sources more vulnerable to geopolitical shocks with renewable and electric sources, inherently more resilient to this type of threat – a wind turbine in the North Sea cannot be sanctioned or blockaded.

This transition introduces a paradox that is not yet fully reflected in European security planning. As Europe reduces its dependence on fossil fuels, it becomes progressively more reliant on physical infrastructure, such as the wind turbines, offshore cables, grid interconnectors, subsea pipelines, and the digital control systems that manage them. Therefore, this transition is effectively creating another target area that, while geographically closer and easier to defend in theory, lends itself well to hybrid warfare.

Prepositioning is a tactic of hybrid warfare which, unlike traditional warfare escalation techniques, leaves no immediate footprints, such as in the case of vessels strategically loitering off cable routes waiting for the signal to strike. From an insider risk perspective, this kind of activity may take the form of contractors or crew members aboard of said ships with access to maps and maintenance schedules who are covertly working for hostile entities. In this case, intellectual property (IP) constitutes not only a valuable target of state espionage in itself – as it may be used by hostile state actors to, for example, reduce the competitive gap between domestic and foreign firms – but also as an enabler of sabotage. Complete knowledge of designs and infrastructure not only offers malicious actors a blueprint for attack, but also a complete roadmap of the cascading effects of acts of sabotage. Therefore, having insiders with privileged access to valuable informational property in the renewable energy sector is crucial for state espionage and sabotage activities.

Undersea interconnectors, hybrid warfare, and the insider risk problem

What was once concentrated in a handful of pipeline routes and LNG import terminals is now distributed across thousands of kilometres of seabed, increasingly far from shore. These networks, in some cases, cross international maritime boundaries where jurisdiction is ambiguous and response times are slow. The European seabed hosts an extensive and growing web of subsea infrastructure that is now vital for trade and the functioning of integrated energy markets. Since Russia's full-scale invasion of Ukraine in 2022, this infrastructure has become a focal point for hybrid warfare.

The attack timeline is instructive. On September 26th, 2022, Nord Stream 1 and 2 were destroyed by underwater explosions, believed to be attributed to the Russian navy. In October 2023, the Balticconnector gas pipeline between Finland and Estonia was ruptured, allegedly by a ship sailing under Hong Kong. In November 2024, two Baltic data cables were severed amid accusations of Russian sabotage. On Christmas Day in 2024, the Estlink 2 power cables were simultaneously cut with several telecommunications lines by a ship believed to be part of the Russian Shadow fleet, the Eagle S. In January 2026, a fibre optic cable between Helsinki and Tallinn was damaged by a cargo ship sailing under St. Vincent and Grenadines flag that had previously travelled between St. Petersburg and Haifa.

The attack methodology is notable for its deliberate simplicity. The Baltic Sea is relatively shallow, meaning a vessel only needs to drag its anchor along the seabed to sever a cable and immediately claim accidental contact. That physical dimension provides structural plausible deniability, a feature of the environment that adversaries have learned to exploit systematically.

The Eagle S case illustrates how the insider risk dimension operates in practice. The Cook Islands-flagged tanker, linked to Russia's shadow fleet, was found carrying Russian- and Turkish-language laptops and suspected signals intelligence equipment when detained by Finnish authorities in January 2025. The vessel was registered in the UAE, operated by an Indian company, and crewed largely by Indian and Georgian nationals. A crew dragging an anchor and damaging a cable requires minimal technical expertise and minimal direct contact between the ordering party and the vessel. This is an exemplary case of malicious insider activity at maritime scale: trusted actors embedded within legitimate commercial frameworks, activated below the threshold of conventional conflict.

The broader effect is strategic rather than purely operational. Although only a handful of vessels are currently suspected of deliberate sabotage, the entire shadow fleet - estimated at over 400 tankers - becomes a vector of ambient threat. Russia's ability to order sabotage at low cost and low risk amplifies the fleet's deterrent value far beyond the incidents it has actually caused.

The structural vulnerability

Taken together, the Hormuz disruption and the Baltic sabotage campaign reinforce each other. Both exploit the same fundamental asymmetries within energy infrastructure, which is expensive to build, slow to repair, and concentrated at identifiable critical junctions. Adversaries can use embedded insiders to sabotage critical infrastructure, while retaining plausible deniability. The adversary does not need to destroy it comprehensively but only needs to generate persistent uncertainty about its reliability.

For Europe, this produces a layered threat structure. Upstream, Middle Eastern instability disrupts the supply of oil and LNG that European markets depend on. Midstream, chokepoints like Hormuz create sustained price pressure and supply fragmentation that persists long after the shooting stops. Downstream, hybrid attacks on cables, interconnectors, and offshore infrastructure convert market shocks into hybrid warfare, with severe domestic societal implications even in countries far away from active conflict zones. The resulting unrest may contribute to reducing public approval for military engagement in the conflict, effectively supporting the perpetrators of hybrid attacks. In this low-risk/high-reward scenario there is an incentive for hostile state actors to engage in sabotage, as they stand to gain massively from relatively low-risk actions due to plausible deniability of their attacks. In this context, defence against infiltration, hence insiders, is critical as it is the most efficient way of protecting oneself.

Resilience in this environment demands more than diversification of supply. From a conventional defence perspective, risk mitigation requires redundancy in physical infrastructure, dedicated repair capacity, enhanced maritime surveillance, and the integration of energy policy with security and defence planning. From an insider risk perspective, it requires a fundamentally different approach to personnel security across the energy supply chain and throughout the employee lifecycle. This entails expanding vetting standards for crew personnel working in sensitive areas, for contractors with access to the location of strategic targets, and for third-parties providers with obscure ownership structures.

What the convergence of these two crises makes clear is that energy security is now a domain of active, ongoing competition conducted below the threshold of conventional warfare and against infrastructure that was designed for efficiency rather than survival. New warfare techniques require new defence strategies. Europe must extend its security perimeter beyond physical assets and into the human and informational layers of the energy system, where adversaries have learned that the most effective point of entry is often the one that is already there.

Contact our experts to understand how your organisation can strengthen resilience and navigate the growing challenges of energy security in an increasingly competitive landscape.