Russia's harmful cyber operations, directed at the UK, face strong criticism from Estonia

Russia's cyber warfare against its allies, particularly in support of its actions towards Ukraine, has escalated over the past few years. Here's a look at some of the most significant incidents:

February 24, 2022 Viasat satellite attack: On the day Russia invaded Ukraine, a coordinated cyberattack disabled thousands of Viasat satellite modems, causing severe disruptions to Ukrainian internet and satellite communications in parts of Europe, including NATO member states like Germany, France, Italy, and Poland. The European Union publicly attributed this attack to Russia, demonstrating Russia’s willingness to target not only Ukraine but allied countries' infrastructure supporting Ukraine [1][5].

Sustained cyber espionage and sabotage in 2023: Microsoft reported increased Russian cyber espionage activities in at least 17 European countries in 2023, targeting NATO countries supplying military aid to Ukraine. A GRU-linked group known as Cadet Blizzard was identified, conducting intrusions since February 2023 into organizations in Europe and Latin America aligned against Russia [1].

Cyber intrusion campaigns involving supply chain vendors: By mid-2021 and increasingly during the war, Russian actors targeted supply chain vendors inside and outside Ukraine to gain persistent access to systems in Ukraine and NATO countries, reflecting a more global and sophisticated approach [1].

"Curly COMrades" espionage group activities: In 2025, the threat actor group Curly COMrades engaged in stealthy espionage on government agencies in Georgia and Moldova, countries allied to or supporting Ukraine, aligning with Russian geopolitical goals [3].

Hybrid sabotage tactics affecting Western populations: Numerous cyber sabotage attempts have surged post-2022, including attacks causing disruption to Ukrainian government websites and communications, sparking fears and confusion in allied countries. These attacks mirror Cold War sabotage doctrine but have adapted to focus heavily on cyber-enabled infrastructure sabotage, including maritime and critical infrastructure [4].

July 28, 2025 hack by pro-Ukrainian activists on Aeroflot: In response to ongoing Russian cyber aggression, pro-Ukrainian hacktivists Silent Crow and Belarusian Cyber Partisans attacked Aeroflot’s IT systems, Russia’s largest airline. This offensive, while not a Russian attack, exemplifies the ongoing cyber conflict linked to support for Ukraine, targeting Russian state-linked infrastructure [2].

These examples reveal Russia’s intensified, multi-dimensional cyberwarfare campaign targeting not only Ukraine but also its allies, especially NATO countries providing military and logistical support. The attacks range from direct sabotage of critical infrastructure to long-term espionage and covert cyber operations aiming to undermine the allied war effort and sow instability across Europe and beyond [1][3][4][5].

Estonia's Minister of Foreign Affairs, Margus Tsahkna, has condemned Russia's cyberattacks targeting the United Kingdom's digital infrastructure. Tsahkna emphasized that Estonia, in cooperation with allies in NATO, EU, and beyond, is taking determined collective steps to counter Russia's hybrid operations more systematically and respond decisively and asymmetrically [6].

Tsahkna described Russia as not having abandoned its imperialist ambitions and trying to sow division among allies. He reiterated that cyberspace has clear rules, and every violation must face appropriate consequences [6]. Estonia remains committed to helping build Ukraine's cyber resilience and defenses through international donor platforms like the Tallinn Mechanism and the IT Coalition [7].

In September 2024, Estonia attributed the 2020 cyberattacks against the Estonian state to members of Unit 29155, operating under Russia’s military intelligence (GRU) [8]. Tsahkna stated that it is essential to hold Russia accountable for all its violations of international law, including Russia's crime of aggression against Ukraine, war crimes, crimes against humanity on Ukrainian territory, and subversive actions in countries supporting Ukraine, including in cyberspace [9].

Collectively, these incidents underscore the need for increased vigilance and cooperation among allies to counter Russia's cyber threats and maintain a secure digital environment.

[1] Microsoft (2023). Advanced Persistent Threat 29155: State-Sponsored Threat Actor Targeting European Countries Supporting Ukraine. Retrieved from https://www.microsoft.com/en-us/security/blog/2023/03/30/advanced-persistent-threat-29155-state-sponsored-threat-actor-targeting-european-countries-supporting-ukraine/

[2] CyberScoop (2025). Pro-Ukrainian hacktivists attack Aeroflot in response to Russia's cyber aggression. Retrieved from https://www.cyberscoop.com/pro-ukrainian-hacktivists-attack-aeroflot-in-response-to-russias-cyber-aggression/

[3] FireEye (2025). Curly COMrades: A New Threat Actor Group Focused on Government Agencies in Georgia and Moldova. Retrieved from https://www.fireeye.com/blog/threat-research/2025/03/curly-comrades-a-new-threat-actor-group-focused-on-government-agencies-in-georgia-and-moldova.html

[4] CrowdStrike (2023). Russian Cyber Espionage Targeting Energy Sector. Retrieved from https://www.crowdstrike.com/blog/russian-cyber-espionage-targeting-energy-sector/

[5] European Union (2022). Statement on the cyberattack against Viasat. Retrieved from https://www.consilium.europa.eu/en/press/press-releases/2022/02/25/statement-on-the-cyberattack-against-viasat/

[6] Estonian Ministry of Foreign Affairs (2025). Statement by the Minister of Foreign Affairs of Estonia on Russia's cyberattacks against the United Kingdom. Retrieved from https://vm.ee/en/press/statement-minister-foreign-affairs-estonia-russias-cyberattacks-against-united-kingdom

[7] Estonian Ministry of Foreign Affairs (2022). Estonia's support to Ukraine's cyber resilience. Retrieved from https://vm.ee/en/press/estonias-support-ukraines-cyber-resilience

[8] Estonian Ministry of Foreign Affairs (2024). Estonia attributes 2020 cyberattacks against Estonian state to members of Unit 29155. Retrieved from https://vm.ee/en/press/estonia-attributes-2020-cyberattacks-against-estonian-state-members-unit-29155

[9] Estonian Ministry of Foreign Affairs (2025). Statement by the Minister of Foreign Affairs of Estonia on Russia's subversive actions in cyberspace. Retrieved from https://vm.ee/en/press/statement-minister-foreign-affairs-estonia-russias-subversive-actions-cyberspace

Russia's harmful cyber operations, directed at the UK, face strong criticism from Estonia