The Day Europe’s Data Stops Flowing

Europe is more reliant than ever on digital services and the infrastructure that fuels them. A prolonged systemic failure would trigger a cascade of crises: cities losing power, emergency services overwhelmed, and financial disruption. Although operators skillfully manage short-term outages and networks are built to be redundant at the core, Europe’s data infrastructure remains fragile.

Infrastructure providers, investors, and policymakers can coordinate various efforts to safeguard society from the impact of a prolonged outage, especially in a time of rising geopolitical tension.

In this article, we have used EU and industry data to model how European infrastructure would degrade in a major outage—from inconvenience in the first few hours to a systematic breakdown as the outage extends for days. We also illustrate how disruption on this scale is worryingly possible. For example, some subsea cables connecting nations to the global economy lack monitoring where they come onshore.

This “resilience gap” between Europe’s reliance on digital infrastructure and the technology’s ability to operate under stress—whether caused by human action or technical accident—is hard to close. Europe’s digital ecosystem is complex, spanning regulated national telcos and distant tech giants in Silicon Valley, India, and China. Nevertheless, Europe can go further and faster than current initiatives. Our analysis helps define the priorities for urgent action. Digital infrastructure operators, investors, and governments all have a role to play in a concerted effort to avoid prolonged outages with disastrous impact.

A Digital Ecosystem at Risk

Europe’s vulnerability is, ironically, a byproduct of its success at digitization. Governments, regulators, private enterprise, educational institutions, and others have worked tirelessly to ensure the region keeps pace with the US and Asia. (See Exhibit 1.)

Infrastructure and Network-Level Vulnerabilities

The EU faces several critical challenges relating to physical infrastructure and planning and response practices.

Networks have concentrations of risk and vulnerability.
ENISA, the EU’s cybersecurity agency, and the EU Commission have repeatedly identified “single points of failure in backbone and last-mile interconnects.” In parts of Central and Eastern Europe, over 80% of international traffic travels through just one or two connectors. Damage to a single node, such as a cable cut near a border interconnection, could degrade international traffic or even disconnect a country from services entirely.

Physical infrastructure needs more robust security.
EU states have worked hard to secure core digital infrastructure, but protection lags for secondary facilities such as regional data centers and backup systems. Official reviews often highlight a lack of basic protection, such as fenced perimeters, CCTV, or tamper alarms.

Subsea cables are particularly exposed. At the start of 2026, six cables suffered damage in six days in the Baltic Sea. Although some incidents may have had natural causes, others have triggered investigations into whether they were deliberate. Fewer than 20% of EU cable landing stations have 24/7 surveillance, according to ENISA. Most cables are privately owned, and some lack real-time monitoring. Of course, cable breaks are an unfortunate fact of life for telecom operators, and single breaks are often resolved swiftly and without end users noticing. However, the fleet of ships that can repair subsea links is limited; simultaneous failures, perhaps through coordinated sabotage, would mean some cables could go unrepaired for an extended period.

Incident response lacks coordination.
Governance is scattered across agencies rather than centralized. Many states do not conduct multi-sector crisis simulations, and fewer than half have live dashboards that integrate telecom and energy data for real-time decision making.

Sector-Level Vulnerabilities

Infrastructure and network-level weaknesses then compound into sector-level weaknesses. The most affected areas would include:

Financial services. Even brief outages to systems such as SEPA, TARGET2, and SWIFT will delay settlements, create liquidity mismatches, and risk damaging market swings. While generally resilient, the sector has some critical vulnerabilities. For instance, some participants’ payment-processing software (including SWIFT connectivity components and SEPA processing hubs) might be deployed on public cloud offerings from non-EU cloud providers, creating indirect exposure. Furthermore, the ongoing shift toward cashless retail payments could leave citizens unable to buy basic necessities. In 2024, just 39% of EU consumer purchases by value were made with cash, with the figure just 17% in the Netherlands.

Defense and public safety. Civilian telecom networks support a growing share of military and emergency communication. Outages impair coordination during crises, reduce visibility into deployments, and complicate logistics planning. Public alert systems typically use mobile networks, which would lose the ability to broadcast evacuation orders or crisis guidance, creating a dangerous information vacuum.

Health care. Europe’s drive for health care efficiency has made it reliant on electronic records, diagnostic portals, and cloud-based communication. Crucially, around half of Europe’s clinical labs use cloud‑based systems to manage sample tracking, testing workflows, and result reporting. Without connectivity, labs cannot process even urgent diagnostics. Even routine care is only possible with access to digital patient information and prescription systems. In 2024, the failure of a single mobile network in Denmark forced some hospitals to cancel non-urgent operations, a warning of how digital-dependent the system has become.

Energy. The shift to renewables and distributed generation has made Europe’s grid more reliant on digital control. Connectivity outages leave operators in the dark, forcing protective blackouts even when the power supply is sufficient. Blackouts can trigger further outages: while central data centers have backup power, the mobile sites that serve remote areas often have battery backup that would keep rural communities connected for only two hours. But even urban areas can lose mobile coverage during a power failure—as demonstrated by the thousands who lost coverage in Berlin in January when activists caused a five-day power outage.

Manufacturing and other businesses. The Suez Canal blockage in 2021 lasted just six days but caused global supply chain disruption, including to European car makers. A digital disruption of this length would have a more profound impact, freezing logistics. This would affect vital products such as food and medicines.

Clearly, digital infrastructure plays a central role in sustaining Europe’s economy and the consistent delivery of critical public and private services.

Measuring the Impact of Data Outage

To get a more clear picture of the potential risks, we evaluated the impact of a prolonged outage at three time checkpoints, mostly based on EU and other official data. The modeling shows the potential impact of a mobile and fixed network outage that affects 30% of Europe’s population. The shortest outage could be triggered by a minor incident, such as a faulty network software update cascading. The most serious outage would most likely come from a coordinated attack, such as by sabotage or highly effective ransomware. Summaries of the causes and effects of each checkpoint follow.

In a short-term outage, Europe would still be moving, but only through workarounds. Many systems would sustain themselves through cached data, battery backups, and other basic measures.

• Up to €200 million in digital payments would be delayed, but ATMs and retail card machines would continue to function in offline mode.
• Emergency services would revert to the 1990s-era TETRA radio system; however, this lacks GPS integration. Reduced efficiency would cause delays for 30,000 to 50,000 calls.
• Hospitals would suffer some disruption. Some 150,000 lab tests would become inaccessible. However, the backlog could be cleared in 48 hours.
• Energy operators would lose efficiency without real-time monitoring, though blackouts would be unlikely unless peak demand coincides with extreme weather.

A one-day outage would put the region under strain. Cohesion, control, and clarity would start to erode. As short-term workarounds falter, multiple systems would start to fail in parallel. This longer outage would become a cascading failure of coordination, functionality, and public trust.

• Disruption to the Eurozone’s TARGET2 payments system would block €25–30 billion in wholesale payments, causing liquidity mismatches and wider financial stress. Consumer card payments would start failing widely.
• Emergency services’ manual dispatch would start to become overwhelmed. With up to 140,000 calls delayed, police and ambulance response times would rise quickly.
• Health care providers would struggle. About 400,000 patient consultations would be cancelled, in part because 500,000 test results would not be accessible.
• Energy providers would shut down 2–3 GW of renewable energy due to insufficient grid monitoring. Reliance on more expensive reserve power would increase the risk of blackouts.

In addition, there would be disruption to many ordinary activities, from virtual exams to customs clearance. Critically, millions would lose access to the basic news and information they would need for reassurance during the incident.

A one-week data outage would create a European crisis without precedent. Disruption for businesses, public services, and residents would be intense.

• Some €200 billion in retail, corporate, and cross-border transactions would be stalled, causing immense market volatility. All card payments would fail; cash distribution would be under extreme stress as Europeans would need notes to buy basic necessities.
• Emergency service response times would be in freefall. Backed-up calls would exceed 500,000, and delayed responses would mean a loss of lives.
• Hospitals would be forced to use paper charts for patient information. Cancelled consultations would exceed 4 million. Pharmacies would start to risk drug shortages due to issues with inventory control and stock ordering.
• Energy providers would shut down more renewables and therefore need to shed 5% to 10% of peak demand, potentially through rolling blackouts. Cloud data centers and core network infrastructure, operating on diesel backup, would begin going offline, further exacerbating the crisis.

Meanwhile, the basics of civil society would freeze. Two million students would lose access to learning. Taxes would go unpaid. Industry and supply chains would be frozen. Airports would cancel waves of flights due to an inability to conduct security checks, and rail networks would run at reduced speeds for safety. Potential and unpredictable secondary effects could worsen the crisis.

The economic disruption of an extended data outage would fundamentally alter international investors’ view of Europe, reclassifying the region as an unreliable partner in the global economy. However, economic models cannot fully capture the reality of this scenario. A week-long outage could trigger panic behaviors such as stockpiling and civil unrest. Misinformation would flourish in the communication vacuum. This would signal a failure by the state to respond, recover, and protect its citizens. Trust in institutions would erode by the day.

Developing a Charter for Data Resilience

Mindful of these risks, the EU, its member states, and institutions such as the European Central Bank have made meaningful progress in strengthening resilience through strategic funding, regional initiatives, and frameworks such as NIS2 and CER. However, implementation is mainly at the national level, creating coverage gaps and uneven overall preparedness. Progress requires shifting from this fragmented protection to coordinated resilience. We outline recommended actions for various involved groups.

Infrastructure/Network Providers

These companies are at the front line of building resilience. They should:

• Build geographically distributed, modular architectures that route around failure points to preserve service continuity. Invest, if necessary, in partnership with public partners such as local governments to build additional resilience in rural or border areas. All this must be developed with governments and the wider industry.
• Engage actively in stress-testing exercises, especially cross-border and even pan-EU simulations.
• Disclose more about resilience capabilities in tenders. This creates a competitive advantage for the more robust carriers.

Investors

Investors also play a vital role in boosting data resilience. Traditionally they have looked for investments with scale, performance, regulatory clarity, and ROI. However, they also need to recognize how asset values can be damaged by service failure. Investors must:

• Embed resiliency metrics, such as vendor diversity and speed of fallback, into due diligence.
• Participate in new forms of financing, such as blended public/private investment, that can fund additional resilience that fails to meet conventional investment criteria.

Policymakers

At the end of the day, policymakers carry the ultimate responsibility for protecting the EU’s data infrastructure. They create the legal and financial framework that shapes all network investment. Today, however, responsibility is often fragmented: one department handles telecoms regulation, another oversees cyber security, and a third manages civil emergencies. Countries would benefit from following the example of Belgium and the Netherlands by creating unified dashboards and bringing responsibilities together. Policymakers should also:

• Recognize that despite digital infrastructure being privately-held, government has a duty to monitor quality of service and redundancy levels.
• Provide funding and financing frameworks to incentivize the required build-out.
• Orchestrate cross-sectoral co-operation to ensure vital sectors are resilient against outages. This extends beyond health care to include other vital sectors such as food retail.
• Co-operate with neighboring countries to facilitate cross-border fallback options — including for sensitive data.

Sector Players

While boosting resilience at the network level is critical, it is also vital to improve it at the application level. Health care companies, financial institutions, transportation companies, and others must recognize that reliability is not solely the responsibility of their network provider. They need to identify and address any resilience gaps within their own organization. They should:

• Map their digital dependencies, especially single points of failure. Use this to plan and build increased resilience.
• Demand data resilience from all vendors.
• Participate in industry initiatives to raise sector-wide standards.
• Develop fallback operations such as offline workflows.
• Participate in the stress-testing exercises mentioned earlier. Industry participation will make the exercises more realistic and give sector players new insights into their vulnerabilities.

The list of actions to resolve the digital resilience gap is long, but our analysis of the vulnerabilities underlines their urgency. Europe’s 450 million-plus citizens rely on digital infrastructure every day. As such, resilience is no longer a matter of laying duplicate cables or adding backup power. It has become an all-hands-on-deck challenge, requiring public and private stakeholders to take immediate action to secure Europe’s digital future.