European intelligence agencies say investigations into Russian interference now absorb as much time and resources as traditional counterterrorism work, underscoring how cyber and hybrid threats have reshaped the continent’s security landscape. That warning comes as French authorities investigate a major cyberattack that disrupted the country’s national postal service at the height of the Christmas delivery rush.
Cyberattack Cripples La Poste During Peak Season
A pro-Russian hacking group, Noname057(16), claimed responsibility for a distributed denial-of-service attack that knocked La Poste’s central computer systems offline on Monday, French prosecutors said on Wednesday. The disruption persisted into Wednesday morning, preventing postal workers from tracking package deliveries and interfering with online payments at La Banque Postale, the group’s banking arm. Given the timing, the impact was particularly severe: La Poste employs more than 200,000 people and was operating during its busiest period of the year.
Following the claim of responsibility, France’s domestic intelligence agency, the DGSI, took over the investigation, according to the Paris prosecutor’s office. The attack added to growing concerns within the French government about sustained and coordinated cyber pressure linked to pro-Russian actors.
A Familiar Actor With a Broad European Footprint
Noname057(16) is not new to European security services. The group has previously targeted Ukrainian media outlets as well as government and corporate websites in Poland, Sweden, Germany and France. It was a central focus of Operation Eastwood, a coordinated international police effort carried out in July involving authorities from 12 countries. During that operation, law enforcement dismantled more than 100 servers worldwide, arrested two suspects in France and Spain, and issued seven arrest warrants, six of them for Russian nationals. Despite the scale of the crackdown, the group resumed operations within days and has remained active, including previous attacks on French government institutions such as the Ministry of Justice, prefectures and municipal administrations.
Rising Concerns Over Hybrid Warfare
The La Poste attack followed closely on the heels of another cyber incident acknowledged by the French government. Days earlier, authorities said a breach affected the Interior Ministry, which oversees national security. In that case, a suspected hacker extracted several dozen sensitive documents and accessed information related to police records and wanted individuals, Interior Minister Laurent Nunez told broadcaster Franceinfo.
Prosecutors also revealed last week that France’s counterintelligence services are investigating a suspected cyber sabotage plot involving software designed to remotely control computer systems on an international passenger ferry. A Latvian crew member has been detained on suspicion of acting on behalf of an unidentified foreign power, officials said.
Nunez strongly suggested a familiar source behind such operations, saying “foreign interference very often comes from the same country,” though authorities have stopped short of formally attributing the attacks to Russia.
Russia Accused of Widespread Sabotage Across Europe
France and other European allies of Ukraine accuse Moscow of waging a campaign of “hybrid warfare” aimed at destabilising Western societies and weakening support for Kyiv. That strategy, they say, combines cyberattacks, sabotage, disinformation and, in some cases, targeted violence. Since Russia’s full-scale invasion of Ukraine in February 2022, Western officials have linked scores of incidents across Europe to Moscow, including arson attacks on warehouses, railway sabotage and acts of vandalism targeting critical infrastructure.
Against that backdrop, European intelligence services now warn that countering Russian interference has become as demanding as confronting terrorism itself — a stark measure of how profoundly the threat environment has changed.
