Empirical Data from Cambridge Debunks the Myth of Undersea Cables as a Threat to Bitcoin

A Cambridge University study based on empirical analysis of 11 years of Bitcoin network data and 68 confirmed submarine cable damage incidents has reached an unexpected conclusion: backbone cable outages have virtually no impact on Bitcoin. The real threat lies not at the ocean floor but in the concentration of nodes among a few cloud providers — Hetzner, AWS, and Google Cloud.

When in March 2024, maritime disturbances off the coast of Côte d’Ivoire disrupted seven submarine cables and caused a regional internet outage with an IODA score above 11,000 points, Bitcoin remained almost unaffected. Of approximately 180,000 network nodes, only five — about 0.03% — were impacted, with a change of just -2.5%. Prices did not fluctuate, consensus remained intact. This real-world example perfectly illustrates the main finding of the new research.

Empirical Analysis: Why Cable Breaks Almost Never Affect Bitcoin

Cambridge researchers Wenbin Wu and Alexander Neumüller created an unprecedented dataset covering 2014–2025: 8 million node observations, 658 submarine cables, and 385 documented damage events. From this, only 68 coincided with confirmed outages, and the results were clearly reassuring.

87% of confirmed cable incidents led to changes in node count of less than 5%. The average impact was -1.5%, with a median of just -0.4%. Attempts to find a correlation between node failures and Bitcoin price showed almost no relationship (r = -0.02). Cable issues, often headline news, leave no trace in the distributed Bitcoin network — this is the primary empirical result contradicting years of critics’ fears.

The study modeled Bitcoin as a multi-layered infrastructure: the physical layer of international connections via 354 submarine cables, the routing infrastructure layer (autonomous systems), the peer-to-peer network layer, and later, the Tor network layer. Random cable failures require the failure of 72–92% of all international cables to reach a critical threshold where more than 10% of nodes disconnect — effectively a near-total collapse of the global internet infrastructure.

The Real Danger: Cloud Service Concentration

However, a targeted, coordinated attack scenario looks entirely different. If an attacker focuses on high-centrality relays (nodes that mediate most traffic), the required percentage drops to 20%. But the most effective attack vector does not even require physical destruction.

Targeted disruption of top autonomous systems (ASNs) — key internet routing nodes controlling traffic — would be orders of magnitude more effective. Disabling just 5% of routing capacity could cause significant outages. The researchers classify this scenario as “hosting provider shutdown or coordinated regulatory intervention,” not physical cable cuts.

Analysis identified five leading providers: Hetzner, OVHcloud, Comcast, Amazon Web Services, and Google Cloud. A snapshot from Bitnodes in March 2026 confirms this concentration: out of 23,150 accessible nodes, Hetzner hosts 869, Comcast and OVH each 348, Amazon 336, Google 313. This does not mean these five can “kill” Bitcoin — even if the open network is fully disabled, most nodes will continue operating via Tor. But it shows where coordinated actions could cause serious disruptions in accessibility, which random cable outages cannot.

Recent cloud service outages confirm these risks. AWS’s March 2026 failure was due to a software deployment error; other incidents involved direct attacks on data centers. While Bitcoin remained stable, these events prove that failures involving trusted intermediaries are not theoretical but real.

How Tor Became a Resilience Tool

Bitcoin’s network architecture has undergone a radical transformation. Use of Tor grew from nearly zero in 2014 to 2,478 nodes (23%) in 2021, 7,617 (52%) in 2022, and 14,602 (63%) of 23,150 available nodes in March 2026.

This growth coincided with waves of global censorship: internet shutdowns in Iran (2019), military coup in Myanmar (2021), mining bans in China (2021). Without coordination among developers, nodes self-organized to adopt censorship-resistant infrastructure. Tor, originally designed for privacy, has become a structural layer of protection against coordinated pressure.

The study developed a four-layer model, where Tor relays (physical servers with known locations) form a separate layer. Using data on consensus weights from 9,793 relays, the researchers modeled how cable outages could simultaneously disable relays. Results were surprising: the four-layer model with Tor always yielded a higher critical failure threshold (an increase of 0.02–0.10).

Most relay consensus weights are concentrated in Germany, France, and the Netherlands — countries with better cable connectivity. Disabling cables in peripheral regions does not weaken relay capacity in well-connected countries. An attacker would need to remove more infrastructure simultaneously across multiple levels.

From the Chinese Factor to Global Resilience

Bitcoin’s resilience dropped to a minimum of 0.72 in 2021 — coinciding with peak hash rate concentration. Data shows that in 2019, 74% of hash power was in East Asia, and node concentration reduced open resilience by 22% from 2018 to 2021.

But then, a sharp rebound occurred. After China’s mining ban and infrastructure diversification, the resilience threshold rose to 0.88, and Tor adoption accelerated. While the authors avoid definitive causal claims, regulatory pressure contributed to geographic redistribution and stimulated the shift to censorship-resistant infrastructure — both factors increasing network resilience.

Interestingly, the apparent centralization of the open network on the surface reflects measurement artifacts. As Tor grew, the open node sample concentrated in fewer geographic locations, and the Herfindahl-Hirschman index increased from 166 to 4,163. But the actual share of Hetzner among all nodes (including Tor) fell from 10% to 3.6%. This concentration reflects sampling changes, not true network centralization.

Cloud Services — A Real Leverage Point

Concerns about submarine cable security will persist. Investigations of Baltic outages, European cybersecurity tools, and reports of Russian operations targeting cable infrastructure point to ongoing geopolitical threats. But for Bitcoin, empirical historical data is clear: most cable incidents are noise.

The real infrastructure risks involve whether coordinated policies, cloud service failures, or hosting restrictions can trigger cascading outages at the autonomous system level. The critical threshold for a targeted ASN attack is 5% routing capacity — enough to cause significant accessibility issues for open nodes without collapsing consensus itself.

The high reliance on Tor provides minimal protection in extreme scenarios. Additional protocol-level mechanisms — block relay networks, compact block relay, Blockstream satellite — add layers of resilience, making the estimates conservative.

Conclusion: Graceful Degradation Instead of Catastrophic Failure

Bitcoin is not as fragile as critics claim, but it is not entirely independent of infrastructure. The network demonstrates “graceful degradation” — a gradual decline in functionality under pressure, not a sudden catastrophic failure.

Empirical analysis also reveals a paradox: censorship drives the adoption of resilient infrastructure, which in turn enhances protection against coordination risks. The threat model based on submarine-launched attacks on cables overlooks closer vulnerabilities: a few cloud networks where coordinated actions could cause temporary disruptions without operational collapse.

Cambridge’s study shifts focus from the ocean to the clouds, from natural disasters to socio-technical risks. This re-evaluation of risks, supported by empirical data, may influence Bitcoin’s future security more than any submarine cable protection.