Critical infrastructure is increasingly under threat from both state and non-state actors. Events such as the disruption of undersea cables in the Baltic Sea, the Nord Stream pipeline explosions, recent attacks on European railway networks, as well as the reconnaissance on Europe’s critical infrastructure illustrate the risks these systems face.

The undersea cable disruption in the Baltic Sea raised alarms about the vulnerability of Europe’s critical communication infrastructure. Fiber-optic cables connecting Sweden to Lithuania and Finland to Germany were severed, leading to significant service interruptions. While investigations into the incident are ongoing, initial suspicions point to sabotage. However, no conclusive evidence has been presented to confirm deliberate interference. This uncertainty underscores the complex challenge of attributing blame in incidents involving critical infrastructure, where natural events, accidental damage, or intentional acts may all be plausible explanations.

Similarly, the explosions that damaged the Nord Stream pipelines in September 2022 underscored the vulnerability of Europe’s energy supply chains. Although investigations have not conclusively identified the perpetrators, the incident amplified existing concerns about the security of energy infrastructure. For Norway, a major exporter of oil and gas, such acts of sabotage raise significant concern. The country’s offshore installations and pipelines are critical not only to its economy but also to European energy security, making them attractive targets for threat actors seeking to undermine stability in the region.

The spectrum of vulnerabilities extends beyond energy and telecommunications. In 2023, a cyberattack exploited Poland’s railway signaling systems, halting trains and disrupting freight traffic. Germany, too, experienced deliberate sabotage of fiber optic cables in 2022, which paralyzed rail services in its northern regions. It is also known that Russia has been mapping Norwegian critical infrastructure, including oil and gas infrastructure, for years. A knowledge that could become important in a conflict situation.

The actors behind these threats are diverse and sophisticated. State actors increasingly deploy hybrid tactics to achieve geopolitical aims. This includes direct sabotage, cyberattacks, and the use of proxies to conceal involvement. For companies, which often operate at the intersection of strategic industries and international supply chains, this creates a an unstable risk environment. Non-state actors, including criminal groups and ideologically motivated extremists, add further complexity by targeting infrastructure for financial gain or political statements. The pro-Russian hacktivist group Killnet has launched DDoS attacks on government websites in Norway and several other European countries, disrupting critical services in response to political tensions. Similarly, the financially motivated ransomware group DarkSide targeted Colonial Pipeline in 2021, disrupting fuel supplies across the U.S. East Coast.

The sabotage of critical infrastructure highlights the growing risks in an increasingly hostile geopolitical environment. By understanding the tactics and motivations of both state and non-state actors, businesses can better anticipate risks. Addressing these threats requires a multifaceted approach. Companies must build resilience through robust cybersecurity measures, physical safeguards, and contingency planning. As threats evolve, so too must the defenses, ensuring not only the continuity of essential services but also the stability of the societies that depend on them. By learning from recent attacks, companies can ensure that their systems—and the networks they rely upon—are prepared to withstand future challenges.