Russia has dramatically increased sabotage operations across Europe, with the number of attacks on critical infrastructure almost quadrupling since 2023, according to a new report by the International Institute for Strategic Studies (IISS).
The findings align with a growing number of media reports, indictments, and intelligence warnings, which suggest Moscow has made covert sabotage and surveillance operations a key priority to destabilize European governments.
The report highlights that European capitals have struggled to deliver a coordinated response:
“While Russia has so far failed to achieve its primary objectives, European governments have faced challenges in coordinating action, developing effective deterrence, and imposing sufficient costs on the Kremlin.”
Scope of Hybrid Attacks
The so-called hybrid operations attributed to Russia include:
- Arson attacks
- Damage to undersea communication cables
- GPS signal disruptions
- Cyberattacks on IT infrastructure
Most of the identified targets were located in Ukraine or tied to European efforts to supply Ukraine with military and civilian equipment. The surge coincided with Russia’s full-scale invasion of Ukraine in February 2022, peaking in 2023 and 2024.
Interestingly, the report noted a slowdown in sabotage incidents in early 2025, though the reasons remain unclear.
Shift in Russian Tactics
Since the expulsion of dozens of Russian intelligence officers (many operating under diplomatic cover) from European capitals, Moscow has increasingly relied on proxies and recruited intermediaries. Some were allegedly unwitting participants in sabotage plots.
Examples include:
- A March 2024 arson attack on a warehouse in East London storing generators and satellite equipment for Ukraine. UK prosecutors linked the fire to the Wagner Group.
- In July 2025, three men were convicted in the UK for orchestrating that attack.
- Another case saw three Ukrainians accused of attempting to set fire to property linked to British Prime Minister Keir Starmer.
The report stresses that Russia has effectively exploited legal loopholes through a “gig economy approach,” using online recruitment to avoid attribution and accountability.
European Vulnerabilities
The IISS warns that European governments have underinvested in maintaining and protecting critical infrastructure, leaving vulnerabilities exposed. Some NATO members view these unconventional operations as part of Russia’s long-term preparation for a possible military confrontation with NATO.
Moscow has not yet responded to the report.
