According to Europol, Russia and other state actors are driving an increase in politically motivated cyber-attacks and sabotage of infrastructure and public institutions in the EU. The bloc’s police enforcement agency has released its serious and organized crime threat assessment for 2025. It details how “hybrid threat” actors have established a “shadow alliance” with organized criminal gangs to destabilize the EU and its member states.
The report identifies “a broad range of criminal activities and tactics” deployed by “criminal proxies.” These include sabotage, arson, cyber-attacks, data theft, and migrant smuggling. While Russia is not explicitly named a “hybrid threat actor,” the report notes: “There is an increase in politically motivated cyber-attacks against critical infrastructure and public institutions, originating from Russia and countries in its sphere of influence.”
At the launch of the report, EU Commissioner for Internal Affairs and Migration Magnus Brunner remarked, “Criminal networks that work on behalf of foreign powers—that is something new.
Some threats enter our union in less than a second as an encrypted message, for instance, ordering an assassination of a rival drug dealer. Some threats enter in a few days, like a bus full of migrants, paid by the Russians.”
At the report’s launch at Europol’s headquarters in The Hague, Polish Undersecretary of State for Internal Affairs Maciej Duszczyk cited a recent cyber-attack on a hospital, which interrupted medical care for several hours, as being linked to a state actor. He also highlighted ongoing migrant-smuggling incidents on the border with Belarus, involving state actors working with criminal gangs in the Middle East and Turkey.
Europol’s threat assessment, conducted every four years, also revealed that the criminal activities linked to Russia have a lasting impact.
Russia driving cyber-attacks in EU.
Poland’s police chief Marek Borón warned of an increase in the black market for weapons and ammunition and cautioned about attempts by Russian criminal groups to exert influence.
The report also attributed an arson attack on an Ikea store in Vilnius last summer to the Russian military intelligence agency GRU, which is suspected of being behind additional fires in other supermarkets and shopping centers. Two Ukrainian suspects have been arrested in connection with the attack. Europol found that criminal networks “increasingly operate as proxies in service of hybrid threat actors,” creating mutual benefits.
This “shadow alliance” allows Russia to use criminal networks ad hoc, “leveraging each other’s resources, expertise, and protection to achieve their objectives.”
Criminal gangs use a “woodpecker modus operandi,” meaning incidents are initially assessed as single events, such as sabotage of critical infrastructure, water, and energy supplies. However, these incidents can later reveal themselves as part of a larger strategic objective of destabilization involving persistent, targeted, and cumulative disruptions. “Much like a woodpecker weakens a tree over time through repeated strikes, hybrid threat actors engage in ongoing, seemingly minor actions that collectively erode stability, security, and trust in institutions,” said Europol.
The Europol report also warns of the increasing use of AI to scale and speed up online fraud and cybercrime. In Germany, young people are reportedly being “groomed and recruited” via social media and messaging apps, with “script kiddies” provided to assist with hacking and cyber-attacks. The Europol assessment has sparked concern among EU member states, as the combination of criminal networks and hybrid threat actors poses a significant challenge to the stability and security of the Union.
Image Credits: Photo by Towfiqu barbhuiya on Unsplash
Johannah Lopez is a versatile professional who seamlessly navigates two worlds. By day, she excels as a SaaS freelance writer, crafting informative and persuasive content for tech companies. By night, she showcases her vibrant personality and customer service skills as a part-time bartender. Johannah's ability to blend her writing expertise with her social finesse makes her a well-rounded and engaging storyteller in any setting.
