When seabed disturbances off Côte d’Ivoire severed seven submarine cables in March 2024, the regional internet impact earned an IODA severity score above 11,000.
For Bitcoin, the global effect was negligible. The affected region hosted roughly five nodes, about 0.03% of the network, and the impact fell within normal fluctuations at -2.5%.
No price movement followed. No consensus disruption materialized.
A new Cambridge study, covering 11 years of Bitcoin network data and 68 verified cable fault events, finds that submarine cable failures have historically caused minimal network disruption.
Coordinated pressure on a handful of hosting networks, by contrast, could disrupt visible nodes an order of magnitude more effectively than random infrastructure failures.
Targeted attacks on top hosting networks reach Bitcoin’s fragmentation threshold at just 5% capacity removal versus 72-92% for random cables.The twist: China’s mining crackdown and the adoption of global censorship-resistant infrastructure may have inadvertently pushed Bitcoin toward a more robust topology.
Tor, long understood as a privacy tool, now functions as a structural resilience layer. And most Bitcoin nodes run on it.
The empirical record contradicts the fear
Researchers Wenbin Wu and Alexander Neumueller from Cambridge assembled a dataset spanning 2014 through 2025: eight million Bitcoin node observations, 658 submarine cables, and 385 cable fault events cross-referenced with outage signatures.
Of those 385 reports, 68 matched verifiable disruptions, with 87% of verified cable events causing less than 5% node change. Mean impact was -1.5%, median -0.4%.
The correlation between node disruption and Bitcoin price was effectively zero (r = -0.02). Cable faults that dominate regional headlines routinely fail to register in Bitcoin’s distributed network.
Cable fault impact distribution shows 87% of events caused under 5% node change with near-zero Bitcoin price correlation.The study models Bitcoin as a multiplex network: physical connectivity through 354 submarine cable edges connecting 225 countries, routing infrastructure through autonomous systems, and the Bitcoin peer-to-peer overlay.
Under random cable removal, the critical failure threshold, at which more than 10% of nodes disconnect, lies between 0.72 and 0.92. Most inter-country cables must fail before Bitcoin experiences meaningful fragmentation.
Where the real vulnerability sits
Targeted attacks operate differently. Random cable removal requires removing 72% to 92% of cables to hit the 10% node disconnection threshold. High-betweenness cable targeting drops to 20%.
The most effective strategy, targeting top autonomous systems by node count, reaches the threshold at just 5% of routing capacity removed.
The authors frame this ASN-targeted scenario as “hosting provider shutdowns or coordinated regulatory action, not physical cable cuts.” The model identifies the top networks: Hetzner, OVHcloud, Comcast, Amazon Web Services, and Google Cloud.
A March 2026 Bitnodes snapshot confirms the pattern: among 23,150 reachable nodes, Hetzner hosts 869, Comcast and OVH each host 348, Amazon 336, and Google 313.
| Network/ASN | Reachable nodes (count) | Share of reachable nodes | Notes (interpretation-safe) |
|---|---|---|---|
| Tor (.onion) | 14,602 | 63.1% | Majority share / resilience floor: even extreme clearnet disruption still leaves a large portion of reachable nodes operating via Tor. |
| Hetzner | 869 | 3.8% | Large single hosting network in the clearnet slice; relevant for connectivity shock scenarios, not “Bitcoin stops.” |
| OVHcloud | 348 | 1.5% | Another major clearnet hosting concentration point; indicates where coordinated restrictions could bite first. |
| Comcast | 348 | 1.5% | ISP-heavy footprint (not a cloud host); matters for routing/last-mile concentration in reachable nodes. |
| Amazon Web Services | 336 | 1.5% | Cloud hosting exposure in reachable clearnet nodes; useful for the “cloud outage/crackdown” framing. |
| Google Cloud | 313 | 1.4% | Another cloud concentration point; again, a degradation risk rather than existential risk. |
| All other ASNs | 6,334 | 27.4% | Long tail of smaller networks/hosts provides diversity outside the top names. |
This is not a “five providers can kill Bitcoin” claim.
Even a complete clearnet removal would leave most nodes operational because Tor hosts the bulk of the network. However, it identifies where coordinated action could create connectivity shocks and propagation disruptions that random cable failures have not produced.
Recent cloud disruptions illustrate the risk category. Amazon attributed a March 2026 outage to software deployment failure. Separate reporting described AWS Middle East disruptions after attacks on data centers.
These did not affect Bitcoin meaningfully, but they demonstrate that correlated hosting failures are real rather than theoretical.
Tor as structural resilience
Bitcoin’s network composition changed dramatically.
Tor adoption grew from near zero in 2014 to 2,478 nodes by 2021 (23%), then to 7,617 by 2022 (52%). March 2026 shows 14,602 Tor nodes out of 23,150 reachable nodes, equivalent to 63%.
The surge coincides with censorship events: Iran’s 2019 shutdown, Myanmar’s 2021 coup, and China’s 2021 mining ban.
Node operators shifted toward censorship-resistant infrastructure without coordination, suggesting adaptive self-organization.
Tor introduces a challenge: most Bitcoin nodes now have unobservable locations.
The authors address this by building a four-layer model incorporating Tor relay infrastructure as a distinct network layer. Tor relays are physical servers with known locations.
Using consensus weight data from 9,793 relays, the authors model how cable failures that disconnect countries also take relays offline.
The finding reverses expectations. The four-layer model consistently produces higher critical failure thresholds than clearnet-only, with increases from 0.02 to 0.10.
Most of the Tor relay consensus weight is concentrated in Germany, France, and the Netherlands, countries with extensive cable connectivity. Cable failures that disconnect peripheral countries do not degrade relay capacity in these well-connected nations.
An adversary must remove substantially more infrastructure to disrupt both clearnet routing and Tor circuits simultaneously.
“]
The China effect
Bitcoin’s resilience hit its lowest point in 2021 at 0.72, coinciding with peak mining concentration.
Cambridge data showed that 74% of the hashrate was in East Asia in 2019. Node geographic concentration reduced clearnet resilience by 22% from peak to trough during 2018 to 2021.
The 2022 rebound was sharp. The threshold jumped to 0.88 after China’s mining ban as infrastructure dispersed. Tor adoption accelerated simultaneously.
While the authors avoid single-cause claims, regulatory pressure forced geographic redistribution and drove the adoption of censorship-resistant infrastructure, both of which increased robustness.
Part of the apparent concentration is an artifact of measurement. As Tor adoption grew, the clearnet sample became concentrated in fewer locations. The Herfindahl-Hirschman Index rose from 166 to 4,163, but Hetzner’s actual share decreased from 10% to 3.6%.
The consolidation reflects changing sample composition, not genuine centralization.
Clouds are the real risk
Submarine cable security concerns will escalate. Baltic investigations, the European Commission’s security toolbox, and reporting on Russian infrastructure all point toward persistent geopolitical anxiety.
For Bitcoin, historical data suggest most cable events are noise.
The actionable infrastructure question is whether policy coordination, cloud outages, or hosting restrictions can produce connectivity shocks at the autonomous system layer.
The ASN-targeted scenario operates at 5% of routing capacity, the threshold for noticeable disruption to reachable clearnet nodes, not consensus failure.
Tor’s majority share provides a floor under extreme scenarios. Protocol-level mechanisms the study excludes, such as block relay networks, compact block relay, and Blockstream Satellite, add resilience layers that the model does not capture, making estimates conservative.
Bitcoin is not fragile in the way critics imagine, but it is not detached from infrastructure either.
The network has shown graceful degradation under stress rather than catastrophic collapse. Censorship pressure pushed the adoption of infrastructure that strengthened resilience against coordination risks.
The threat model featuring cable-cutting submarines misses the chokepoint closer to home: a handful of networks where coordinated action could create temporary disruption without dramatic seabed operations or acts of war.
Source: https://cryptoslate.com/seven-internet-cables-were-cut-at-once-bitcoin-barely-noticed-but-researchers-found-a-real-chokepoint/
