Russian sabotage operations in Europe

Russian sabotage operations in Europe refer to a series of covert attacks on European infrastructure and targets since the late 2010s, intensifying after 2022. Western governments and intelligence agencies allege that Russian military or intelligence services have orchestrated acts of sabotage across Europe – including arson, assassinations, explosions, vandalism and electronic interference – as part of a hybrid war aimed at destabilizing countries that support Ukraine during the Russia–Ukraine war. European officials report that the number of suspected Russian sabotage incidents surged in 2023–2024, targeting critical infrastructure (such as pipelines, power and communication cables) as well as civilian and military-related sites. ^{[1] [2] [3] [4] [5] [6] [7]} Officials say the sabotage campaign is largely coordinated by Russian intelligence (notably the GRU) but carried out on the ground by covert operatives or recruited local proxies, allowing Moscow to deny direct involvement. ^{[4] [8] [9] [10]} Russia’s government has denied conducting sabotage in Europe and often blames other actors for the incidents. ^[11] However, by 2025 NATO described the level of sabotage threats as “record high” and warned that Russia’s campaign of subversion poses a serious security challenge across the continent. ^[2]

Background

Main article: Russian hybrid warfare

Russia has a history of covert operations and sabotage in Europe dating back to the Cold War, ^[12] and its military doctrine has long emphasized targeting enemy infrastructure. ^{[5] [13]} In the 2010s, Russian operatives were implicated in isolated sabotage incidents, such as the 2014 Vrbětice ammunition depot explosions in the Czech Republic, which killed two people and were later attributed to agents of Russia’s GRU (Unit 29155). ^{[9] [14]} According to Czech investigators, the GRU operatives (using the same cover identities later linked to the Skripal poisoning) orchestrated the depot blast, allegedly to disrupt arms supplies destined for Ukraine during the 2014 conflict in Donbas. ^[15] This incident foreshadowed Russia’s later sabotage tactics and led to a diplomatic rift (including mass expulsions of Russian diplomats from Prague and Moscow). ^[16] After Russia’s full-scale invasion of Ukraine in February 2022, European governments began reporting a sharp increase in suspicious fires, infrastructure damage and other attacks, identified as part of hybrid warfare, on their soil, often coinciding with rising East–West tensions. ^{[4] [6] [17] [18]} Many of these incidents were initially unexplained or treated as accidents, but came to be seen as possible acts of Russian sabotage as patterns emerged. By 2023, NATO and EU officials publicly warned that Russia was waging a coordinated campaign of subversion and sabotage below the threshold of overt warfare, targeting Europe’s critical infrastructure and civilian morale. ^{[2] [4] [5] [19]} The International Institute for Strategic Studies documented over 50 sabotage events in Europe from 2022 to mid-2025 that were likely linked to Russia, noting a nearly fourfold increase in 2024 compared to the previous year. ^{[4] [5]} European security services assessed that the Kremlin deliberately kept these operations deniable and below a certain level of destruction – causing significant disruption and economic damage, but generally avoiding mass casualties – to reduce the risk of provoking a direct military response from NATO. ^{[4] [5] [10] [20]}

Types of sabotage and incidents

Energy and infrastructure

One major target of the sabotage campaign has been energy infrastructure and communications cables. The most high-profile incident was the Nord Stream pipeline explosions in the Baltic Sea on 26 September 2022, which ruptured sections of the Nord Stream 1 and 2 gas pipelines from Russia to Germany. ^[21] Seismic monitors detected powerful underwater blasts, and investigators from Sweden concluded the pipelines were sabotaged using explosives. ^{[22] [23]} Although as of 2025 no perpetrator has been officially identified, several Western officials have said they suspect Russian involvement, positing that Moscow had motive to damage its own idle pipelines as a false-flag operation and to intimidate Europe’s energy supply (Russia, in turn, accused the U.S. or Ukraine of destroying Nord Stream, which those countries deny). This incident highlighted Europe’s vulnerability to undersea sabotage and prompted NATO to increase patrols around critical pipelines. ^[24]

In 2023–2024, multiple undersea cables and pipelines in the Baltic Sea were mysteriously severed or damaged, heightening suspicions of Russian sabotage. In October 2023, a subsea gas pipeline (the Balticconnector between Finland and Estonia) was ruptured concurrently with a data cable, in what Finland called a deliberate act, though investigations considered whether a vessel’s dragged anchor caused the damage. ^{[25] [26]} in November 2024, two separate fiber-optic internet cables in the Baltic were severed within two days – one linking Finland to Germany and another linking Sweden to Lithuania’s network – immediately prompting joint German-Finnish statements about possible “intentional damage” to critical infrastructure. Shortly afterward, in late December 2024, an undersea power cable between Finland and Estonia (Estlink 2) was cut, along with several nearby telecom cables, causing blackouts and internet outages. Finland seized a Russian-owned ship suspected of involvement, and regional leaders noted the pattern of frequent undersea infrastructure “accidents” since 2022 was unlikely to be coincidental. Although authorities generally stopped short of directly blaming Russia in those cases, the incidents fit a broader context: since 2022, European telecom operators in the Nordic-Baltic region have reported numerous outages from unexplained cable cuts, and Western officials regularly cite Russia as the prime suspect. ^{[27] [28] [29] [30]}

Railway and transportation networks

European rail and transport infrastructure has also been targeted. On 8 October 2022, unknown saboteurs severed two vital Deutsche Bahn fiber-optic cables in Germany, crippling the train signaling network in the north of the country and halting all long-distance and freight rail traffic for about three hours. German officials noted the sophistication of striking redundant communication cables simultaneously, and some raised suspicions of foreign state involvement, with fingers informally pointed at Russia given the geopolitical context. ^[17] A second act of cable sabotage occurred in Germany two months later (December 2022), when cables were cut near the city of Essen, briefly disrupting a regional rail line. ^[31]

Poland, a key transit country for NATO military aid to Ukraine, has also experienced railway sabotage. In August 2023, Polish authorities reported that attackers had used a simple radio signal hack to trigger emergency stop commands on railway frequencies, halting about 20 trains in north-west Poland. The hackers broadcast a rogue signal (interspersed with the Russian anthem), exploiting an unsecured rail communication system; Polish officials labeled it an act of “state-sponsored” sabotage aimed at disrupting transport. ^{[32] [33]} Though no culprits were caught immediately, the incident heightened concerns about Russian interference, as it followed the arrest of a Russian spy ring in Poland earlier in 2023 that had allegedly been plotting sabotage of rail lines and arms transports. Polish prosecutors later revealed that more than a dozen individuals, reportedly working at the behest of Russian intelligence, were charged with preparing acts of sabotage against Polish transport infrastructure and were found with hidden cameras monitoring railway lines used for Ukraine-bound shipments. ^{[34] [35]} NATO officials have acknowledged instances of train derailment attempts and other transit sabotage as part of the broader campaign to disrupt logistics. ^[2]

Arson attacks and urban sabotage

See also: Incendiary incidents in Europe 2024

In recent years, a wave of arson and bomb hoaxes has hit commercial or symbolic targets around Europe, often causing fear and chaos. Poland and Lithuania saw some of the most serious cases. On 11 May 2024, a massive fire gutted the Marywilska 44 shopping center in Warsaw – one of the city’s largest markets with over 1,000 shops – overnight, although without casualties. Polish investigators soon determined that the blaze was the result of arson orchestrated by Russia’s secret services: conspirators for hire had been paid to set the mall on fire, apparently as part of Moscow’s efforts to destabilize Poland. In 2025, after a year-long probe, Poland’s prime minister announced that evidence proved the fire was set on orders from a GRU officer in Russia; several suspects (recruited intermediaries) were arrested in Poland and Lithuania in connection with the plot. ^{[8] [36] [37]}

Lithuania had suffered a similar incident just days before the Warsaw fire: on 8 May 2024, an IKEA store in Vilnius was set ablaze after closing hours. There were no injuries, but Lithuanian prosecutors later labeled it an act of “terrorism” by Russia’s GRU. Two Ukrainian nationals were charged as the on-the-ground perpetrators in the Ikea case (one was arrested in Lithuania, the other in Poland), and investigators found they had been promised €10,000 by Russian handlers to ignite bombing or fire attacks at multiple shopping centers in Lithuania and Latvia. Authorities in Vilnius and Warsaw considered it likely that the same Russian-linked network was behind both the Ikea fire and the Warsaw mall arson, using cut-outs to hire individuals from third countries (including citizens of Ukraine or Belarus) as saboteurs. In response to these findings, Poland in May 2025 expelled Russian diplomats and ordered the closure of Russia’s consulate in Kraków. ^[38]

Several incendiary attacks have also been recorded in Western Europe. In the United Kingdom, an arson plot targeted a factory and warehouse complex owned by a Ukrainian businessman in east London. On 20 March 2024, the facility – which had been involved in supplying protective gear to Ukraine – was set on fire, causing extensive damage. British police arrested a group of suspects and revealed that the ringleader had been recruited online and directed by individuals linked to the Russian mercenary Wagner Group to carry out the arson. ^{[39] [40] [41]} France experienced a striking intimidation incident in 2024 rather than an outright attack: on 1 June 2024, early morning visitors to the Champ de Mars in Paris found five wooden coffins draped in French flags arranged at the foot of the Eiffel Tower. Each coffin was painted with the words “French soldiers in Ukraine”. French authorities treated it as a hostile propaganda stunt; three men (one of whom had ties to a pro-Russian extremist group) were arrested and charged with threatening national security. The incident came just weeks after unknown vandals defaced a Holocaust memorial in Paris with pro-Russian graffiti, leading French intelligence to examine possible links between these events as part of a Russian campaign of psychological pressure in France. ^{[42] [43] [44]} The Russian government officially denied any connection to the Eiffel Tower coffins, dismissing it as a “provocation”. ^{[43] [45]}

Other smaller-scale incidents attributed (by Western officials) to the sabotage campaign include vandalism or threats against politicians. For example, in early 2023, Estonia’s interior minister had his car windows smashed and a Molotov cocktail thrown at his property on the same night a prominent investigative journalist’s car was similarly vandalized – acts Estonia’s security service linked to Russian agents seeking to intimidate pro-Ukraine figures. ^[46] In Germany, officials have reported instances of suspected sabotage or spying around Bundeswehr bases involved in training Ukrainian soldiers – for instance, unexplained small drones spotted over training ranges. ^[17] On 26 June 2025, several Rheinmetall military trucks were set on fire at Erfurt and three of them destroyed in a suspected sabotage attack launched by Russian operatives. ^[47]

Electronic interference (GPS and communications)

Russian sabotage efforts have not been limited to physical destruction; they also encompass electronic warfare techniques, especially GPS jamming and spoofing across Northern and Eastern Europe. Since 2022, Nordic and Baltic states have lodged frequent reports of powerful interference with satellite navigation signals near their borders – disruptions that have affected civilian airliners, ships, and drones over broad areas. ^[48] For example, Finland’s civil aviation authority noted that incidends of GPS outage attributable to jamming from across the Russian borde have significantly increased in frequency since the war in Ukraine begun. ^{[49] [50]} In one high-profile case in April 2023, Finland’s national airline Finnair had to suspend flights to the city of Tartu, Estonia, after multiple passenger planes experienced loss of GPS during approach, presumably due to Russian electronic interference in the region. ^[48] Similarly, Norway and Sweden have reported that military exercises and civilian air traffic in their far northern areas have been periodically impaired by cross-border jamming signals originating from Russia’s Kola Peninsula (home to significant Russian military bases). ^{[48] [51] [52]}

In September 2025, an aircraft carrying European Commission President Ursula von der Leyen experienced GPS jamming while flying through Bulgarian airspace; NATO officials stated this was the latest of roughly 80 such jamming incidents recorded since 2022, all blamed on Russian electronic warfare units operating from Kaliningrad, Leningrad and Pskov regions, allof them hosting Russian military bases. ^{[48] [53]} Russia officially claims any GPS interference is a defensive measure to protect its territory (for instance, to confuse potential Ukrainian drones). However, Baltic officials counter that the radius and frequency of the jamming far exceed any reasonable defensive need, suggesting it is meant to disrupt and intimidate. The NATO Secretary-General in 2024 warned that pervasive GPS interference could have “potentially disastrous effects” if, for example, it caused an aviation accident or hindered emergency services, underscoring that this form of sabotage is also part of Russia’s campaign against Europe. ^[48]

In addition to GPS jamming, European governments have faced waves of hoax bomb threats and cyber-sabotage tied to Russia. Throughout 2022–2023, numerous schools, airports, and public buildings in countries like Poland, the Czech Republic and Italy received coordinated false bomb threat emails or phone calls traced to pro-Russian actors, aiming to sow panic and disruption. ^{[54] [55]} While these threats did not result in physical attacks, they caused evacuations and economic losses. Additionally, Russia’s cyber units (often in coordination with physical sabotage efforts) targeted critical systems. ^{[56] [57] [58] [59]} Poland has became one of the primary cyberattack targets Europe, with many of these attacks originating from Russia. ^{[60] [61]}

Attribution and Russian tactics

European security agencies attribute the sabotage campaign primarily to units of the Russian military intelligence agency (GRU), often specifically Unit 29155 – a clandestine sub-unit known for overseas covert operations. ^{[9] [14]} Investigations in multiple countries (Poland, Lithuania, Czechia, Germany, the UK, among others, with Europol support) have uncovered overlapping patterns: the perpetrators on the ground are usually not Russian nationals or official operatives, but rather hired proxies recruited from third countries (including immigrants, petty criminals, or individuals with hacking skills). These individuals are typically recruited via encrypted online platforms (like Telegram forums on “work offers”) and often do not know they are ultimately working for the Russian state. They are paid in cryptocurrencies or via untraceable methods, and given instructions to carry out tasks such as starting fires, planting dummy bombs, or cutting cables. According to European intelligence officials, the Russian officers directing this campaign remain on Russian territory (often coordinating via Belarus as well) and communicate through layers of cut-outs to maintain plausible deniability. ^{[4] [5] [10] [56] [62]}

The campaign’s hallmarks are decentralization and piecemeal tactics: rather than a single large operation, it consists of dozens of low-level attacks across different countries, making it harder to conclusively attribute each event. Nonetheless, as evidence accumulated (surveillance of financial flows, decrypted communications, captured agents’ testimonies), several governments publicly pointed to Russia. By 2023–24, Poland and Lithuania had openly accused the GRU of specific sabotage acts, the UK had proscribed the Wagner Group (linked to plots on its soil) as a terrorist organization, and NATO began sharing intelligence on what it called “Russia’s shadow warfare” in member states. ^{[4] [5] [8] [38] [63]} Intelligence assessments indicate that the objectives of Russia’s sabotage campaign are primarily psychological and political: to spread a sense of insecurity among European publics, to strain governments with emergency responses, and to signal that Russia can retaliate unconventionally against countries arming Ukraine. ^{[4] [5] [64]}

Crucually, most confirmed sabotage incidents avoided large-scale casualties or irreversible damage to strategic assets; analysts believe the Kremlin calibrated them to be disruptive but not overt acts of war. However, some plots suggested potential escalation: in mid-2024, Western intelligence reportedly foiled a Russian plan to send letter bombs or explosive parcels to targets in the United States (via Europe), which if executed could have caused civilian airliner disasters – a step that alarmed officials as crossing a red line. U.S. authorities unofficially warned Moscow against such high-casualty terror attacks, and the plot was aborted. ^[10] However, a similar plan has been identified in motion in summer of 2025. Investigations reported packages containing incendiaries routed via EU hubs and the UK; officials suspected a Russia-directed test of air-cargo routes, with arrests and extraditions in multiple states. ^{[65] [66]}

In another instance, a foiled assassination plot against the CEO of German arms manufacturer Rheinmetall (Armin Papperger) came to light in 2024; Russian intelligence operatives allegedly planned to kill him in response to Rheinmetall’s pivotal role in supplying Ukraine, but NATO officials disclosed they had thwarted it as part of a broader sabotage campaign. ^{[2] [67] [68] [69] [70]}

European responses

European states and NATO have taken a range of countermeasures in response to the sabotage campaign. Security services in affected countries have ramped up surveillance and arrests of suspected saboteurs. For instance, Poland conducted multiple waves of detentions in 2022–2023, ultimately charging over 30 individuals (from Russia, Belarus, and Ukraine) in connection with planned acts of espionage or sabotage on Polish territory. ^{[34] [71]} In Czechia, authorities banned or shut down local Russophil extremist groups and disinformation outlets that were suspected of abetting sabotage or violent plots (often at the encouragement of Russian handlers). ^[72]

Diplomatic expulsions have also been used as a tool: in March 2022, following early sabotage fears, multiple EU countries expelled dozens of Russian diplomats (often suspected intelligence officers). This continued into 2023–25; for example, after uncovering the Warsaw shopping mall arson, Poland expelled 45 Russian officials and closed Russia’s consulate in Kraków, while Bulgaria and the Baltic states likewise reduced Russian diplomatic presence citing security concerns. ^{[73] [74]} NATO, for its part, created a special Critical Undersea Infrastructure Cell in 2023 to improve monitoring and protection of pipelines and cables, and began coordinating allied navies to patrol at-risk maritime zones (such as the North Sea and Baltic Sea). ^[75] The European Union has similarly launched initiatives to bolster infrastructure resilience, including stress-testing energy networks and increasing intelligence-sharing about hybrid threats. ^[76] Throughout 2023 and 2024, several European countries raised their domestic threat levels in response to sabotage fears. Norway, for example, put its oil and gas sector on high alert and deployed soldiers to guard energy installations after mysterious drone sightings and the discovery of tracking devices near offshore platforms (suspected Russian espionage preparing for sabotage). ^[77]

Despite these efforts, officials caution that completely stopping the sabotage campaign is difficult as long as Russia chooses to pursue it. European governments have tried to deter Moscow by signalling that major destructive attacks (especially causing loss of life) would trigger strong responses. NATO Deputy Secretary-General Mircea Geoană stated in 2024 that allies have “communicated red lines” to the Kremlin regarding sabotage, implying that certain aggressive actions (like causing civilian deaths or crippling vital infrastructure) could provoke a direct confrontation – a message meant to keep Russia’s hybrid tactics within limits. ^[20] At the NATO summit in Vilnius (July 2023), member states agreed to treat certain malicious hybrid attacks (in particular, cyberattacks) on infrastructure with the same seriousness as an armed attack, potentially invoking Article 5 collective defense on a case-by-case basis. ^[78] As of 2025, investigations and court cases related to Russian sabotage are ongoing across Europe. Many incidents remain officially unsolved, but there is a growing public record – from court verdicts in Poland and the UK, to intelligence reports in the Baltics – attributing responsibility to Russia. ^{[5] [10] [79] [80]}

See also

• 2024 Baltic Sea submarine cable disruptions
• Diplomatic expulsions during the Russo-Ukrainian War
• Incendiary incidents in Europe 2024
• Russian disinformation
• Russian hybrid warfare
• Russian interference in the 2024 United States elections
• Russian shadow fleet
• Russia–European Union relations
• Severing of the Svalbard undersea cable
• Transnational repression by Russia
• Violations of non-combatant airspaces during the Russian invasion of Ukraine

References

1. Strzelecki, Marek (11 May 2025). "Poland says Russian secret service behind 2024 fire in Warsaw shopping centre". Reuters. Retrieved 6 September 2025.
2. Siebold, Sabine (28 January 2025). "Murder plot against Rheinmetall CEO was part of sabotage campaign, NATO says". Reuters. Retrieved 6 September 2025.
3. Ahlander, Johan; Lehto, Essi; Sytas, Andrius (18 November 2024). "Two undersea cables in Baltic Sea cut, Germany and Finland fear sabotage". Reuters. Retrieved 6 September 2025.
4. "Russian sabotage attacks surged across Europe in 2024". The Economist . 1 August 2025. Retrieved 6 September 2025.
5. Berngruber, Tom (3 August 2025). "The Scale of Russian Sabotage Operations Against Europe's Critical Infrastructure". International Institute for Strategic Studies (IISS). Retrieved 6 September 2025.
6. Eckel, Mike (2025-08-20). "Huge Reported Spike In Russian Sabotage Operations". Radio Free Europe/Radio Liberty. Retrieved 2025-09-06.
7. Schuurman, Bart (2025-09-11). "Russia Is Stepping Up Its Covert War Beyond Ukraine". Foreign Policy. Retrieved 2025-09-06.
8. Walker, Shaun (12 May 2025). "Poland to close Russian consulate in Kraków over Warsaw fire". The Guardian . Retrieved 6 September 2025.
9. Roth, Andrew; Dan Sabbagh (19 April 2021). "Russia expels 20 Czech diplomats in tit-for-tat response". The Guardian . Retrieved 6 September 2025.
10. Walker, Shaun (2025-05-04). "'These people are disposable': how Russia is using online recruits for a campaign of sabotage in Europe". The Guardian. ISSN   0261-3077 . Retrieved 2025-09-06.
11. "Western officials say Russia is behind a campaign of sabotage across Europe. This AP map shows it". AP News. 2025-03-21. Retrieved 2025-09-06.
12. Buchet, Ninon de (2025-08-26). "Hybrid Threats and the Evolution of Russian Sabotage". E-International Relations. Retrieved 2025-09-06.
13. Cafarella, Jennifer (2020-09-25). "Russian Hybrid Warfare". Institute for the Study of War. Retrieved 2025-09-06.
14. "Top Secret Russian Unit Seeks to Destabilize Europe, Security Officials Say". New York Times. 2019-10-08. Retrieved 2025-09-06.
15. "Czechs Blame 2014 Blasts at Ammunition Depots on Elite Russian Spy Unit". New York Times. 2021-04-18. Retrieved 2025-09-06.
16. Tait, Robert (18 April 2021). "Czech Republic expels 18 Russian diplomats over 2014 ammunition depot blast". The Telegraph . Retrieved 6 September 2025.
17. Hoyer, Katja (25 October 2022). "Germans are under attack. Can they adapt?". The Washington Post . Retrieved 6 September 2025.
18. "Russia's hybrid war in Europe enters a dangerous new phase". IISS. Archived from the original on 2025-07-13. Retrieved 2025-09-07.
19. "Russian hybrid threats: EU lists nine individuals and six entities responsible for destabilising actions in the EU and Ukraine". Consilium. Retrieved 2025-09-06.
20. Reuters (2024-11-27). "Russia's sabotage of western targets 'could trigger Nato defence clause'". The Guardian. ISSN   0261-3077 . Retrieved 2025-09-06.{{cite news}}: |last= has generic name (help)
21. Adomaitis, Nerijus; Johan Ahlander (21 August 2025). "What is known about the Nord Stream gas pipeline explosions?". Reuters. Retrieved 6 September 2025.
22. "Sweden finds explosive traces at Nord Stream blast sites, confirms sabotage". The Washington Post. 2022-11-18. ISSN   0190-8286 . Retrieved 2025-09-06.
23. Henley, Jon; correspondent, Jon Henley Europe (2022-11-18). "'Gross sabotage': traces of explosives found at sites of Nord Stream gas leaks". The Guardian. ISSN   0261-3077 . Retrieved 2025-09-06.{{cite news}}: |last2= has generic name (help)
24. Cole, Deborah (2024-08-19). "Russia criticises German progress in Nord Stream sabotage inquiry". The Guardian. ISSN   0261-3077 . Retrieved 2025-09-06.
25. "Finland: Pipeline leak likely caused by 'external activity'". dw.com. 10 October 2023. Retrieved 2025-09-06.
26. "Beijing admits Chinese ship destroyed key Baltic gas pipeline 'by accident'". South China Morning Post. 2024-08-12. Retrieved 2025-09-06.
27. Lehto, Essi; Anna Ringstrom; Lili Bayer (27 December 2024). "NATO to boost Baltic Sea presence after cables broken". Reuters. Retrieved 6 September 2025.
28. Bryant, Miranda; correspondent, Miranda Bryant Nordic (2025-08-11). "Finland charges tanker crew members with sabotage of undersea cables". The Guardian. ISSN   0261-3077 . Retrieved 2025-09-06.{{cite news}}: |last2= has generic name (help)
29. Kauranen, Anne; Kauranen, Anne (2025-01-15). "Baltic Sea sabotage crew were poised to cut more cables when caught, Finland Says". Reuters. Retrieved 2025-09-06.
30. Ahlander, Johan; Lehto, Essi; Sytas, Andrius; Lehto, Essi; Sytas, Andrius (2024-11-18). "Two undersea cables in Baltic Sea cut, Germany and Finland fear sabotage". Reuters. Retrieved 2025-09-06.
31. "Repeat sabotage suspected after German railway cables cut". Reuters. 6 September 2025. Retrieved 6 September 2025.
32. Ap (2023-08-28). "Poland Investigates Disruptions To Train Traffic To Ukraine". Radio Free Europe/Radio Liberty. Retrieved 2025-09-06.
33. Main, Nikki (2023-08-28). "Poland's Railways Halted by a Simple Radio Hack". Gizmodo. Retrieved 2025-09-06.
34. "Russian spy network accused of sabotage arrested in Poland". BBC. 2023-03-15. Retrieved 2025-09-06.
35. "Russia recruited operatives online to target weapons crossing Poland". The Washington Post. 2023-08-18. ISSN   0190-8286 . Retrieved 2025-09-06.
36. "Poland blames Russian intelligence for arson attack on Warsaw shopping center last year". CNN. 2025-05-11. Retrieved 2025-09-06.
37. "Poland confirms Russia behind fire that destroyed Warsaw's biggest shopping centre". Notes From Poland. 2025-05-12. Retrieved 2025-09-06.
38. Agence France-Presse (AFP) in Vilnius (17 March 2025). "Russia behind arson attack on Ikea store in Lithuanian capital, says prosecutor". The Guardian . Retrieved 6 September 2025.
39. Sinmaz, Emine (25 October 2024). "Leicestershire man admits arson attack on Ukraine-linked business in London". The Guardian . Retrieved 6 September 2025.
40. "Three men found guilty of Wagner Group-linked arson attack in London". www.bbc.com. 2025-07-08. Retrieved 2025-09-06.
41. "Man admits arson over London warehouse fire linked to Russia". www.bbc.com. 2024-10-25. Retrieved 2025-09-06.
42. Willsher, Kim (2024-06-03). "Russian interference suspected after coffins draped with tricolour placed at Eiffel Tower". The Guardian. ISSN   0261-3077 . Retrieved 2025-09-06.
43. "Cercueils devant la tour Eiffel : la Russie assure ne « pas interférer dans les affaires intérieures de la France »" (in French). 2024-06-04. Retrieved 2025-09-06.
44. Chrisafis, Angelique (2024-05-22). "France 'investigating whether Russia behind' graffiti on Holocaust memorial". The Guardian. ISSN   0261-3077 . Retrieved 2025-09-06.
45. "Russia denies Eiffel Tower coffin stunt an anti-Ukraine undertaking". Al Jazeera . 4 June 2024. Retrieved 6 September 2025.
46. "Estonian Internal Security Service apprehended suspects for wrecking cars belonging to Minister of Internal Affairs and a journalist | Kaitsepolitseiamet". kapo.ee. Archived from the original on 2025-03-18. Retrieved 2025-09-06.
47. "KGB-style strike: Russia destroys NATO vehicles deep inside Germany — has Moscow adopted Ukraine's playbook?". The Economic Times. 2025-06-27. ISSN   0013-0389 . Retrieved 2025-09-10.
48. Burrows, Emma (2 September 2025). "What to know about Russia's GPS jamming operation in Europe". ABC News. Associated Press. Retrieved 6 September 2025.
49. Reuters (2022-03-09). "Finland reports GPS disturbances in aircraft flying over Russia's Kaliningrad". The Guardian. ISSN   0261-3077 . Retrieved 2025-09-06.{{cite news}}: |last= has generic name (help)
50. "USU: GPS interference affecting almost all Finnish airports". News. 2025-01-14. Retrieved 2025-09-06.
51. "Sweden says Russia behind surge in GPS jamming over Baltic Sea". www.bbc.com. 2025-09-04. Retrieved 2025-09-06.
52. Porter, Tom. "Nordic countries are struggling to fly planes because Russian jamming is screwing with GPS: report". Business Insider. Retrieved 2025-09-06.
53. "EU chief von der Leyen's plane hit by suspected Russian GPS interference". www.bbc.com. 2025-09-01. Retrieved 2025-09-06.
54. "Bomb Threats: Disruption at European airports". Osprey Flight Solutions. Retrieved 2025-09-06.
55. "Czech Republic blames Russia for school bomb threats". euronews. 2024-11-19. Retrieved 2025-09-06.
56. O'Carroll, Lisa; O’Carroll, Lisa (2025-03-18). "Russia using criminal networks to drive increase in sabotage acts, says Europol". The Guardian. ISSN   0261-3077 . Retrieved 2025-09-06.
57. Contributor, Inkstick (2025-06-09). "Eastern Europe's Cyber Reckoning: Russia's Digital Threat Is Forcing a Strategic Shift". Inkstick. Retrieved 2025-09-06.{{cite web}}: |last= has generic name (help)
58. "Russian cyber and information warfare and its impact on the EU and UK | Feature from King's College London". www.kcl.ac.uk. Retrieved 2025-09-06.
59. R\u00f6mer, Klaus (11 March 2022). "Russian cyberattack on satellite network blamed for German wind turbine outage". Handelsblatt. Retrieved 6 September 2025.
60. "Polska głównym celem. Wyprzedziliśmy Ukrainę i Izrael". TVN24 Biznes (in Polish). 2025-08-24. Retrieved 2025-09-06.
61. "Gawkowski o bezprecedensowej próbie ingerencji Rosji w wybory w Polsce". euronews (in Polish). 2025-05-08. Retrieved 2025-09-06.
62. "Russia's recruitment of immigrants to carry out spying and sabotage is a new threat to Poland". Notes From Poland. 2025-04-09. Retrieved 2025-09-06.
63. Reynolds, Jordan (2023-09-06). "Russia's Wagner group to be declared a terrorist organisation by UK". The Standard. Retrieved 2025-09-06.
64. "How to interpret the Russian sabotage campaign in Europe". Global Strategy. 2024-11-13. Retrieved 2025-09-06.
65. "Incendiary device plot targeting UK may have been dry run for US and Canada". The Guardian. 4 November 2024. Retrieved 6 September 2025.
66. "Explosive sex toys and cosmetics: the story behind the DHL parcels plot". The Guardian. 5 May 2025. Retrieved 6 September 2025.
67. Pleitgen, Katie Bo Lillis, Natasha Bertrand, Frederik (2024-07-11). "Exclusive: US and Germany foiled Russian plot to assassinate CEO of arms manufacturer sending weapons to Ukraine | CNN Politics". CNN. Retrieved 2025-09-06.
68. "NATO: There was officially a Russian plot to kill European weapons chief". POLITICO. 2025-01-28. Retrieved 2025-09-06.
69. "Ukraine war: German shock at reported Russian assassination plot". www.bbc.com. 2024-07-12. Retrieved 2025-09-06.
70. "Murder plot against Rheinmetall CEO was part of sabotage campaign, NATO says". Reuters. 2025-01-28. Retrieved 2025-09-06.
71. "Poland says more than 30 suspects face trial over pro-Russian sabotage". therecord.media. Retrieved 2025-09-06.
72. AFP (2024-03-27). "Czechs Bust Major Russian Propaganda Network". The Moscow Times. Retrieved 2025-09-06.
73. Sabbagh, Dan (2022-07-21). "Half of Russian spies in Europe expelled since Ukraine invasion, says MI6 chief". The Guardian. ISSN   0261-3077 . Retrieved 2025-09-06.
74. Corder, Mike (2022-03-29). "Europeans expel dozens of Russian 'masquerading as diplomats' amid espionage fears". The Times of Israel. ISSN   0040-7909 . Retrieved 2025-09-06.
75. NATO. "NATO stands up undersea infrastructure coordination cell". NATO. Retrieved 2025-09-06.
76. "EU seeks to boost infrastructure protection after Nord Stream blasts". Reuters. 2022-10-18. Retrieved 2025-09-06.
77. "Norway Deploys Soldiers At Oil, Gas Plants In Wake Of Nord Stream Leaks". Radio Free Europe/Radio Liberty. 2022-10-03. Retrieved 2025-09-06.
78. Bajarūnas, Eitvydas (2025-02-11). "Using NATO's Article 5 Against Hybrid Attacks". CEPA. Retrieved 2025-09-06.
79. Press, The Associated (2025-07-18). "AP intelligence reporting exposes growing Russian sabotage efforts around Europe". The Associated Press. Retrieved 2025-09-06.
80. "Russian Sabotage Campaign in Europe (2024–2025). Risks for aviation, supply chain and critical infrastructures". HOZINT | Horizon Intelligence. 2025-05-05. Retrieved 2025-09-06.