Europe’s energy infrastructure is facing an unprecedented wave of cyberattacks, prompting EU security officials to rank hybrid digital warfare among the gravest threats to the bloc’s stability this year.
Across the continent, energy grids—once considered the preserve of domestic engineers and market regulators—are now squarely in the crosshairs of hostile foreign actors. From coordinated phishing campaigns on national grid operators to the silent infiltration of SCADA systems managing power distribution, the tempo and sophistication of attacks have escalated markedly since the start of 2025.
The European Union has quietly elevated the risk posed by hybrid cyberattacks to a top-tier priority, placing it on par with terrorism and state-backed espionage in its latest threat assessment circulated among member states in June.
Officials fear that the targeting of energy infrastructure is no longer speculative, but part of a concerted strategy to undermine European resilience, sow uncertainty in markets, and exploit political divisions.
“This is not merely a cybersecurity issue—it’s a national security one,” a senior official at the European Union Agency for Cybersecurity (ENISA) told Defence Matters.EU
“What we’re witnessing is a systemic effort to probe, disrupt, and ultimately intimidate European governments by going after what keeps the lights on.”
In the first half of the year alone, ENISA recorded a 67 per cent rise in cyber incidents against energy-related entities across the bloc compared to the same period last year. Of these, nearly half involved unauthorised access to operational technology (OT) systems—the very tools used to regulate gas flow, electricity distribution, and nuclear plant safety protocols.
While no large-scale blackouts have occurred, analysts warn that Europe’s increasingly digitalised and interconnected grids are vulnerable to “cascade effects”—where a minor breach in one country could spiral into a regional outage. The warnings are particularly acute for the Baltic states, Finland, and Poland, which remain tethered to Soviet-era grid systems or share interconnectivity points with Russia and Belarus.
Security experts believe Russia, Iran, and China remain the most capable state actors in this domain. But equally troubling is the role of non-state proxies and freelance hacker collectives, often acting with tacit state approval. In one high-profile incident in March, a ransomware gang known as “ShadowSpark,” suspected to have ties to Russian military intelligence, claimed responsibility for disabling auxiliary systems at a hydroelectric dam in Romania. The attack was contained, but not before emergency services were forced to intervene and manually override fail-safes.
In response, the European Commission has accelerated plans to roll out a bloc-wide “Cyber Shield” mechanism, aimed at coordinating threat intelligence between national CERTs (Computer Emergency Response Teams), energy regulators, and private grid operators. Modeled loosely on NATO’s Cooperative Cyber Defence Centre of Excellence, the EU frameworkwill include rapid-response cyber teams and enhanced funding for infrastructure hardening.
The urgency is echoed by national capitals. France’s Ministry for the Energy Transition confirmed it has begun installing quantum-encrypted communication lines between its nuclear control centres and regional distribution hubs. Germany, for its part, is investing €1.3 billion in AI-based anomaly detection systems designed to sniff out malicious code and pre-empt cyber sabotage in real time.
Yet despite the high-level alarm, significant hurdles remain. Member states differ widely in cyber readiness, with Southern and Eastern Europe lagging behind their Northern counterparts in both funding and digital expertise. Moreover, the sheer opacity of cyber operations makes attribution difficult. A malicious packet traced to an IP address in Yekaterinburg could easily have been routed through compromised servers in Singapore, making diplomatic responses a game of guesswork.
Business leaders, too, are growing uneasy. Europe’s grid is heavily reliant on private and semi-private operators, who must now invest in digital security without undermining shareholder returns. A recent survey by the European Round Table for Industry found that over 70 per cent of energy firms consider a major cyber incident “likely or very likely” in the next 12 months.
As the EU attempts to steel itself against a new era of silent warfare, the stakes could hardly be higher. In the words of one Brussels-based analyst: “Power grids are the nervous system of a modern state. If you can control them, or even just shake public confidence in their reliability, you gain a strategic edge without ever firing a bullet.”
For now, the lights remain on. But few in Europe’s capitals are sleeping soundly.
This Article Originally Appeared on DEFENCE MATTERS.EU
