TLP:CLEAR · Disclosure is not limited.
Europe: Russia-linked hybrid activity sharpens after Rome spy expulsions
Time window: Last 1 day · Audience: General analyst · Type: Situation report · DTG: 2026-07-10 10:41Z · Overall confidence: LOW
BLUF
Italy exposed and expelled a GRU-linked espionage network on 9 July while senior officials labelled Russia’s behaviour a hybrid war against the West. Expect additional expulsions or arrests in other EU capitals and a raised tempo of probing in cyber and undersea domains as Allies accelerate defensive programmes.
Executive summary
Italian authorities expelled two Russian military attachés from Rome on 9 July after arresting two former Italian intelligence officers on 7 July, with investigators tying GRU officer Mikhail Astakov to tasking for data on the Franco-Italian SAMP/T air defence system; the foreign and defence ministers framed the case as part of Russia’s hybrid war against Europe. The episode follows a 2024 Italian conviction for passing secrets to the Russian embassy, indicating a pattern of Russian intelligence use of diplomatic cover. In parallel, the UK detailed its Cyber Shield initiative and launched a Cyber Resilience Pledge, and NATO reporting highlights a real-time AI-enabled ‘kill web’ and potential AI drone patrols to protect Baltic subsea assets. Ukraine’s deep strikes on Russian tankers and refineries have contributed to domestic Russian fuel shortages and governor appeals for assistance, a pressure profile that historically correlates with deniable activity abroad. EU sanction discussions aimed at Russia’s drone supply chain and alumina flows continue, but process lags and scope gaps likely limit short-term deterrence.
Change from previous assessment
New since the 9 July brief: Rome expelled two Russian military attachés and made related arrests that officials framed as part of Russia’s hybrid war; reporting identifies GRU officer Mikhail Astakov and tasking for SAMP/T details. The UK publicly detailed its Cyber Shield initiative alongside a Cyber Resilience Pledge, and open reporting highlighted NATO’s real-time ‘kill web’ and potential AI drone patrols for Baltic subsea assets. Ukraine intensified attacks on tankers and refineries around 8-9 July, with multiple sources describing fuel shortages and governor appeals inside Russia. These developments increase our expectation of near-term Russia-linked hybrid activity in Europe. Confidence remains constrained by single-source and dated sanction reporting and the lack of fresh, corroborated attributions for cyber incidents in the EU.
Key judgments
- Russia is very likely running an active, GRU-linked espionage campaign in EU capitals focused on European air defence and aid-to-Ukraine channels, evidenced by Italy’s 9 July expulsion of two Russian military attachés and arrests that exposed Mikhail Astakov’s tasking for SAMP/T and Aster details. (Confidence: high · REPORTED)
- I&W: Berlin, Paris or Warsaw publicly expel additional Russian defence attachés for espionage citing tasking comparable to the Rome case. (0-14 days)
- I&W: Italian courts dismiss or downgrade charges in the Astakov-linked case for lack of state-secrets evidence. (1-3 months)
- Allies are likely to improve near-term resilience against hybrid threats through new programmes, including the UK’s Cyber Shield and Cyber Resilience Pledge and NATO’s real-time AI-enabled ‘kill web’ and planned AI drone patrols for Baltic subsea assets. (Confidence: medium · REPORTED)
- I&W: NCSC announces the first cohort of critical national infrastructure partners onboarded to Cyber Shield and publishes an initial operating playbook. (1-3 months)
- I&W: NATO slips or scales back ‘kill web’ and Baltic AI-drone patrol pilots in official readouts or budget documents. (1-3 months)
- The tempo of Russia-linked hybrid activity in Europe is likely to rise in the near term as Moscow absorbs mounting logistical and fuel strain from Ukrainian strikes on Sea of Azov tankers and Russian refineries, which have contributed to nationwide shortages and regional appeals for assistance. (Confidence: medium · ASSESSED)
- I&W: An EU energy operator or regulator publicly attributes a new network intrusion to a Russia-linked actor. (0-14 days)
- I&W: Open-source signs of easing Russian fuel shortages, such as governors ceasing public appeals for fuel or formal lifting of rationing in affected regions. (1-3 months)
- European networks are likely exposed to exploitation in the information and cyber domains, with AI tooling weaknesses and attacker use of AI expanding the attack surface that state or proxy actors can fold into hybrid campaigns. (Confidence: medium · ASSESSED)
- I&W: A major European public-sector or media organisation discloses compromise via AI toolchain, model plug-in or agent misuse. (0-14 days)
- I&W: UK pledge signatories publish measurable uptake of the NCSC ‘early warning’ service alongside third-party attestation of strengthened AI security controls. (1-3 months)
- EU sanctions targeting Russia’s drone supply chain and alumina flows are likely to advance but will have limited short-term impact on hybrid activity due to legislative lags and scope gaps. (Confidence: low · ASSESSED)
- I&W: The European Commission tables legal text to prohibit alumina exports to Russia or the Council publishes an annex naming targeted drone-component entities. (1-3 months)
- I&W: Council carve-outs or stalled deliberations permit Aughinish Alumina shipments to Russia to continue. (1-3 months)
Outlook & scenarios
Rolling expulsions and spy-ring exposure across EU (60%)
Following Rome’s actions, additional EU capitals announce expulsions of Russian defence attachés and arrests of local assets tied to collection on air defence and Ukraine-related aid logistics. Moscow leans on diplomatic cover for intelligence collection, prompting tit-for-tat measures and narrowed embassy footprints.
Quiet contest undersea and online (50%)
Probing of European critical national infrastructure intensifies in cyberspace and around Baltic subsea cables and pipelines, while NATO pilots real-time sensor-to-shooter networking and explores AI drone patrols. Activity remains deniable, with few public attributions but a noticeable rise in technical warnings.
Sanctions edge forward, adaptation blunts impact (40%)
EU measures against drone inputs and alumina flows progress procedurally, but gaps and implementation delays limit near-term effects. Russian-linked networks route procurement via third countries, sustaining hybrid capabilities despite added friction.
Wildcard: Undersea sabotage forces emergency consultations (15%)
A single-point failure on a Baltic subsea data or energy route is assessed by a member state as deliberate, prompting emergency allied consultations and accelerated deployment of autonomous surveillance along key corridors.
Recommendations
- Task Europe posts to compile and share a watchlist on Mikhail Astakov’s network and associated TTPs, including recruitment vectors and SAMP/T-related tasking, and cue liaison with Italian investigators for technical takeaways.
- Direct OSINT and cyber telemetry teams to prioritise collection on Russia-linked personas and infrastructure scanning EU defence, foreign affairs and energy-sector domains, with specific alerting for spearphish against air-defence and arms-transfer programmes.
- Coordinate with the UK NCSC on early participation pathways for Cyber Shield pilots and assess opportunities to mirror its ‘early warning’ model with continental partners supporting CNI operators.
- Accelerate an allied undersea risk baseline for the Baltic by fusing AIS, acoustic, satellite and cable fault data, and pre-plan rapid inspection and repair options to compress time-to-attribution and restoration.
- Support EU counterparts with evidentiary packages on firms supplying components to Russia’s Shahed/Geran-class drones to tighten sanction designations and reduce carve-outs.
- Advise EU ministries to run red-team exercises against AI-enabled workstreams in public-sector and media environments, focusing on model plug-in abuse and prompt-injection, and verify board-level cyber accountability per pledge commitments.
- Maintain a near-term watch for Russia-attributed incidents against EU energy operators; if attributed activity emerges, prepare options for coordinated public attribution, further persona sanctions, and reciprocal diplomatic steps.
Confidence & uncertainty
The Italy espionage case rests on multiple independent, reliable reports and official statements, supporting high confidence for that judgment. Other elements rely on single-source trade or media reporting, dated sanction timelines, or policy announcements without performance data. There is limited direct, corroborated attribution of fresh cyber or sabotage incidents in EU territory in this window, and several assessments extrapolate from battlefield pressure in Russia to likely hybrid behaviour in Europe. On balance, the mix of well-sourced reporting with inference and dated or single-source material warrants an overall low confidence rating despite stronger evidence on select points.
Alternative analysis (red cell)
The evidence base is dominated by national-level announcements, vendor studies, and intent-level policy reporting; it does not yet establish the cross-EU operational patterns or causal linkages asserted in several judgments. For example, Italy’s expulsions and arrests plausibly reveal a targeted espionage disruption but do not by themselves prove a coordinated, GRU-directed campaign across multiple EU capitals. Similarly, declared Allied programmes and NATO AI initiatives describe intent and planning rather than demonstrable near-term resilience gains, and sanctions reporting is inconsistent on scope and timing. Absent corroborating operational intelligence, implementation details, or demonstrable shifts in adversary behavior tied to the cited pressures, more cautious, lower-confidence estimates are warranted.
Intelligence gaps
- [EEI 1.2 · UNCOVERED] Observed reconnaissance activity around critical sites indicative of attack planning (unauthorised drone flights, repeated surveillance visits, loitering vehicles, mapping/photography of assets). Recommended collection: open-source/media
- [EEI 2.1 · UNCOVERED] Emergence or amplification of coordinated social-media networks (sets of accounts, pages, channels) pushing identical narratives or hashtags across multiple platforms, including bot-like activity metrics and origin IP/common management indicators. Recommended collection: social-media/OSINT
- [EEI 2.2 · PARTIAL] Publication or internal guidance from state-run media, proxy outlets, or identified influence platforms distributing talking points, pre-scripted messaging, or translated content targeted at specific EU countries/communities. Recommended collection: open-source/media
- [EEI 2.3 · UNCOVERED] Distribution of manipulated multimedia (deepfakes), targeted phishing/whaling campaigns, or localized false narratives timed to political events (elections, protests, court rulings) with tracked reach and engagement metrics. Recommended collection: cyber/forensic
- [EEI 3.1 · UNCOVERED] Unusual financial transactions: wire transfers, crypto conversions, or payments to shell companies, NGOs or individuals exceeding typical baselines that link to known proxies or front organisations. Recommended collection: financial
- [EEI 3.2 · UNCOVERED] Travel and movement indicators for suspected operatives: repeated border crossings, chartered/irregular flights, booking patterns or mobile/location data placing identified individuals in staging areas shortly before incidents. Recommended collection: border/immigration
- [EEI 3.3 · PARTIAL] Cargo, freight or maritime movements with discrepancies (concealed/dual-use equipment, false manifests, unusual routing) detected at ports, rail hubs or via AIS that correspond to deliveries of material used in sabotage or influence operations. Recommended collection: customs/ports
- [EEI 3.4 · PARTIAL] Intercepted or otherwise-obtained communications showing tasking, coordination, or payment instructions between Russian agencies/handlers and proxy groups, including identified command-and-control servers or encrypted group identifiers. Recommended collection: signals-intel/SIGINT
Cited sources
[1] Euronews · "3 أيام للمغادرة". روما تطرد ملحقين عسكريين روسيين بتهم تجسس (A) · sha256:94f2b8f6a4d2 [2] nabd.com · بعد كشف تسريب معلومات عسكرية. إيطاليا تطرد دبلوماسيين روسيين بتهمة التجسس (B) · sha256:200c9cb4f42e [3] Defense News · Italy busts Russian spy ring collecting data on Ukrainian air defense vulnerabilities (A) · sha256:59914f7bddb0 [4] securityweek.com · UK Government Rolls Out Agentic AI Defense Plan Alongside Industry Pledge (A) · sha256:99b3d00ba223 [5] tweaktown.com · NATO is building an AI 'kill web' to stop attacks before they start (B) · sha256:862718199623 [6] businessinsider.com · NATO can't stockpile lots of drones, could be out of date by next war: officials (B) · sha256:1013d618893e [7] understandingwar.org · Russian Offensive Campaign Assessment, July 9, 2026 (B) · sha256:cb726f95f56e [8] gcaptain.com · Ukraine Continues Strikes on Russian Tankers as Shortages Worsen (B) · sha256:ab65c9b2c784 [9] Al Jazeera · Trump grants Kyiv Patriots licences: What’s next in the Russia-Ukraine war? (A) · sha256:f606794c82b6 [10] foxnews.com · Ukraine’s drone revolution shows Russia is dangerously unprepared. But, so is America (B) · sha256:d6768fca9776 [11] BBC News · Ukraine strikes Russian ships near Crimea, escalating attacks on fuel supplies (A) · sha256:8f14d555e988 [12] newsweek.com · US-Iran war's return may leave Europe short of arms when it needs them most (A) · sha256:025678819427 [13] TALKING WITH TVP WORLD · Is Russia waging a terror campaign in Europe? | Ján Michalčák (B) · sha256:879787f45d54 [14] csoonline.com · Check Point CTO Jonathan Zanger sees AI elevating the value of cyber (C) · sha256:9efca79eef25 [15] infosecurity-magazine.com · Microsoft Warns of Increase in Number of Security Updates (C) · sha256:7e20fc7bc3b1 [16] Kyiv Post · EU to Approve New Russia Sanctions After Deadly Attacks (B) · sha256:9ce15d02bb83 [17] maritime-executive.com · EU Parliament Votes to Block Irish Alumina Plant's Sales to Russia (B) · sha256:fa649a058260
Source content hashes were computed at collection time; the cited text is preserved unmodified for the life of this product.
Red cell review: PARTIAL DISSENT
TLP:CLEAR