Energy and infrastructure As of 2025, responsibility for the 26 September 2022
Nord Stream pipeline explosions was
unclear. Some German officials advanced the theory that Russia had the motive of damaging its own pipelines as a "
false-flag" operation to drive a wedge between the west and Kyiv. Russian authorities accused the U.S. or the United Kingdom of destroying Nord Stream. This incident showed the vulnerability of European infrastructure to
seabed warfare. US media reported that Ukraine had been behind the attack, a charge strongly denied by Kyiv. Subsequently Russia criticised German progress in Nord Stream sabotage inquiry accusing the country's authorities of having little interest in finding those responsible. Following the sabotage, NATO increased patrols around critical pipelines. In the Nord Stream sabotage, sections of the
Nord Stream 1 and
2 gas pipelines from Russia to Germany were destroyed. Seismic monitors detected powerful underwater blasts, and investigators from Sweden concluded that the pipelines had been sabotaged using explosives. In 2023–2024, multiple undersea cables and pipelines in the Baltic Sea were severed or damaged, heightening suspicions of Russian sabotage. In October 2023, a subsea gas pipeline (the
Balticconnector between Finland and Estonia) was ruptured concurrently with a data cable, in what Finland called a deliberate act, though investigations considered whether a vessel's dragged anchor caused the damage. in November 2024, two separate fibre-optic internet cables in the Baltic were severed within two days – one linking Finland to Germany and another linking Sweden to Lithuania's network. German and Finnish authorities described these as possible "intentional damage" to critical infrastructure. In late December 2024, an undersea power cable between Finland and Estonia (
Estlink 2) was cut, along with several nearby telecom cables, causing blackouts and internet outages. Finland seized a Russian-owned ship suspected of involvement, and regional leaders stated that the pattern of frequent undersea infrastructure "accidents" since 2022 was unlikely to be coincidental. Since 2022, European telecom operators in the Nordic-Baltic region have reported numerous outages from unexplained cable cuts, and Western officials regularly cite Russia as the prime suspect. Russian cyber units, often in coordination with physical sabotage efforts, targeted critical systems such as power plants since at least the mid-2010s.
Railway and transportation networks European rail and transport infrastructure has been targeted. On 8 October 2022,
unknown saboteurs severed two
Deutsche Bahn fibre-optic cables in Germany, crippling the train signaling network in the north of the country and halting all long-distance and freight rail traffic for about three hours. German officials stated that striking redundant communication cables simultaneously showed that the sabotage required good knowledge of the system, and some raised suspicions of Russian involvement. Railway sabotage occurred in Poland, a key transit country for
NATO military aid to Ukraine. In 2023, an arrest of a Russian spy ring in Poland was carried out that had allegedly been plotting sabotage of rail lines and arms transports. Polish prosecutors later announced that more than a dozen people, reportedly working for Russian intelligence, were charged with preparing acts of sabotage against Polish transport infrastructure and were found with hidden cameras monitoring railway lines used for Ukraine-bound shipments. NATO officials have acknowledged instances of train derailment attempts and other transit sabotage as part of the broader campaign to disrupt logistics. and
Puławy,
Lublin Voivodeship.
Arson attacks and urban sabotage In the mid-2020s, a wave of arson and bomb hoaxes hit commercial or symbolic targets around Europe, in particular in Poland and Lithuania. On 8 May 2024, an
IKEA store in
Vilnius was set ablaze after closing hours. There were no injuries. Lithuanian prosecutors describe it as an act of "terrorism" by GRU. Two Ukrainian nationals were charged as the local perpetrators. One was arrested in Lithuania and the other in Poland. Investigators found they had been promised by Russian handlers to carry out bombing or fire attacks at shopping centres in Lithuania and Latvia. On 11 May 2024, a massive fire destroyed the
Marywilska 44 shopping centre in
Warsaw, a market with over 1,000 shops, during the night, with no casualties. Polish investigators found that the blaze was the result of arson coordinated by Russian secret services: conspirators for hire had been paid to set the mall on fire. In 2025, evidence showed that the fire had been ordered by a GRU officer in Russia. Several people suspected to be locally recruited intermediaries in the Marywilska arson were arrested in Poland and Lithuania. Lithuanian and Polish authorities considered it likely that the same Russian-linked network was behind both the Ikea fire and the Warsaw mall arson. In response, in May 2025 Poland expelled Russian diplomats and ordered the closure of Russia's consulate in Kraków. France experienced intimidation incidents in 2024 rather than outright attacks. In May, unknown vandals defaced a
Holocaust memorial in Paris with pro-Russian graffiti. On 1 June 2024, early morning visitors to the Champ de Mars in Paris found five wooden coffins draped in French flags arranged at the foot of the
Eiffel Tower. Each coffin was painted with the words "French soldiers in Ukraine". French authorities treated it as a hostile propaganda stunt. Three men, one of whom had ties to a pro-Russian extremist group, were arrested and charged with threatening national security. French intelligence suggested possible links between the two events as part of a Russian campaign of psychological pressure in France. The Russian government officially denied any connection to the Eiffel Tower coffins, dismissing it as a "provocation". Other smaller-scale incidents attributed by Western officials to the sabotage campaign include vandalism or threats against politicians. In early 2023, Estonia's interior minister had his car windows smashed and a Molotov cocktail thrown at his property on the same night that a prominent investigative journalist's car was similarly vandalized. Estonia's security service attributed responsibility to Russian agents seeking to intimidate Ukraine supporters. In Germany, officials reported instances of suspected sabotage or spying around
Bundeswehr bases involved in training Ukrainian soldiers, including unexplained small drones appearing over training ranges.
Electronic interference (GPS and communications) On the day of Russia's invasion of Ukraine a
cyberattack took place against the satellite internet system of American communications company
Viasat which affected their
KA-SAT network and triggered outages across central and
eastern Europe (the
Viasat hack). In May that year the
European Union, the
United States, and the
United Kingdom condemned the attack as a Russian operation. Russian sabotage includes GPS jamming and spoofing across Northern and Eastern Europe. Since 2022, Nordic and
Baltic states lodged reports of strong interference with satellite navigation signals near their borders that affected civilian airliners, ships, and drones over broad areas. Finland's civil aviation authority stated that incidents of GPS outage attributable to jamming from across the Russian border significantly increased in frequency since the 2022 full-scale Russian invasion of Ukraine. In one high-profile case in April 2023, Finland's national airline Finnair had to suspend flights to the city of Tartu, Estonia, after multiple passenger planes experienced loss of GPS during approach, presumably due to Russian electronic interference in the region. In September 2025, an aircraft carrying European Commission President
Ursula von der Leyen was suspected to have experienced GPS jamming while flying through Bulgarian airspace. NATO officials blamed the jamming on Russian electronic warfare units. Bulgarian authorities disputed the claim of GPS jamming. NATO Secretary-General
Mark Rutte stated that the suspected GPS interference was part of a wider pattern that "could have 'potentially disastrous effects.
Other types of sabotage European governments have faced waves of hoax bomb threats and cyber-sabotage tied to Russia. Throughout 2022–2023, numerous schools, airports, and public buildings in Poland, the Czech Republic and Italy received coordinated false bomb threat emails or phone calls traced to pro-Russian actors, leading to evacuations and economic losses. Poland became one of the primary cyberattack targets, with many of the attacks originating from Russia. == Attribution and Russian tactics ==