In her annual lecture delivered on 27 May 2026 at the Bletchley Park decryption centre, the Director of the UK’s Government Communications Headquarters (GCHQ), Anne Keast-Butler, spoke about the wide range of threats emanating from Russia. She emphasised that Moscow is “attacking critical infrastructure, democratic processes, supply chains for military aid to Ukraine, and conducting operations aimed at destroying public trust” in the authorities of the United Kingdom.
The GCHQ chief delivered her speech in a symbolically significant location — where Britain’s finest codebreakers once cracked Nazi ciphers — underscoring that Europe and Britain once again face existential challenges.
According to GCHQ assessments, Russian hybrid operations now span the domain “from the seabed to cyberspace.” Russia conducts deep-sea reconnaissance of communications near Britain and uses recruited “disposable agents” to carry out terrorist attacks on land.
On 9 April this year, UK Defence Secretary John Healey announced the successful detection and interception of Russian submarines in British waters operating near fibre-optic cables and mapping them. The Royal Navy, together with the Norwegian Navy, tracked three Russian submarines in the North Atlantic (within Britain’s exclusive economic zone). One was an Akula-class nuclear submarine used as a distraction by creating acoustic interference, while the other two were deep-sea submersibles belonging to the Main Directorate for Deep-Sea Research of the Russian Ministry of Defence. These were equipped with tools for deep-water operations and sabotage. British intelligence believes Russia was gathering data on the vulnerabilities of underwater communications in order to be able to instantly “switch off” banking and communications in the event of a direct confrontation with NATO.
The British frigate HMS St Albans and Royal Air Force Boeing P-8A Poseidon maritime patrol aircraft played the key role in tracking the Russians. By deploying dozens of hydroacoustic (sonar) buoys, the P-8A aircraft created a continuous monitoring and denial zone. The Russian crews were clearly shown that they were being watched and their coordinates recorded, and that any attempt to lower deep-sea vehicles to the cables would be immediately stopped. After several unsuccessful attempts, the Russian group aborted the mission and returned to its base on the Kola Peninsula.
Another notable case involved arson attacks on logistics centres and warehouses across Europe (including DHL postal facilities in Leipzig and Birmingham) that occurred earlier in 2024.
The United Kingdom is a priority target for Russian hybrid aggression for several objective reasons. First, London remains the most consistent supplier of military and intelligence assistance to Ukraine and is one of the leaders in the number of sanctions imposed on Russia. Second, the UK’s technology sector has recently surpassed $1 trillion in capitalisation, making its digital infrastructure, cloud capabilities, and financial systems an attractive target for cyberattacks capable of disrupting economic processes. Third, knowledge of the routes and locations of underwater communications near Britain gives the Kremlin the data needed to organise sabotage that could sever the country’s connection with the world.
Recognising the growing risks, the United Kingdom is changing its defence doctrine and moving towards the concept of “machine defence.” The GCHQ Director announced the development of the world’s first national cyber defence system that integrates autonomous AI (agentic AI) into the protection of airlines, telecommunications, and energy networks for the instant repulsion of attacks. The system is scheduled to be launched within the next five years. In addition, the UK’s National Cyber Force (NCF), together with the US National Security Agency (NSA) and other partners, is deploying quantum-resistant cryptography algorithms capable of withstanding quantum computers expected to break modern encryption in the coming years, while also working to dismantle Russian networks involved in smuggling Western technologies in circumvention of sanctions.
For this reason, British signals intelligence is urging society and businesses to strengthen their own cyber defences. The cyber resilience of the private sector (even small contractors and remote workers) has now been officially declared the frontline of the state’s digital defence, as Russia is able to organise DDoS attacks on government servers through their weak passwords and “unpatched” routers — something that has already occurred. At the national level, Britain is introducing a strict “hardwire security” rule — mandatory integration of security protocols at the design stage of any new technology and a complete transition from classic passwords to passkeys.
The main challenge for London and Europe at present is the need to outpace Russia in adapting cutting-edge AI technologies for protection, as countering its cyber sabotage requires the rapid detection of threats at their earliest stage and their successful neutralisation before negative consequences occur.