Escalating Russian Hybrid Warfare and Policy Responses in Europe
New analysis warns Russia is likely to escalate its opportunistic hybrid activity in Europe into a more coordinated campaign consistent with New Generation Warfare (NGW) doctrine, integrating cyber operations, influence activity, and sabotage across a broader geographic footprint and at higher tempo. The assessment anticipates more synchronized, multi-domain actions designed to degrade NATO cohesion and readiness—such as pairing physical disruption (for example, airspace violations affecting critical infrastructure like airports) with cyberattacks (for example, DDoS against communications) to amplify operational and psychological impact.
Ukrainian officials are simultaneously pushing for tighter regulation of Telegram, citing its repeated use by Russian intelligence to recruit locals for sabotage and terrorist attacks; the calls followed a deadly incident in Lviv that Ukrainian leadership attributed to Russia and said involved recruitment via Telegram. Separately, polling across major NATO countries indicates strong public support for treating severe hybrid actions—such as cyberattacks that shut down hospitals or power grids and sabotage of undersea cables or energy pipelines—as acts of war, highlighting a growing gap between public sentiment and NATO governments’ typically restrained responses to hybrid aggression.
Sources
Related Stories
Geopolitically Driven Cyber Activity and Hybrid Operations Escalate Across Europe and Major Events
Multiple reports describe an uptick in **state-linked and politically motivated cyber activity** in Europe, framed as part of broader **hybrid warfare**. Dutch intelligence (AIVD/MIVD) warned that Russia is intensifying a mix of cyberattacks, sabotage, disinformation, covert influence, and espionage designed to stay below the threshold of open conflict while testing Western red lines and undermining support for Ukraine. Related policy commentary notes growing calls from European and NATO officials for stronger “strike back” or offensive cyber capacity, but argues that political will and proportional response options—especially against proxy-driven sabotage—remain the limiting factors rather than technical capability. Separately, threat reporting tied to the **2026 Winter Olympics** indicates increased **hacktivist mobilization and targeting chatter** against Olympic-adjacent entities (e.g., transportation, sponsors, and overlapping supply chains), alongside continued targeting of the defense industrial base by a mix of hacktivists, state actors, and cybercriminals. A case study on Venezuela’s Caracas outage during “Operation Absolute Resolve” cautions against attributing major disruptions to “cyber-only” effects when available evidence also indicates substantial **kinetic/physical damage** to substations, underscoring that modern operations may integrate cyber and physical actions and that misframing can distort infrastructure security priorities.
3 weeks agoEU Leadership Warns of Russian Hybrid Warfare Campaign Targeting Europe
European Commission President Ursula von der Leyen publicly warned that Russia is conducting a coordinated hybrid warfare campaign against Europe, combining cyberattacks, sabotage, and disinformation to destabilize the European Union and weaken its support for Ukraine. In a speech before the European Parliament in Strasbourg, von der Leyen cited a surge in security incidents attributed to Russian state-backed actors, including the violation of Estonian airspace by Russian MiG jets and the appearance of drones over critical infrastructure in Belgium, Poland, Romania, Denmark, and Germany. The United Kingdom, though not an EU member, also reported drone incidents near civilian and military sites, prompting the deployment of a counter-drone unit to Denmark during major European summits. Von der Leyen highlighted that these incidents are not isolated but part of a deliberate and escalating campaign designed to test the EU’s resolve and unity. She referenced specific examples such as undersea cable cuts, cyberattacks that paralyzed airports and logistics hubs, and malign influence campaigns targeting European elections. The European Commission president emphasized that these actions are calculated to remain in a "grey zone" of deniability, making attribution and response more complex. She called for urgent action, urging EU leaders to develop a strategic plan in close coordination with NATO to counter these threats. The blueprint for a pan-European security response was presented to EU leaders at a recent summit in Copenhagen. Von der Leyen stressed the need for greater vigilance, technological readiness, and unity among EU member states to deter further aggression and protect European sovereignty. The campaign is seen as a direct attempt to divide the EU and undermine its support for Ukraine amid ongoing conflict. The speech marked a significant escalation in the EU’s public stance on Russian hybrid threats, moving from isolated incident response to recognizing a systematic and strategic campaign. The European Commission’s warning comes amid increasing evidence of Russia’s use of both physical and cyber means to disrupt European stability. The call to action includes enhancing countermeasures against cyberattacks, protecting critical infrastructure, and strengthening information resilience against disinformation campaigns. The EU’s response is expected to involve both defensive and offensive cyber capabilities, as well as closer intelligence sharing with NATO allies. Von der Leyen’s remarks underscore the seriousness with which European leadership now views the hybrid threat landscape, and the necessity for a unified and robust response.
5 months ago
Mobile Networks and Cyber Operations Enabling Drone Warfare in the Russia–Ukraine Conflict
Ukrainian hacktivists linked to the **Fenix cyber analytics center**, supported by **InformNapalm**, reported compromising accounts belonging to dozens of Russian military personnel and gaining access to monitoring systems used by Russian attack-drone operators. The operation allegedly enabled covert, near real-time surveillance of drone-operator activity and the transfer of collected data to Ukrainian Defense Forces, and it was cited in reporting around Ukraine’s decision to sanction Belarusian leader Alyaksandr Lukashenka over Belarus’s role in enabling Russia’s use of **repeater infrastructure** on Belarusian territory to extend UAV control and expand strike reach into northern Ukraine, including against energy and rail targets. Separately, Dutch intelligence services (**AIVD/MIVD**) warned that Russia is intensifying a broader **hybrid warfare** campaign across Europe—combining cyberattacks, sabotage, disinformation, covert influence, and espionage—to undermine public trust and weaken support for Ukraine while staying below the threshold of open war. In parallel, telecom-focused research highlighted how **public mobile networks** are increasingly being used as command/telemetry links for combat drones, citing examples from the Russia–Ukraine war and describing how 4G/5G standards work (e.g., 3GPP enhancements in Releases 15–18) has made cellular-connected UAV operations more feasible—raising infrastructure-security concerns for mobile operators and national critical infrastructure.
3 weeks ago