A Ukrainian strike using American-made missiles to hit targets deep inside Russia has prompted renewed fears of reprisal through “hybrid warfare” – a chaotic tool of conflict that muddies borders and broadens the scope of a frontline.
Over recent years, European nations have witnessed a spate of incidents – cyber-attacks, arson, incendiary devices, sabotage and even murder plots. The aim of such episodes, security officials believe, is to sow chaos, exacerbate social tensions among Ukraine’s allies and disrupt military supplies to Kyiv.
Mark Rutte, the Nato secretary general, has warned that Russia’s “intensifying campaign of hybrid attacks” highlights the way in which Moscow is quickly shifting the frontline from Ukraine “to the Baltic region, to western Europe and even to the high north”.
Such efforts to spread mayhem have taken many forms: even before the full-scale invasion of Ukraine, Moscow was linked to broad disinformation campaigns during the 2016 US election and the Brexit referendum, meant to sow discord and confusion among the electorate through social media.
But the strategy can also narrow to a tighter focus: Estonia fended off a hacking campaign by Russia in 2022, the same year Norwegian police arrested several Russian nationals equipped with drones and cameras who were located near oil and gas infrastructure.
“What is new about attacks seen in recent years is their speed, scale and intensity, facilitated by rapid technological change and global interconnectivity,” Nato said in June. “Counter-hybrid support teams” would provide assistance but it was primarily up to individual countries to protect themselves.
On Tuesday, Matthew Miller, US state department spokesperson, said Washington was “incredibly concerned” about the threat of hybrid warfare and that American diplomats were in close contact with European allies.
Recent incidents have included several conspiracies that could apparently have led to murder or even mass casualties. Over the summer, US and German intelligence reportedly foiled a Russian plot to assassinate European defense industry executives, including the CEO of the leading German arms manufacturer, Rheinmetall.
Last month, British counter-terror police revealed that they had been investigating a suspected Russian sabotage plot involving incendiary devices hidden on a plane to the UK that may also have been a dry run for a similar attack on the US and Canada.
But some of the plots appear to have been crude and amateurish: French intelligence officials believe that a group of Moldovans were recruited to carry out a low-budget antisemitic graffiti campaign using star of David stencils across Paris, in an attempt to amplify societal divisions against the backdrop of the Israel-Gaza war.
And the challenge in fending off hybrid attacks lies in both the vast array of possible targets – which could include military bases, transport and telecoms infrastructure – and the plausible deniability of the attacks.
In January, a group called the Cyber Army of Russia Reborn infiltrated a water tower in Texas, releasing tens of thousands of litres of water before state officials halted the attack.
“Disabling cyberattacks are striking water and waste-water systems throughout the United States,” Jake Sullivan, the national-security adviser, and Michael Regan, the EPA administrator, wrote in a letter to state governors earlier this year. “These attacks have the potential to disrupt the critical lifeline of clean and safe drinking water, as well as impose significant costs on affected communities.”
In many cases, the most vulnerable infrastructure is also poorly protected. A recent cyber-attack on a Canadian facility that treats the wastewater of 1.2 million people avoided catastrophe because the hackers were only able to breach “a limited component of the digital systems”. But the incident exposed the deep weakness of water-treatment facilities across the country.
Ken McCallum, the head of MI5, warned in October that Russian GRU military intelligence was engaged in a campaign to “generate mayhem on British and European streets” using proxies that “further reduces the professionalism of their operations”.