Rising Drone Threats to Military and Critical Infrastructure in Europe
The UK Ministry of Defence reported a sharp increase in drone sightings near British military bases, citing 266 incidents last year versus 126 in 2024, and linked the trend to concerns about hostile reconnaissance of sensitive defence sites, including airbases used by the US Air Force. In response, the UK government is moving to expand authorities under the Armed Forces Bill so designated military personnel can directly intervene against threatening uncrewed systems—covering air, land, and submersible drones—without first requiring police involvement.
In Ukraine, SpaceX and Ukrainian authorities implemented an emergency measure to disable unauthorized Starlink terminals being used to control Russian long-range drones, following reports that Russia continued leveraging Starlink-enabled connectivity for strikes deeper inside Ukraine. Ukrainian officials characterized the action as a temporary fix that may also disrupt some legitimate users, while SpaceX and Ukraine pursue a more durable approach to prevent unauthorized use of the satellite service in contested environments—highlighting how commercial communications infrastructure is being exploited as part of drone-enabled warfare and broader hybrid threats across Europe.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
6 events from the most recent confirmed update back to the earliest known activity.
Ukraine introduces mandatory Starlink terminal whitelist
Ukraine announced a mandatory verification and registration system for Starlink terminals used by civilians, businesses, and the military. The Ministry of Defense said only verified terminals would remain active in Ukraine, with unregistered devices automatically disconnected, in coordination with SpaceX.
UK proposes expanded military powers to counter drones
Through the Armed Forces Bill, the UK government proposed allowing authorized service personnel to directly respond to threatening uncrewed systems without first involving police. Defence Secretary John Healey said the government would also invest more in counter-drone technology.
UK reports drone sightings near military bases doubled in 2025
The UK government disclosed that 266 drone incidents were recorded near defense sites in 2025, up from 126 in 2024. The increase heightened concerns about hostile reconnaissance around British military facilities, including airbases used by the US Air Force.
Ukraine publicly thanks SpaceX for rapid response
Ukrainian Digital Transformation Minister Mykhailo Fedorov publicly thanked SpaceX President Gwynne Shotwell and Elon Musk for quickly responding to the misuse of Starlink by Russian forces. Officials said the emergency measures were an interim step while a more comprehensive solution was prepared.
SpaceX and Ukraine deploy emergency Starlink restrictions
After the recent Starlink-equipped drone attack, SpaceX and the Ukrainian government implemented emergency measures to disable unauthorized Starlink terminals operating inside Ukraine. Ukrainian officials said the temporary controls also affected some legitimate users.
Ukraine detects Russian drone using Starlink
Ukrainian officials said they identified a Russian attack drone using Starlink connectivity in late January 2026, confirming that Russian forces had begun using the service for real-time drone control inside Ukraine.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
4 references tracked. Mallory keeps watching after this page renders.
Ukraine tightens controls on Starlink terminals to counter Russian drones | The Record from Recorded Future News
therecord.media
Open sourceRussian drones use Starlink, but Ukraine has plan to block their Internet access - Ars Technica
arstechnica.com
Open sourceDrone sightings have doubled near UK military bases, warns British government | The Record from Recorded Future News
therecord.media
Open sourceStarlink uses emergency fix to block Russian drones using its devices to bomb Ukraine - company looking for permanent solutions to stop unauthorized use of its service | Tom's Hardware
tomshardware.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
UK and US militaries expand counter-drone authorities and domestic drone production
The UK Ministry of Defence is advancing legal changes in the *Armed Forces Bill* to give British defence personnel explicit authority to neutralize drones and other unmanned platforms deemed threatening near military bases and operations, a power currently more constrained and typically exercised by police and select agencies. The MoD cited a sharp rise in reported unmanned aerial intrusions near sensitive UK sites (266 in 2025 vs. 126 in 2024) and indicated the practical response will often rely on **electronic countermeasures** (e.g., RF jamming) rather than small-arms fire; recent examples and demonstrations referenced include RF jamming incidents and UK testing of **directed-energy** counter-drone systems (high-energy RF and laser-based capabilities). Separately, the U.S. Marine Corps’ 2nd Maintenance Battalion announced an **NDAA-compliant** modular drone, **HANX**, designed to avoid China-sourced parts and to be rapidly manufactured and repaired using **3D-printed components** in-house. The stated intent is to shorten procurement and sustainment timelines by reducing reliance on external contractors while enabling quick reconfiguration for missions ranging from reconnaissance to “one-way attack” roles, reflecting a broader push toward more secure, domestically supportable unmanned systems within U.S. defense organizations.
Mar 21, 2026
Mobile Networks and Cyber Operations Enabling Drone Warfare in the Russia–Ukraine Conflict
Ukrainian hacktivists linked to the **Fenix cyber analytics center**, supported by **InformNapalm**, reported compromising accounts belonging to dozens of Russian military personnel and gaining access to monitoring systems used by Russian attack-drone operators. The operation allegedly enabled covert, near real-time surveillance of drone-operator activity and the transfer of collected data to Ukrainian Defense Forces, and it was cited in reporting around Ukraine’s decision to sanction Belarusian leader Alyaksandr Lukashenka over Belarus’s role in enabling Russia’s use of **repeater infrastructure** on Belarusian territory to extend UAV control and expand strike reach into northern Ukraine, including against energy and rail targets. Separately, Dutch intelligence services (**AIVD/MIVD**) warned that Russia is intensifying a broader **hybrid warfare** campaign across Europe—combining cyberattacks, sabotage, disinformation, covert influence, and espionage—to undermine public trust and weaken support for Ukraine while staying below the threshold of open war. In parallel, telecom-focused research highlighted how **public mobile networks** are increasingly being used as command/telemetry links for combat drones, citing examples from the Russia–Ukraine war and describing how 4G/5G standards work (e.g., 3GPP enhancements in Releases 15–18) has made cellular-connected UAV operations more feasible—raising infrastructure-security concerns for mobile operators and national critical infrastructure.
Mar 21, 2026
US Military Expands Counter-Drone Defenses After Base Incursions and Middle East Threats
U.S. military leaders said small unmanned aircraft are increasingly threatening both domestic installations and overseas operations, prompting a broader push to improve counter-drone defenses. Gen. Gregory Guillot told lawmakers that **350 drone detections** were reported over the past year across **100 U.S. military installations**, with the primary concern being surveillance of sensitive capabilities by known and unknown actors. He said existing authorities under `Title 10, Section 130i` are too narrow because only about half of installations are covered and commanders often cannot act against drones flying just outside base perimeters. NORTHCOM and NORAD have since established a dedicated counter-drone operations branch, and the Pentagon designated NORTHCOM as the lead coordinator for counter-small UAS efforts in the continental United States and Alaska. At the same time, the Pentagon is continuing to send counter-UAS systems to the Middle East through **Joint Interagency Task Force 401** as regional tensions and an unstable ceasefire sustain demand for air defense. JIATF-401 said it committed more than **$600 million** in counter-drone defenses for Operation Epic Fury and domestic missions, including about **$350 million** in roughly 30 days for CENTCOM. Officials and outside experts said the threat now spans Iran-backed drone activity, lessons from the Russia-Ukraine war, unauthorized flights over bases such as **Barksdale Air Force Base**, southern border operations, and security planning for major events including the **2026 FIFA World Cup**. The Defense Department is also testing commercially available systems through Falcon Peak exercises to detect, track, identify, and defeat low-emission and no-emission drones.
May 8, 2026