On July 19, 2023, the Defense Committee of the Parliament of the Kingdom of Sweden presented a new national security policy report entitled “Serious Times.”
The report provided an overview of threats, critical situations, and conclusions regarding Sweden’s course toward strengthening the country’s defense capabilities. Among other things, the authors of the document did not rule out the possibility of an attack on Sweden from Putin’s Russia.
The report stated that “Russia, as an authoritarian, nationalist, and imperialist state, poses the most serious and direct threat to European and Swedish security in both the short- and long-term perspective.” It noted Russia’s nuclear arsenal located near Sweden, particularly in the Baltic Sea region, its ability to conduct operations with its Air Force and Navy, Russia’s potential use of chemical weapons, as well as hybrid threats such as disinformation, cyberattacks, illegal intelligence gathering for terrorism, and threats to critical infrastructure.
Two years have now passed, but surprisingly, not all Swedish politicians, officials, law enforcement officers, and security representatives are adequately responding to the challenges facing the country.
In 2025, Sweden recorded a series of attacks on critical infrastructure. Yet, at the public level, most Swedish officials refrained from “calling things by their proper names”—that is, identifying the perpetrator of these crimes and giving an adequate response to its destructive activities.
In January alone, more than 30 explosions occurred in cities across the country, five of them in the densely populated capital, Stockholm. Fortunately, no people were injured, but residential buildings were damaged, and the country’s security image took a significant blow. Prime Minister Ulf Kristersson publicly declared the incidents to be internal terrorism even before investigations concluded, while Justice Minister Gunnar Strömmer convened an emergency meeting of the Council against Organized Crime. Yet no Swedish officials suggested—or dared to suggest—that these might be hybrid actions by external forces.
The Swedish state-owned company Teracom, which owns communication towers across the country, reported that in 2025 the number of damaged towers increased several times over. In the first five months alone, 30 incidents of cable cutting and damage to key components were recorded (with no equipment stolen). These incidents caused widespread communication outages. Teracom’s head of security, Stefan Steynik, was bolder in his assumptions, suggesting that the cases were linked to intelligence gathering, sabotage, and attempts to test Sweden’s capabilities, monitoring both responses and public reactions.
In July this year, the country’s security service Säpo (Säkerhetspolisen) admitted it was increasingly confronted with hybrid threats. These included deliberate damage to electronic equipment, unauthorized entry into water towers, GPS disruptions, and cable damage in the Baltic Sea.
It is worth recalling that in November 2024, a damaged undersea communication cable was discovered between Lithuania and Sweden (a similar incident had occurred between Finland and Germany). Sweden’s internet traffic capacity to Lithuania fell by a third—mitigated only by the fact that three cables connect the two countries (whereas Finland–Germany data transmission was completely cut off). A year earlier, in 2023, another undersea telecommunications cable connecting Sweden and Estonia had also been damaged.
Remarkably, Charlotte von Essen, Director General of Sweden’s counterintelligence, suggested that such incidents might have varied origins and were not necessarily linked to hostile actions by other states. According to her, this reflected the very nature of such events—it is difficult to determine their origin precisely.
By contrast, Sweden’s military intelligence chief Tomas Nilsson was more direct. He argued that Russia continues subversive activities across Europe, including in Sweden, involving arson, vandalism, and attacks on elected officials.
Beyond physical infrastructure damage, Russians also carry out powerful cyberattacks in Sweden. In 2023, a series of coordinated cyberattacks sought to undermine Sweden’s chances of joining NATO. A hacker group calling itself Anonymous Sudan launched dozens of DDoS attacks on the websites of airports, banks, and even hospitals—allegedly in response to the burning of the Quran outside the Turkish Embassy in Stockholm (though that act itself had been inspired by Russian intelligence). These overloads disrupted websites of Scandinavian Airlines, the state-owned energy company Vattenfall, defense company Saab AB, and interrupted online programs at Sweden’s national broadcaster.
Closer investigation of Anonymous Sudan revealed that the group was neither Sudanese nor Islamist, said Mattias Wåhlén, who led the cyberattack investigation for Truesec, one of Sweden’s largest cybersecurity firms. In his assessment, Anonymous Sudan is a well-organized Russian unit familiar with Swedish politics and social issues. Its clear goal was to heighten tensions with Sweden’s Muslim minority and influence Turkey to reject Sweden’s NATO application. Anonymous Sudan also frequently conducted joint operations with the pro-Russian hacker group Killnet, which targets countries opposing Russia’s war in Ukraine, including Sweden.
Most recently, on August 23, 2025, Sweden’s island of Gotland experienced a two-hour blackout. The energy company Gotlands Energi AB (GEAB) claimed a technical fault on the mainland, but questions remain. How could such a strategically vital island—long of interest to Russian military and intelligence—be so vulnerable to a supposedly routine malfunction? Why was GEAB so slow to resolve the problem and suspiciously delayed in informing the public? A previous incident in March had affected the island’s water supply after someone with technical expertise broke into an electrical cabinet and shut off a pump. No suspect was ever identified, let alone arrested.
Security expert and member of the Royal Swedish Academy of War Sciences, Patrik Oksanen, believes Sweden is responding too slowly to such challenges. He argues that the country’s decentralized system of governance is ill-suited to today’s environment of both conventional and hybrid warfare. Local infrastructure managers do not view the world through a national security lens. If damage seems minor, incidents are not treated as priorities by police but are instead written off as vandalism or accidents. Moreover, strict data privacy laws hinder surveillance operations, leaving authorities without comprehensive statistics on the exact number of cases.
Overall, many Swedish politicians, officials, and law enforcement representatives prefer to say nothing and do nothing—at least publicly. Yet such inaction and misleading of the public may signal to the Kremlin (whether correctly or not) that the Kingdom of Sweden is weak in the face of hybrid warfare.