European intelligence agencies now devote as much time to investigating Russian interference as they do to countering terrorist threats, officials say, as a wave of cyberattacks and sabotage continues to hit critical infrastructure across the continent.
Cyberattack Disrupts France’s Postal System at Peak Season
A pro-Russian hacking group, Noname057(16), claimed responsibility for a cyberattack that disrupted France’s national postal service during the Christmas rush, French prosecutors said on Wednesday. Following the claim, France’s domestic intelligence agency, the DGSI, took over the investigation, according to the Paris prosecutor’s office. The attack knocked La Poste’s central computer systems offline on Monday through a distributed denial-of-service assault that remained unresolved by Wednesday morning. Postal workers lost the ability to track package deliveries, while online payments at the company’s banking arm, La Banque Postale, also suffered disruptions. The timing proved particularly damaging, as the incident struck during the busiest period of the year for La Poste, which employs more than 200,000 people nationwide.
A Familiar Group with a Persistent Footprint
Noname057(16) has built a track record of targeting Ukrainian media outlets and government and corporate websites in countries including Poland, Sweden and Germany. The group was a central focus of Operation Eastwood, a coordinated international police effort in July involving authorities from 12 countries. During that operation, police dismantled more than 100 servers worldwide, arrested two suspects in France and Spain, and issued seven arrest warrants, including six for Russian nationals. Despite the crackdown, the group resumed operations within days and has remained active. In France alone, it has previously targeted government websites, including the Ministry of Justice as well as several prefectures and municipal authorities.
Growing Signs of a Broader Campaign
The disruption to La Poste followed closely on the heels of another cyber incident disclosed by the French government, which said an attack had affected the Interior Ministry, the body responsible for national security. In that breach, a suspected hacker extracted several dozen sensitive documents and gained access to information related to police records and wanted individuals, Interior Minister Laurent Nuñez told broadcaster Franceinfo. Separately, prosecutors last week said France’s counterintelligence agency is investigating a suspected cyber sabotage plot involving software designed to remotely control computer systems aboard an international passenger ferry. Authorities have detained a Latvian crew member on charges of acting on behalf of an unidentified foreign power.
Russia’s Shadow Over Europe’s Security Landscape
While French officials have stopped short of formally attributing the latest incidents, Nuñez strongly hinted at Russian involvement, saying that “foreign interference very often comes from the same country.” France and its European allies argue that Russia is waging a sustained campaign of so-called hybrid warfare, combining sabotage, assassinations, cyberattacks and disinformation to destabilise Western societies and weaken support for Ukraine. Since Russia’s full-scale invasion of Ukraine in February 2022, Western officials have identified scores of sabotage incidents across Europe that they attribute to Moscow, ranging from arson attacks on warehouses to railway sabotage and widespread vandalism. Against this backdrop, European intelligence agencies warn that tracking and countering Russian interference now consumes resources on a scale comparable to the fight against terrorism.
