At the end of an unmarked path on a tiny island at the edge of Stockholm’s extensive Baltic Sea archipelago lies an inconspicuous little wooden cabin, painted a deep shade of red. Water gently laps the snow-dusted rocks, and the smell of pine fills the air.

The site offers few clues to the geopolitical drama that has gripped Scandinavia in recent months, driven by accusations of infrastructure sabotage. But in fact the cabin houses a key cog in Europe’s digital connectivity, and a point of vulnerability in a potential hybrid war: a datacentre that amplifies the signal from a 1,615-mile fibre-optic cable running from northern Sweden to Berlin.

Last month, two nearby fibre-optic cables were severed, prompting a continuing investigation by Swedish authorities. Western intelligence officials from multiple countries have said they are confident a Chinese ship caused the cuts after leaving the Russian port of Ust-Luga, though views differ on whether the cuts were accidental or potentially deliberate.

Since Russia’s invasion of Ukraine in 2022, Sweden has experienced a rise in hybrid warfare – attacks on an adversary using methods other than traditional military action – blamed on pro-Russia groups. With governments in northern Europe on high alert over hybrid Russian activity, the Guardian was given exclusive access to the Stockholm datacentre site.

Daniel Aldstam, the chief security officer at GlobalConnect, which transports 50% of the internet capacity of the Nordics and runs the centre, described the approach to its location and ordinary outward appearance as “security through obscurity”.

“Essentially you have two different approaches,” he said. “Either you put a lot of fences around it which make it obvious that there is something critical, or you do it like we have done it here and try to keep things a little more discreet. But of course we have the normal stuff in terms of alarms, CCTV, access control and all of that.” Inside, cages full of equipment emit blinking lights and different-coloured cables line the ceiling.

After a recent suspected sabotage incident, the Polish prime minister, Donald Tusk, proposed a “navy policing” initiative involving joint military patrols by countries around the Baltic.

Travelling from Stockholm by helicopter over the archipelago, formed of 30,000 islands, rocks and skerries, it is clear to see how challenging the coastline is to protect. But its vastness also suggests how the “security through obscurity” approach could be effective – at least up to a point. Maps that show where all the undersea cables are laid are publicly available.

“We have hundreds of thousands of kilometres of fibre. How do you physically protect it? You can’t,” said Aldstam. “What is important here is the redundancy [using multiple cables offering alternative routes if one is cut off]. You need to have more fibres.”

With infrastructure seen as being particularly vulnerable to hybrid warfare, there are signs of tweaks to the “obscurity” approach, reflecting the fraught times.

GlobalConnect is in the process of setting up a bigger and more modern-looking datacentre nearby, which although still unmarked and painted a similar shade of red, is more obviously a building doing an important function. Inside it has its own diesel-powered backup generator to ensure it could continue running if electricity was cut off.

The vulnerability to sabotage of undersea cables and other critical infrastructure – particularly in the relatively shallow and busy Baltic – has come into sharp focus since Russia’s full-scale invasion of Ukraine.

In September 2022, the Nord Stream pipeline, which carried natural gas from Russia to Germany, was blown up. Initially, many assumed Russia was to blame. However, in August this year, German media reported that German authorities had issued an arrest warrant for a Ukrainian man on suspicion of being part of a team that planted explosive devices on the pipeline. Both sides in the war in Ukraine have denied responsibility and blame each other for the attack.

Nato, which has established a dedicated centre for undersea security, has warned that the security of nearly 1 billion people across Europe and North America is at risk of hybrid warfare by the alliance’s adversaries, due to vulnerabilities in windfarm, pipeline and power cable infrastructure. Earlier this month, the Nato secretary general, Mark Rutte, urged Europeans to “shift to a wartime mindset”.

For all the warnings, undersea cables, which can lie on or be buried in the seabed, look surprisingly slight.

“We call it a super mega cable, but it doesn’t sound super mega or look super mega,” said Patrik Gylesjö, who is responsible for overseeing the whole of GlobalConnect’s Sweden to Berlin cable project, which was completed earlier this year. “The name refers to its capacity rather than the size.”

Inside the cable, which is little more than 2cm in diameter, is a small section formed of 96 hair-thin fibre pairs – enough to support 1bn simultaneous Netflix streams, he said. The rest is made up of steel armouring and a waterproofing substance.

It would take only an anchor from a relatively small ship to break the cable, said Gylesjö. “If you would like to break this cable or cut it, you would not need a super-big tool. It’s quite fragile.”

Making it stronger, he added, would make it heaver, more expensive and “more complicated to deploy”.

Accidental breaks in undersea cables are incredibly rare. “It’s very rare that damage happens in general,” said Gylesjö. “Very rare. During our time as an operator of sea cables [more than 20 years] I think it has happened two to three times maximum.”