Swedish Center for Studies and Research Center
Europe’s security environment has changed profoundly since Russia’s full-scale invasion of Ukraine. The continent is no longer facing only conventional military threats involving tanks, missiles, and territorial aggression. It is also confronting a growing spectrum of hybrid threats that target the systems sustaining modern societies: energy networks, undersea cables, ports, railways, airports, digital infrastructure, satellite navigation, telecommunications, financial systems, and public trust.
This transformation is especially visible in Northern Europe and the Baltic Sea region. Following Sweden and Finland’s accession to NATO, the strategic geography of the region changed dramatically. The Baltic Sea is now surrounded almost entirely by NATO members, with the exception of Russia’s coastline near the Gulf of Finland and the Kaliningrad exclave. This has strengthened NATO’s military position, but it has not eliminated vulnerability. On the contrary, it has made the region one of the most exposed arenas for sub-threshold confrontation, sabotage risks, cyberattacks, GPS interference, and pressure against civilian infrastructure.
For Sweden, this new reality is particularly important. Sweden is no longer only a technologically advanced Nordic state with strong civil defence traditions. It is now a frontline NATO actor in one of Europe’s most strategically sensitive regions. Its ports, data centers, energy systems, military logistics routes, telecom networks, and undersea connections are no longer purely national assets. They are part of the wider European and transatlantic security architecture.
This paper argues that critical infrastructure protection must become a central pillar of European security strategy. Hybrid warfare is no longer an abstract concept. It is an operational reality shaping Europe’s daily security environment.
From Conventional Defence to Societal Resilience
For much of the post-Cold War period, European security planning focused on crisis management, counterterrorism, peacekeeping, and limited military operations outside Europe. Critical infrastructure was often treated as a technical or regulatory issue rather than a core national security priority.
That assumption has collapsed.
Modern adversaries increasingly recognize that democratic societies can be weakened without direct military invasion. Disrupting electricity supplies, damaging undersea cables, interfering with GPS signals, paralyzing ports, attacking hospitals through ransomware, or spreading panic through disinformation can produce significant political and economic effects while remaining below the threshold of open war.
This is the core logic of hybrid warfare. The objective is not always immediate destruction. Often, the goal is uncertainty, exhaustion, confusion, and pressure. Hybrid operations are designed to make attribution difficult and response politically complicated. They create ambiguity over whether an incident is an accident, criminal act, technical failure, or hostile operation.
This ambiguity is itself a weapon.
In Europe, Russia has repeatedly been accused by governments and analysts of using such methods to test NATO responses, impose costs, and create insecurity without triggering Article 5 collective defence mechanisms. A 2026 analysis by the Polish Institute of International Affairs described Russian hybrid activity in the Baltic Sea region as involving sabotage, GPS jamming, cyberattacks, and influence operations, deliberately kept below the threshold of open military confrontation.
The Baltic Sea as Europe’s Hybrid Warfare Laboratory
The Baltic Sea has become one of the clearest examples of this new security environment. It is a dense strategic space where military geography, energy networks, maritime trade, data infrastructure, and great-power rivalry overlap.
Undersea cables carry vast quantities of internet traffic and financial data. Pipelines and electricity interconnectors support regional energy security. Ports and railways are essential for military mobility and reinforcement. Offshore wind farms are increasingly important for Europe’s green transition. At the same time, the sea is shallow, crowded, heavily trafficked, and difficult to monitor continuously.
This creates a perfect environment for deniable disruption.
Recent incidents involving damaged undersea cables and suspected sabotage have intensified European concern. Swedish authorities previously investigated damage to a fiber-optic cable connecting Latvia and Gotland, while NATO and regional governments increased monitoring of suspicious maritime activity.
Finland has also reported persistent interference with satellite navigation signals in the Baltic region, including GPS and GNSS disruptions affecting maritime safety. Finnish authorities linked some of these disturbances to Russian activity around the Gulf of Finland, especially in relation to maritime movements and efforts to obscure vessel routes.
These incidents illustrate the difficulty Europe faces. Even when sabotage is suspected, legal attribution and prosecution can be difficult, especially when incidents occur in international waters. A Finnish court ruling in a Baltic cable case showed how jurisdictional limits can constrain national legal responses, even when governments suspect hostile activity.
The Baltic Sea is therefore not only a military space. It is a governance challenge.
Why Critical Infrastructure Is Now a Strategic Target
Critical infrastructure is attractive to hostile actors because it combines high impact with low visibility. A damaged cable may not produce dramatic images like a missile strike, but it can disrupt communication, financial transactions, logistics, military coordination, and public confidence. A cyberattack on a hospital may appear criminal, but it can weaken social trust and state capacity. GPS jamming may not destroy aircraft or ships directly, but it can increase risk, delay transport, and demonstrate vulnerability.
Hybrid attacks are also cost-effective. They allow adversaries to impose disproportionate costs using relatively limited means. A single ship dragging an anchor, a cyber unit targeting a municipal system, a drone over an airport, or a coordinated disinformation campaign can force governments to spend enormous resources on investigation, protection, and reassurance.
This asymmetry is central to modern strategic competition.
For Russia, hybrid pressure offers a way to respond to European support for Ukraine while avoiding direct confrontation with NATO. For other actors, including criminal networks and hostile intelligence services, critical infrastructure offers opportunities for coercion, espionage, and disruption.
The result is a security environment in which the boundary between war and peace is increasingly blurred.
The EU’s Response: From Regulation to Resilience
The European Union has begun to adapt to this reality. The Directive on the Resilience of Critical Entities entered into force in January 2023, requiring member states to strengthen the resilience of essential services against threats including sabotage, terrorism, natural disasters, public health emergencies, and insider threats. Member states were required to transpose the directive into national law by October 2024.
This directive marks an important shift. It recognizes that critical infrastructure protection is not only about preventing attacks but ensuring that essential services can continue functioning during crises. Resilience means preparation, redundancy, rapid repair, public communication, and coordinated response.
However, implementation remains uneven. European countries differ in their institutional capacity, threat perception, private-sector regulation, and public preparedness culture. Some Nordic and Baltic states have strong traditions of total defence and civil preparedness. Others are still building the legal and operational frameworks required for modern resilience.
The challenge for the EU is to move from regulatory ambition to operational readiness.
NATO and the Security of Civilian Infrastructure
NATO has also placed increasing emphasis on resilience and critical infrastructure protection. Since hybrid threats often target civilian systems with military relevance, the distinction between civilian and military security has become less clear.
Ports, railways, roads, energy grids, and telecom networks are essential for NATO reinforcement and military mobility. If these systems are disrupted during a crisis, military readiness could be weakened before any open conflict begins.
This is particularly important in Northern Europe. Sweden’s territory, airspace, ports, and transport networks are now central to NATO’s ability to reinforce Finland, the Baltic states, and the wider northern flank. Protecting Swedish infrastructure is therefore no longer only a Swedish responsibility. It is part of NATO’s collective deterrence posture.
The EU and NATO established a joint task force on critical infrastructure resilience after the Nord Stream sabotage, reflecting growing recognition that both institutions must coordinate more effectively. NATO brings military planning, intelligence, and deterrence. The EU brings regulatory tools, market oversight, funding mechanisms, and civilian infrastructure governance. Effective resilience requires both.
Sweden’s Strategic Role
Sweden occupies a unique position in this emerging security environment. Its NATO membership has transformed the strategic map of Northern Europe. Its geography links the Nordic region, the Baltic Sea, and the European mainland. Its island of Gotland holds particular significance for control of Baltic Sea access and regional military mobility.
Sweden also possesses advanced digital infrastructure, strong defence industries, major ports, sophisticated telecommunications networks, and growing energy infrastructure. These strengths make Sweden a valuable security actor, but they also create vulnerabilities.
A hostile actor seeking to pressure NATO may not begin with military confrontation. It may target Sweden’s digital systems, maritime infrastructure, public agencies, airports, or energy networks. It may combine technical disruption with disinformation designed to undermine public confidence in government response.
Sweden’s security challenge is therefore not only to defend territory but to defend functionality.
The Swedish model of total defence, which integrates military defence, civil preparedness, private-sector cooperation, and public resilience, provides an important foundation. But the speed and complexity of hybrid threats require constant adaptation.
Cybersecurity as Infrastructure Protection
Cybersecurity is now inseparable from critical infrastructure protection. Electricity grids, water systems, ports, hospitals, railways, airports, telecom networks, and financial services all depend on digital systems. This dependence creates efficiency but also vulnerability.
Cyberattacks can disrupt essential services without physical access. They can paralyze municipal systems, steal sensitive data, undermine confidence in institutions, and create cascading failures across interconnected sectors.
Europe has already experienced repeated ransomware attacks, cyber espionage campaigns, and state-linked intrusions targeting public institutions and private companies. In a crisis, cyber operations could be combined with physical sabotage, disinformation, and diplomatic pressure.
This requires a shift in thinking. Cybersecurity cannot be left only to IT departments. It must be treated as a national security and governance issue involving boards of companies, public agencies, intelligence services, regulators, and emergency planners.
For Sweden and other European states, the key priority is not only preventing cyberattacks but ensuring rapid recovery when attacks occur.
Energy Infrastructure After Ukraine
Energy infrastructure has become one of Europe’s most politically sensitive vulnerabilities. Russia’s invasion of Ukraine forced Europe to reduce dependence on Russian energy, diversify supplies, expand LNG infrastructure, accelerate renewable energy investment, and reconsider the security of pipelines, terminals, interconnectors, and offshore installations.
This transformation has improved Europe’s strategic autonomy in some areas but created new protection challenges. LNG terminals, offshore wind farms, electricity cables, and cross-border grids are all potential targets in a hybrid conflict.
The green transition also creates new vulnerabilities. Offshore wind infrastructure, battery supply chains, hydrogen facilities, and smart grids will become increasingly important to European energy security. Protecting them must be integrated into climate and industrial policy.
Energy security in 2026 is therefore not only about supply diversity. It is about infrastructure survivability.
The Private Sector Problem
Much of Europe’s critical infrastructure is owned or operated by private companies. Telecom firms, energy providers, shipping companies, port operators, cloud providers, and financial institutions all play essential roles in national security.
This creates a governance challenge. Private companies may understand commercial risk, but they do not always have access to intelligence about hostile state threats. Governments may identify national security risks, but they do not always control the systems at risk.
Bridging this gap requires structured public-private cooperation. Governments must provide clearer threat briefings, minimum security standards, reporting requirements, and crisis communication channels. Companies must invest in redundancy, continuity planning, and security culture.
Resilience cannot be outsourced entirely to the market.
Public Preparedness and Democratic Resilience
Hybrid warfare targets societies as much as infrastructure. A power outage, cyberattack, or transport disruption becomes more damaging when citizens lose trust in authorities or believe false information about the cause.
This makes public communication a core security function. Governments must explain risks without creating panic. They must build public understanding of preparedness, emergency supplies, digital hygiene, and information verification.
Nordic societies have advantages in this area because of relatively high institutional trust and traditions of civil preparedness. But trust must be maintained. Poor crisis communication, slow response, or contradictory messaging can create openings for hostile influence campaigns.
Democratic resilience depends on prepared citizens as well as protected infrastructure.
Policy Recommendations
Europe should treat critical infrastructure protection as a strategic priority equal to defence spending and military modernization. This requires deeper integration between EU regulation, NATO planning, national security strategies, and private-sector risk management.
First, European states should develop common attribution standards for hybrid incidents. Ambiguity benefits adversaries. While evidence must be handled carefully, governments need faster mechanisms for joint assessment and coordinated response.
Second, NATO and the EU should expand joint monitoring of undersea infrastructure in the Baltic Sea, North Sea, and Arctic approaches. This should include maritime domain awareness, satellite surveillance, seabed mapping, and cooperation with private cable and energy operators.
Third, Sweden and other Nordic states should strengthen redundancy in communication, energy, and transport systems. Resilience depends on alternatives. A system that has no backup is not secure.
Fourth, cybersecurity standards for critical infrastructure operators should be raised and enforced. Voluntary measures are no longer sufficient in sectors essential to national security.
Fifth, Europe should develop rapid repair capacity for undersea cables, pipelines, and energy systems. Deterrence is stronger when adversaries know disruption will be temporary and politically ineffective.
Sixth, governments should invest in public preparedness campaigns that explain hybrid threats clearly and practically. Citizens should understand that resilience is not militarization of society but protection of daily life.
Europe has entered a new era of security competition in which the front line may be a fiber-optic cable, a port terminal, a satellite signal, a railway junction, a payment system, or an electricity substation.
For Sweden and Northern Europe, this reality is immediate. The Baltic Sea region has become one of the most exposed spaces in the confrontation between Russia and the Euro-Atlantic community. Sweden’s NATO membership has strengthened regional deterrence, but it has also increased the strategic importance of Swedish infrastructure.
The central lesson is clear: modern security is no longer only about defending borders. It is about defending the systems that allow society to function.
Critical infrastructure protection must therefore become a defining priority for European policy in 2026 and beyond. The states that succeed will be those that combine military readiness, civil preparedness, technological resilience, private-sector cooperation, and public trust.
Europe’s future security will depend not only on the strength of its armies, but on the resilience of the networks beneath its seas, the grids powering its cities, the data systems connecting its economies, and the confidence of its citizens in moments of crisis.