Since Russia’s invasion of Ukraine on 24 February 2022, Europe has witnessed a sharp increase in suspected Russian sabotage attempts (Richterova et al. 2024a). These destructive attacks, primarily leveraged against NATO member states, reveal important parallels between the Kremlin’s current campaign and Soviet-era sabotage doctrine. This essay will argue that state-led sabotage in the Putin era mirrors the Cold War doctrine of active measures in its reliance on the principle of escalation and choice of operational targets. However, a departure from traditional doctrine can be observed in the Russian security agencies’ harnessing of information and communication technologies (ICTs) and the emergence of new avenues for exploiting Western vulnerabilities.

To make this argument, the essay will begin by looking at the continuities between Cold War and Putin-era sabotage doctrine. It will first connect the Soviet policy of active measures to the hybrid war campaign being waged against Ukraine and its allies, evaluating the extent to which Russian sabotage relies on escalatory behaviour to achieve strategic objectives. It will then consider how the Kremlin selects targets that will generate panic and sow discord within Western societies. The second part of the essay will turn to new elements of Russian sabotage, starting with the use of ICTs, which has led to an increase in the scale of operations paired with an observable decline in operational tradecraft. A further development is that, although recent discoveries reveal that Soviet sabotage doctrine deliberately targeted foreign critical infrastructure (Richterova 2024), this practice has reached new heights in recent years, namely through sabotage around undersea cable infrastructure and cyberattacks.

Although there is no agreed upon definition for this term, doctrine is understood to describe the set of institutionalised principles that inform a military’s decisions on how best to carry out operations (Posen 2016, 159). The UK National Security Act (2023) defines sabotage as “activity conducted for, on behalf of, or for the benefit of a foreign power, resulting in damage to property, sites and data affecting the UK’s interests, and national security” (NPSA 2024). Sabotage is a form of active measures, a Soviet term for the array of overt and covert tactics employed by the Russian security services to achieve their strategic objectives (Shultz 1984, 2). In light of the wave of sabotage plaguing the West, there is a critical need to contextualise Russia’s current actions within the legacy of Soviet doctrine and the ongoing War in Ukraine. To counter Moscow’s sabotage efforts, Western governments must first understand the evolution of this practice and the intentions driving it.

Continuities in Sabotage Doctrine

Recent findings from the Czech Security Service’s archives shed considerable light on the Soviets’ sabotage enterprise. Eastern Bloc states were encouraged to focus their efforts on states where the instruments of Western power were concentrated, such as the NATO headquarters in Belgium, or France and Germany, which were seen as pivotal players in the event of a Western-led war (Richterova 2024). By targeting key players in this manner, the Soviets hoped to strike at their adversaries while avoiding attribution and even detection (Bilal 2024). Moscow sought new and innovative ways to keep its intentions and capabilities concealed. Sabotage was thus produced as an inexpensive and relatively nonviolent approach to achieve national interests (Gioe, Lovering and Pachesny 2020, 518). Plans were laid out to strike targets that were important enough to undermine opponents’ military capabilities and political resolve without triggering outright war. For example, military sites and communication lines featured prominently on the list of Soviet targets outlined in Czech archival records, and attacks were designed to resemble accidental disruptions in order to complicate attribution (Richterova et al. 2024a). Moscow’s sabotage efforts therefore fulfilled a perceived need to weaken Western unity by orchestrating attacks that it could plausibly deny and which would be unlikely to elicit serious retaliatory action.

Thus far, contemporary sabotage efforts appear to follow the same rationale. Operations are kept under the NATO threshold for collective-defence outlined in Article V and appear accidental and uncoordinated (Gramer and MacKinnon 2024). While it is impossible to establish the exact scope of these operations, an unprecedented number of incidents have been publicly ascribed to Russia by Western governments (Richterova et al. 2024b). Although Moscow has kept its attacks subthreshold, in line with Cold War schematics, their volume and intensity have generated significant disruptions. In 2024, Poland suffered a series of arsonous fires, one of which destroyed a shopping centre and required 200 firefighters to respond (US Army 2024). Booby-trapped parcels designed to ignite on command are believed to have caused fires at DHL logistics centres in Germany and the UK (Apps 2024). Other incidents have been reported in a variety of warehouses and weapons manufacturing facilities across Europe, the UK, and even the US (O’Carroll 2024; Kirby and Gardner 2024). The exceptional scale of suspected sabotage since 2022 raises serious concerns about the risk of escalation should tensions between Moscow and the West increase.

The escalatory character of Russian sabotage efforts is particularly evident in the intensification of attacks in tandem with major military operations. In the lead-up to the 2008 invasion, Georgian counterintelligence apprehended a GRU colonel who had established a secretive unit in South Ossetia consisting of 120 agent-saboteurs; a similar plot was uncovered in Ukraine in 2021 (Cormac 2022, 145). These operations appear to have been set in place to support the deployment of military forces. While Western services cannot know what impact the sabotage units had or how many of them may have been in operation, their existence reveals the magnitude of Russian escalation. Similarly, Moscow’s annexation of Crimea in 2014 was swiftly followed by explosions in a Czech ammunition depot containing military supplies for Ukraine and in a warehouse in Vrbetice, resulting in two fatalities (Richterova et al. 2024b). These examples illustrate the strategic deployment of sabotage alongside more traditional instruments of military power, presumably with the intent of weakening adversaries’ war efforts by forcing them to fight on multiple different fronts. Some experts warn that GRU-sponsored disruptions in Europe are symptomatic of a broader hybrid campaign aimed at undermining support for Ukraine (Richardson 2024; Bilal 2024). The hybrid war concept contends that Russia is attempting to reduce the power differential with NATO by combining military and non-military tactics to overwhelm Western governments (Bilal 2024). The deliberate targeting of sites of military-industrial importance supports this hypothesis, as does the inclusion of sabotage units in ground invasion plans.

A major precipitant of escalation during the Cold War and, it seems, in the current geopolitical context, is the Kremlin’s conviction that its sphere of influence is under threat. Sabotage was one of the tools historically used to “neutralise the Westernisation of the surrounding countries,” and the maintenance of a buffer zone around Russia’s borders was considered of vital national interest (Darczewska 2017, 10). This thinking has trickled down from Soviet doctrine. It provided the rationale behind Putin’s decision to invade Ukraine in 2022, which the Kremlin has framed as a response to Western encroachment (Dickinson 2022). Even diplomatic responses to Russian aggression may add fuel to the fire. To illustrate, the most recent upsurge in sabotage activity is partly believed to have been retaliation for the expulsion of some 750 undercover Russian operatives from Europe following the Ukraine invasion (Richardson 2024). The scale and intensity of attacks therefore reflect Moscow’s appraisal of the political landscape. Sabotage aimed at countering Western influence in the Russian Federation’s borderlands is carefully calibrated according to the level of escalation Moscow seeks to achieve. This also means that increased support for Ukraine will likely be met with more destructive and deliberate attacks.

The second major continuity between Cold War and Putin-era doctrine is the targeting of structures and individuals deemed of posing a threat to Russian foreign policy objectives. Soviet operational targets included items of key industrial importance such as water reservoirs, chemical plants, and storage facilities (Richterova 2024). Although there is no confirmation of such attacks being carried out in the past, evidence of GRU involvement in physical “incidents” against Western critical infrastructure is present and growing. In June 2024, break-ins at water treatment facilities in Finland aligning with Russian sabotage tactics were flagged by authorities (Recorded Future 2024). These now appear to have spread to Sweden, where residents in the district of Bollnas........

© E-International