Listen on * Spotify * Apple Music * Amazon Music Kriege werden längst auch unsichtbar geführt: im Netz, über Desinformation, Sabotage und Angriffe auf kritische Infrastruktur. Cyberattacken auf Flughäfen, Stromnetze und Behörden zeigen, wie real die Bedrohung bereits ist. In diesem Berlin Playbook Spezial spricht Rixa Fürsen mit Thomas Daum, Vizeadmiral der Bundeswehr und Inspekteur für Cyber- und Informationsraum, über die neue Eskalationsstufe hybrider Angriffe. Daum erklärt, warum Cyberangriffe heute gezielt Unruhe stiften sollen, wie eng sie mit Desinformation verzahnt sind und weshalb Deutschland sich nicht erst auf das oft genannte Jahr 2029, sondern auf frühere Szenarien einstellen muss. Das Berlin Playbook als Podcast gibt es jeden Morgen ab 5 Uhr. Gordon Repinski und das POLITICO-Team liefern Politik zum Hören – kompakt, international, hintergründig. Für alle Hauptstadt-Profis: Der Berlin Playbook-Newsletter bietet jeden Morgen die wichtigsten Themen und Einordnungen. Jetzt kostenlos abonnieren. Mehr von Host und POLITICO Executive Editor Gordon Repinski: Instagram: @gordon.repinski | X: @GordonRepinski. POLITICO Deutschland – ein Angebot der Axel Springer Deutschland GmbH Axel-Springer-Straße 65, 10888 Berlin Tel: +49 (30) 2591 0 information@axelspringer.de Sitz: Amtsgericht Berlin-Charlottenburg, HRB 196159 B USt-IdNr: DE 214 852 390 Geschäftsführer: Carolin Hulshoff Pol, Mathias Sanchez Luna

U.S. President Donald Trump suggested Saturday that the U.S. used cyberattacks or other technical capabilities to cut power off in Caracas during strikes on the Venezuelan capital that led to the capture of Venezuelan President Nicolás Maduro. If true, it would mark one of the most public uses of U.S. cyber power against another nation in recent memory. These operations are typically highly classified, and the U.S. is considered one of the most advanced nations in cyberspace operations globally. “It was dark, the lights of Caracas were largely turned off due to a certain expertise that we have, it was dark, and it was deadly,” Trump said during a press conference at Mar-a-Lago detailing the operation. Gen. Dan Caine, chair of the Joint Chiefs of Staff, said during the same press conference that U.S. Cyber Command, U.S. Space Command and combatant commands “began layering different effects” to “create a pathway” for U.S. forces flying into the country early Saturday. Caine did not elaborate on what those “effects” entailed. Spokespeople for the White House, Cyber Command and Space Command did not respond to requests for comment on the cyber operations in Venezuela. Internet tracking group NetBlocks reported a loss of internet connectivity in Caracas during power cuts early Saturday morning. Alp Toker, founder of NetBlocks, said in an email Saturday that if cyberattacks contributed to these outages, “it will have been targeted, not impacting the broader network space.” Saturday’s offensive marked the latest cyberattack targeting Venezuelan infrastructure in recent weeks. Venezuelan national oil and gas company PDVSA, or Petróleos de Venezuela, S.A., last month accused the U.S. government of carrying out a cyberattack that led to delays in operations across the country. The Trump administration has not publicly commented on whether the U.S. was involved in the December attack. PDVSA said its facilities were not damaged in the strikes on Saturday.

In the desolate Arctic desert of Kangerlussuaq, Greenland, Europeans are building defenses against a new, up-and-coming security threat: space hacks. A Lithuanian company called Astrolight is constructing a ground station, with support from the European Space Agency, that will use laser beams to download voluminous data from satellites in a fast and secure manner, it announced last month.  It’s just one example of how Europe is moving to harden the security of its satellites, as rising geopolitical tensions and an expanding spectrum of hybrid threats are pushing space communications to the heart of the bloc’s security plans. For years, satellite infrastructure was treated by policymakers as a technical utility rather than a strategic asset. That changed in 2022, when a cyberattack on the Viasat satellite network coincided with Russia’s invasion of Ukraine.   Satellites have since become popular targets for interference, espionage and disruption. The European Commission in June warned that space was becoming “more contested,” flagging increasing cyberattacks and attempts at electronic interference targeting satellites and ground stations. Germany and the United Kingdom warned earlier this year of the growing threat posed by Russian and Chinese space satellites, which are regularly spotted spying on their satellites.  EU governments are now racing to boost their resilience and reduce reliance on foreign technology, both through regulations like the new Space Act and investments in critical infrastructure. The threat is crystal clear in Greenland, Laurynas Mačiulis, the chief executive officer of Astrolight, said. “The problem today is that around 80 percent of all the [space data] traffic is downlinked to a single location in Svalbard, which is an island shared between different countries, including Russia,” he said in an interview. Europe’s main Arctic ground station sits in Svalbard and supports both the navigation systems of Galileo and Copernicus. While the location is strategic, it is also extremely sensitive due to nearby Russian and Chinese activities. Crucially, the station relies on a single undersea cable to connect to the internet, which has been damaged several times. “In case of intentional or unintentional damage of this cable, you lose access to most of the geo-intelligence satellites, which is, of course, very critical. So our aim is to deploy a complementary satellite ground station up in Greenland,” Mačiulis said. THE MUSK OF IT ALL A centerpiece of Europe’s ambitions to have secure, European satellite communication is IRIS², a multibillion-euro secure connectivity constellation pitched in 2022 and designed to rival Elon Musk’s Starlink system. “Today, communications — for instance in Ukraine — are far too dependent on Starlink,” said Anders Fogh Rasmussen, the founding chairman of political consultancy Rasmussen Global, speaking at an event in Brussels in November. “That dependence rests on the shifting ideas of an American billionaire. That’s too risky. We have to build a secure communications system that is independent of the United States.” The European system, which will consist of 18 satellites operating in low and medium Earth orbit, aims to provide Europe with fast and encrypted communication. “Even if someone intercepts the signal [of IRIS² ], they will not be able to decrypt it,” Piero Angeletti, head of the Secure Connectivity Space Segment Office at the European Space Agency, told POLITICO. “This will allow us to have a secure system that is also certified and accredited by the national security entities.” The challenge is that IRIS² is still at least four years away from becoming operational. WHO’S IN CHARGE? While Europe beefs up its secure satellite systems, governments are still streamlining how they can coordinate cyber defenses and space security. In many cases, that falls to both space or cyber commands, which, unlike traditional military units, are relatively new and often still being built out. Clémence Poirier, a cyberdefense researcher at the Center for Security Studies at ETH Zurich, said that EU countries must now focus on maturing them. “European states need to keep developing those commands,” she told POLITICO. “Making sure that they coordinate their action, that there are clear mandates and responsibilities when it comes to cyber security, cyber defensive operations, cyber offensive operations, and also when it comes to monitoring the threat.” Industry, too, is struggling to fill the gaps. Most cybersecurity firms do not treat space as a sector in its own right, leaving satellite operators in a blind spot. Instead, space systems are folded into other categories: Earth-observation satellites often fall under environmental services, satellite TV under media, and broadband constellations like Starlink under internet services. That fragmentation makes it harder for space companies to assess risk, update threat models or understand who they need to defend against. It also complicates incident response: while advanced tools exist for defending against cyberattacks on terrestrial networks, those tools often do not translate well to space systems. “Cybersecurity in space is a bit different,” Poirier added. “You cannot just implement whatever solution you have for your computers on Earth and just deploy that to your satellite.”

BRUSSELS — The European Union should stay the course to create a joint intelligence agency by building trust among national spy services, a senior adviser to the bloc on its security and crisis response plans has warned. “If we can build enough trust, we can also build the agency,” former Finnish President Sauli Niinistö told POLITICO in an interview. European Commission President Ursula von der Leyen tapped Niinistö last year to draft a report on how the EU could strengthen its civilian and defense preparedness in an increasingly unpredictable world — similar to the advisory reports penned by former Italian premiers Mario Draghi on Europe’s competitiveness problem and Enrico Letta on the future of the EU’s single market. Niinistö’s report, published one year ago this Thursday, recommended creating a “fully fledged intelligence cooperation service” at the EU level to bridge gaps between national agencies and improve early warning capabilities. Europe is seeking to bolster its joint intelligence capabilities as it faces a crisis in relations with the United States and a growing threat from Russia. In the past year, many national capitals have embedded intelligence officials in their Brussels representation offices and the European Union’s in-house intelligence unit has started briefing top-level officials. But security services have deep, decades-old trust issues. New revelations that Hungarian intelligence officials disguised as diplomats tried to infiltrate the EU institutions show how governments within the EU still keep close watch over each other. “The idea of a European intelligence agency, it is more for the future and we have to develop toward that,” Niinistö acknowledged. Since publishing his report, the European Commission came out with the Preparedness Union Strategy in May to better anticipate, prevent, and respond to hybrid threats including cyberattacks, sabotage, disinformation campaigns and the impact of climate change. It also announced the ReArm Europe plan, a €800 billion initiative to boost European defense spending and military readiness. COMING TO GRIPS WITH WAR The 77-year-old statesman said Europeans should get used to the idea of war in order to allow governments to scale up their defenses. “My ideal situation is that people in Europe — all over Europe — understand that security is the foundation of everything,” Niinistö said, adding he “would like to see a change of mindset.” For Niinistö, the challenge is not only political but psychological. Democracies, he noted, move at the pace of public opinion — and without broad recognition of the need for stronger defenses, governments will struggle to act decisively. “To a certain extent, I think it’s developing positively — that people, even in countries not located on the frontline with Russia, start to understand why it is important,” he said. Niinistö stepped down as president in 2024. | Ina Fassbender/AFP via Getty Images Niinistö stepped down as president in 2024. He steered Finland through its NATO accession, which was completed in April 2023. The former president pointed to shifting global dynamics. He cited the recent Shanghai Cooperation Organisation summit in Tianjin as evidence that China is seeking to project political as well as military power on the world stage, as it pushed for a“fairer multipolar world” and tighter security cooperation with members. “That was a clear message,” he said. The former Finnish leader warned that Europe can no longer afford to rely indefinitely on the United States for its protection. Washington, he noted, is increasingly preoccupied with other regions, which would leave Europe more exposed in the years ahead. “Europe needs to be able to take care of itself by developing its own capabilities,” Niinistö said. “This is a major question for us Europeans in the future — how much can we take care of ourselves for our security, information, and technology?” “You have to be able to cooperate with your friends,” he added, “but you also have to be able to work alone — in case your friends are more active elsewhere.”

Elisabeth Braw is a senior fellow at the Atlantic Council, the author of the award-winning “Goodbye Globalization” and a regular columnist for POLITICO. Seven years ago, Sweden made global headlines with “In Case of Crisis or War” — a crisis preparedness leaflet sent to all households in the country. Unsurprisingly, preparedness leaflets have become a trend across Europe since then. But now, Sweden is ahead of the game once more, this time with a preparedness leaflet specifically for businesses. Informing companies about threats that could harm them, and how they can prepare, makes perfect sense. And in today’s geopolitical reality, it’s becoming indispensable. I remember when “In Case of Crisis or War” was first published in 2018: The Swedish Civil Contingencies Agency, or MSB, sent the leaflet out by post to every single home. The use of snail mail wasn’t accidental — in a crisis, there could be devastating cyberattacks that would prevent people from accessing information online. The leaflet — an updated version of the Cold War-era “In Case of War” — contained information about all manner of possible harm, along with information about how to best prepare and protect oneself. Then, there was the key statement: “If Sweden is attacked, we will never surrender. Any suggestion to the contrary is false.” Over the top, suggested some outside observers derisively. Why cause panic among people? But, oh, what folly! Preparedness leaflets have been used elsewhere too. I came to appreciate preparedness education during my years as a resident of San Francisco — a city prone to earthquakes. On buses, at bus stops and online, residents like me were constantly reminded that an earthquake could strike at any moment and we were told how to prepare, what to do while the earthquake was happening, how to find loved ones afterward and how to fend for ourselves for up to three days after a tremor. The city’s then-Mayor Gavin Newsom had made disaster preparedness a key part of his program and to this day, I know exactly what items to always have at home in case of a crisis: Water, blankets, flashlights, canned food and a hand-cranked radio. And those items are the same, whether the crisis is an earthquake, a cyberattack or a military assault. Other earthquake-prone cities and regions disseminate similar preparedness advice — as do a fast-growing number of countries, now facing threats from hostile states. Poland, as it happens, published its new leaflet just a few days before Russia’s drones entered its airspace. But these preparedness instructions have generally focused on citizens and households; businesses have to come up with their own preparedness plans against whatever Russia or other hostile states and their proxies think up — and against extreme weather events too. That’s a lot of hostile activity. In the past couple years alone, undersea cables have been damaged under mysterious circumstances; a Polish shopping mall and a Lithuanian Ikea store have been subject to arson attacks; drones have been circling above weapons-manufacturing facilities; and a defense-manufacturing CEO has been the target of an assassination plot; just to name a few incidents. San Francisco’s then-Mayor Gavin Newsom had made disaster preparedness a key part of his program. | Tayfun Coskun/Anadolu via Getty Images It’s no wonder geopolitical threats are causing alarm to the private sector. Global insurance broker Willis Towers Watson’s 2025 Political Risk Survey, which focuses on multinationals, found that the political risk losses in 2023 — the most recent year for which data is available — were at their highest level since the survey began. Companies are particularly concerned about economic retaliation, state-linked cyberattacks and state-linked attacks on infrastructure in the area of gray-zone aggression. Yes, businesses around Europe receive warnings and updates from their governments, and large businesses have crisis managers and run crisis management exercises for their staff. But there was no national preparedness guide for businesses — until now. MSB’s preparedness leaflet directed at Sweden’s companies is breaking new ground. It will feature the same kind of easy-to-implement advice as “In Case of Crisis or War,” and it will be just as useful for family-run shops as it is for multinationals, helping companies to keep operating matters far beyond the businesses themselves. By targeting the private sector, hostile states can quickly bring countries to a grinding and discombobulating halt. That must not happen — and preventing should involve both governments and the companies themselves. Naturally, a leaflet is only the beginning. As I’ve written before, governments would do well to conduct tabletop preparedness exercises with businesses — Sweden and the Czech Republic are ahead on this — and simulation exercises would be even better. But a leaflet is a fabulous cost-effective start. It’s also powerful deterrence-signaling to prospective attackers. And in issuing its leaflet, Sweden is signaling that targeting the country’s businesses won’t be as effective as would-be attackers would wish. (The leaflet, by the way, will be blue. The leaflet for private citizens was yellow. Get it? The colors, too, are a powerful message.)

The European Commission president’s big set-piece speech of the year is upon us. The State of the Union address is where Ursula von der Leyen sets out her vision for the year ahead, and it promises to be a very challenging 12 months, for her and for Europe. So we tapped into the POLITICO newsroom’s deep knowledge of the political and policy realms and have attempted to preempt her speech by writing our own version. This is what we think she’ll say. Remember, this is not the actual State of the Union but our version of it. As it says on all speeches sent to journalists ahead of time, “please check against delivery.” Madam President, Honorable members, My fellow Europeans, This comes at a pivotal moment for Europe. We live in a world that presents many challenges for our Union; challenges that we as Europeans will have to face together. It is also a time for Europeans to decide which kind of future they wish to embrace; one of unity, one of strength, one of making our continent a better, more secure place; or one of conflict and dissent, in which we let external forces dictate the direction of our lives. There are people out there who want to destroy Europe; who side not with those of us who want a peaceful, prosperous Europe, but with our enemies. I know which path I will choose. And I believe, as I am sure you do too, that the people of Europe will take the right road. That is why, as we reflect on the State of our Union, we must acknowledge the advances we have made but also build the foundations of a more stable Europe, one that is less reliant on others in critical areas. UKRAINE AND DEFENSE Mesdames et Messieurs, les députés, Russia’s brutal war against Ukraine has presented us with challenges not seen since World War Two. As a result, we must take greater responsibility for our own security. That means investing in robust defense, safeguarding our people, and ensuring we have the resources to act when needed.  The EU’s likely message to Ukraine? We are at your side. | Olivier Hoslet/EPA Investing in European defense means investing in peace and long-term stability for current and future generations. It also means boosting technological innovation, supporting European competitiveness, promoting regional development, and powering economic growth.   Our ReArm Europe plan gives member states greater flexibility to spend more on defense while ensuring that the European defense industry can produce at speed and volume. It will also allow the rapid deployment of troops and assets across the EU. Red tape needs to be slashed to reach these aims. In a first step to simplify regulations, the Commission has already proposed a Defence Readiness Omnibus that will help untangle investment rules. However, simply spending more is not enough. Member states need to spend better, work together, and prioritize European companies. The EU will support this by helping coordinate investments and making sure that defense equipment is ‘Made in Europe’.  Yet the challenges caused by Russia are great and varied, including the threats caused by hybrid warfare attacking European infrastructure, and the increasing spread of disinformation online. We already have plans for an early-warning system and rapid response teams to help hospitals fight off cyberattacks. We can only overcome these problems by working together and, rest assured, Europe will also maintain diplomatic and, in particular, economic pressure on Russia. This week we will publish the 19th package of sanctions, as we tighten the net on those who do business with Russia. Working with our partners in the U.S., we are continuing to limit Russia’s potential and showing Vladimir Putin that we are serious about bringing an end to this war. Because a predator such as Putin can only be kept in check through strong deterrence. Our boost to defense is not just for our own security but for that of our allies and neighbors, and those who share our European values and wish to join the bloc. That is why our message to Ukraine is clear: Your future is in the European Union and we have been, and will continue to be, at your side every step of the way. REVIVING THE EUROPEAN ECONOMY Meine Damen und Herren Abgeordnete, As we look to advance our goals to boost European competitiveness, we have strong foundations such as our potential to unleash vast resources and latent technological and industrial power. I asked Mario Draghi to deliver a report on how to revive the European economy. One year ago, he delivered that report and we have been delivering on his recommendations. The year since the publication of Mario Draghi’s report has been all about cutting red tape and … boosting European competitiveness. | Olivier Hoslet/EPA As part of the Commission’s plans for the next multiannual financial framework — an ambitious and dynamic budget that will help us meet the challenges of the future — we created a €409 billion cash pot to fund Europe’s industrial revival, allowing European firms to rapidly scale up and cut red tape when accessing EU funds. And after a very clear signal from the European business sector that there is too much complexity in EU regulation, we launched the Omnibus Package to simplify legislation for sustainable finance, due diligence and taxonomy rules, and save companies €37 billion a year by 2029.   Mr. Draghi also recommended a single market for investment in the EU, and we have pushed forward plans for a Savings and Investments Union that would integrate supervision of capital markets and break down national barriers for the likes of stock exchanges and clearinghouses. The other major challenge we face is trade. The Commission has taken steps to deepen partnerships with trusted allies, partners and friends, which is an essential step in today’s uncertain geopolitical climate. We have in recent weeks secured trade deals with the United States as well as with Mexico and the Mercosur bloc of Latin American countries. I urge everyone in this House who believes in making our Union stronger to support these trade deals as they, and others, will help businesses across the continent, opening up our markets and diversifying our exports. The Mercosur deal alone opens up a market of over 280 million people for European exports, while the U.S. trade deal saves trade flows, saves jobs in Europe and opens up a new chapter in EU-U.S. relations. MIGRATION Señoras y señores diputados, Europe remains a place of safe refuge for those fleeing conflict and climate change. But I am of the firm belief that migration needs to be managed. That is why, after the launch of the Migration and Asylum Pact, we created a plan to streamline deportations, toughen penalties for rejected migrants who do not leave the bloc, and create hubs in countries outside the EU to house people awaiting deportation. Migration is often exploited by populists for political gain. But we want to create a system that supports those with a genuine asylum claim while making clear the rules on forced returns, and incentivizing voluntary returns. We also want to continue attracting talent from across the globe in areas where Europe is a world leader, such as in the life sciences and biotech spheres. Migration is a key issue for European citizens, but there are others. The latest Eurobarometer survey shows that the No. 1 issue Europeans want the EU institutions to resolve is the cost of living crisis. Across the continent, families are struggling to pay for homes, and this Commission is determined to do everything in its power to ease the pressure they are facing.  Migration is a key issue for European citizens. | Gene Medi/NurPhoto via Getty Images Early next year, we will present Europe’s first-ever European Affordable Housing Plan, which will aim to accelerate the construction of new homes, the renovation of existing buildings, and ensure no one sleeps on the streets by 2030. To do so, we will move to put in new measures to limit speculation, introduce regulations for short-term rentals in stressed housing markets, and cut red tape to boost public and private investments in the construction of new homes. People are also concerned about their energy bills and, here, the Commission is taking action. We must never forget Putin’s deliberate use of gas as a weapon, and that is why the EU will phase out Russian gas by 2027 thanks to the REPowerEU roadmap. As part of our deal with Washington, we will increase our energy imports from the U.S. over the next three years, a plan that is fully compatible with our medium- and long-term policy to diversify our energy sources and part of our commitment to the green agenda that so many in this House, myself included, fully support. That is why we have drawn up the Grids Package, which will come out later this year and aims to turbocharge investment in power networks, which is the key bottleneck in the uptake of more renewables. ARTIFICIAL INTELLIGENCE Signore e signori, deputati, The time is coming when artificial intelligence will match human thinking. That is why this week we published a report looking at the challenges and opportunities of AI. In Europe, we must take a leading role in shaping high-impact technologies. We will make sure there is smart yet strategic regulation while creating the right incentives, including funding and investment, to prevent AI and other technologies from becoming destabilizing forces. But we must not forget our traditional industries. The automotive sector is a critical pillar of the European economy, supporting more than 13 million jobs. The industry is facing increased competition from those who have benefited from unfair subsidies, and we have taken big steps to ensure this critical sector remains competitive and made in Europe. With our Automotive Action Plan, we set a strong course for building European batteries and ensuring our companies are the technological leaders in autonomous driving. At the same time, we have made big strides in maintaining our climate goals while giving our companies the necessary flexibility to stay competitive. THE EU BUDGET Panie i panowie, posłowie, We want a stronger European Union, stronger member states, and stronger regional and city governments, and we will work with local leaders — those closest to Europe’s citizens — to ensure they get the funds they need.  Cohesion Funds have helped build our Union with bridges and railways, public sports halls and libraries. Our cohesion policy is a central pillar of the European Union, and we will ensure that it continues to bridge gaps between regions, while also earmarking funds for the cities in which nearly three-quarters of all Europeans live. But we also want to protect and promote one of the most important elements of Europe, its agriculture and farmers. With our budget proposal we are safeguarding direct payments to farmers, boosting the funding available to rural communities, and giving more money to national governments to spend on agriculture. Farmers are essential to Europe, and what matters to Europeans matters to Europe. We need a continent that is united, safe and prosperous. I believe we can rise to the challenge. Long live Europe. Thanks to Victor Jack, Sam Clark, Max Griera, Pieter Haeck, Jordyn Dahl, Aitor Hernández-Morales and Helen Collis.

The International Criminal Court (ICC) said it was hit by a “sophisticated and targeted” cyberattack as NATO leaders gathered in The Hague for a summit last week. The ICC, which is based in The Hague, said it detected the incident “late last week” and had contained the threat. “A Court-wide impact analysis is being carried out, and steps are already being taken to mitigate any effects of the incident,” the court said in a statement on Monday. The Hague was the scene of the NATO Summit early last week. Dutch cybersecurity authorities reported a series of cyberattacks known as distributed denial-of-service (DDoS) attacks against local governments and other institutions in the run-up and during the summit. Those attacks, limited in impact, were claimed by known pro-Russian hacktivist groups online. A power outage also caused massive disruption to train traffic in the country last Tuesday. Dutch authorities said they were investigating the incident and the country’s justice minister said he couldn’t rule out sabotage as a possible cause. The ICC in 2023 also reported a hack of its computer systems it believed was an attempt to spy on the institution. The global tribunal has recently come under scrutiny after it issued arrest warrants for Israeli Prime Minister Benjamin Netanyahu and his former defense minister, Yoav Gallant, over Israel’s military campaign in Gaza. The U.S. Trump administration has slapped sanctions on the court’s Chief Prosecutor Karim Khan in response to the arrest warrants. Khan also lost access to his email provided by Microsoft in May, in an incident that has galvanized a political push in Europe to wean off American technology for critical communications.

Dutch authorities are investigating a major disruption to train traffic in the Netherlands on the opening day of the NATO summit — an incident that one senior official said could be sabotage. A power outage early on Tuesday has disrupted some traffic to and from the Netherlands’ main airport Schiphol, located 50 kilometers from where leaders of the Western defense alliance NATO are gathering today and tomorrow. Around 30 cables were damaged due to a fire, local media reported. The damaged cables have impacted the trains running from Amsterdam, Schiphol and Utrecht stations. Dutch Justice Minister David van Weel on Tuesday said the disruption “could be sabotage.” “[Sabotage] is one of the things we are now investigating,” he told broadcaster NOS at the Public Forum ahead of the NATO leaders’ meetings. “Then the question is: Who is behind it? It can be an activist group, it can be a country. It can be many things,” he said. Van Weel served as NATO’s most senior hybrid and cybersecurity official until the middle of last year. Officials at Dutch railway provider ProRail and public authorities are still investigating the incident. The train disruptions are the most recent disruption to events in the Netherlands, after Dutch municipalities on Monday already faced a series of low-level cyberattacks. A wave of distributed denial-of-service attacks hit a dozen Dutch organizations, including several municipalities, the National Cyber Security Centre confirmed. The attacks did not result in data breaches or intrusions, authorities said. Dutch cyber authorities pointed to the pro-Russian hacktivist group NoName057(16), which claimed the attacks. The group has targeted NATO countries including Belgium, Romania and others in the past year with such DDoS attacks, seeking to influence how countries position themselves toward NATO and the war in Ukraine. The attacks fit the description of threats outlined by Dutch authorities ahead of the NATO summit. While not very sophisticated, they appeared aimed at sowing confusion and stretching the capacity of public sector institutions involved in organizing the summit. Threat intelligence firm Recorded Future last week warned that the NATO summit in The Hague was expected to draw intense interest from Russian and Chinese threat operatives, with defense infrastructure and logistics providers likely to be top targets for espionage and sabotage.

The Latvian parliament voted Thursday to bar Russian and Belarusian citizens from buying real estate in the country.  Since Russia’s full-scale invasion of Ukraine began in 2022, Latvia — along with other Baltic and Nordic countries bordering Russia — has feared it could be the Kremlin’s next target. Moscow has also intensified hybrid warfare tactics against EU countries, including acts of sabotage targeting critical infrastructure. In light of Russia’s belligerence, Europe’s frontier countries argue that the presence of nationals from adversarial nations poses national security risks and have steadily tightened restrictions on Russian citizens. The newly passed law forbids Russian and Belarusian citizens, as well as companies that are at least 25 percent owned by them, from acquiring property in Latvia — but provides exceptions for EU and Latvian permanent residence holders from Russia and Belarus, Belarusian refugees and repatriates. “This is a step to limit the influence and presence in Latvia of persons and companies that are adverse to the country,” said Agnese Krasta, a lawmaker who coauthored the bill. On Thursday, Latvia also joined a coalition of seven Nordic and Baltic countries that want a Schengen ban on Russian citizens who fought in the war against Ukraine from entering the Schengen Area.  Last week, Latvian lawmakers required citizens of Russia and Belarus to get a security clearance to work on critical infrastructure, such as energy facilities and hospitals, and barred Latvian officials from traveling to Russia. In Finland, a ban on Russians buying real estate was imposed in April, and Lithuanian lawmakers passed a similar measure in 2023.  As Russian President Vladimir Putin wages war on Ukraine, the Baltic nations are preparing for a possible future Russian invasion, readying their hospitals and drafting mass evacuation plans. 

Iran’s cyber command ordered top officials and their security teams to avoid IT equipment connected to telecom networks in a sign they fear digital disruption from Israel. The news was reported by the Fars news agency on Tuesday, which is affiliated with the Iranian Revolutionary Guard Corps. Israel and Iran have clashed militarily since Israel launched Operation Rising Lion last Friday, targeting Tehran’s nuclear capabilities. Explosions were reported Tuesday in Tel Aviv and Jerusalem, as Iranian state media claimed a new wave of missiles had been launched toward Israel. Lukasz Olejnik, a visiting senior research fellow of the Department of War Studies at King’s College London, said the Iranian decision to avoid connected kit signals “deep concern” that ordinary devices can be hacked and tampered with. “It suggests Tehran fears adversaries can use connected devices to track, intercept, or even target key officials,” he said. Israel has used connected devices to kill individuals in the past. Last September, it used explosive pagers to hit Hezbollah targets, injuring nearly 3,000 people — a sophisticated and carefully orchestrated attack in which Israeli security services hit the Lebanon-based terrorist group by simultaneously triggering minute quantities of explosive hidden in thousands of modified hand-held devices distributed among Hezbollah operatives. “Israel is definitely a cyber superpower,” said Matt Pearl, former director for emerging technologies at the National Security Council during the Biden administration. “I would put it, in many ways, in the category of the U.S. or [China], although smaller, just in terms of its overall capabilities.” Both Iran and Israel are powerful cybersecurity actors. Experts said that cyber disruption and espionage operations are often conducted in the background of direct military clashes. Tel Aviv has a skilled cyber talent pool and close-knit relations between the government and the private sector. It is also considered to have stronger cyber capabilities and advanced technology, enabiling more sophisticated digital attacks. While Iran is considered a major rival power to Western countries — alongside China, North Korea and Russia — its cyber operations are primarily focused on espionage rather than disruption. Iran’s nuclear program has also been the target of one of the most infamous cyberoffensive operations in history: The U.S. and Israel were reportedly behind the Stuxnet malware attack that significantly damaged the country’s nuclear efforts in 2010. Sam Clark contributed reporting.