The North Atlantic Council has officially condemned recent malicious cyber activities by Russia, calling them a serious threat to the security of NATO members and part of the Kremlin’s ongoing hybrid warfare.
In a joint statement, NATO expressed solidarity with Estonia, France, the United Kingdom, and the United States, all of which have recently identified Russia’s military intelligence service, the GRU, as responsible for cyberattacks against NATO Allies and Ukraine. The Council also recalled that Germany and the Czech Republic linked similar operations in 2024 to APT 28, a GRU-affiliated hacking group.
NATO highlighted with concern that these attacks targeted not only government institutions but also critical infrastructure and other key entities across the Alliance, including Romania.
The Council noted that these incidents and their damaging effects demonstrate Russia’s increasing reliance on cyber and hybrid tactics to destabilize NATO members and support its war against Ukraine.
“We call on Russia to halt its destabilizing cyber and hybrid activities,” the statement said, adding that these actions violate the United Nations framework for responsible state behavior in cyberspace, which Russia claims to respect.
NATO reaffirmed its ongoing support for Ukraine, including cyber assistance through the Tallinn Mechanism and the IT Capability Coalition. The Alliance is committed to learning from the conflict in Ukraine to strengthen collective cyber defenses.
NATO stands for a free, open, peaceful, and secure cyberspace. The Council urged all countries, including Russia, to fulfill their international obligations and follow the UN-endorsed framework for responsible conduct online.
The Alliance remains united in its determination to counter and contain Russian cyber threats. This commitment includes increased investment in cyber capabilities, such as the NATO Integrated Cyber Defence Centre, continued progress on the Cyber Defence Pledge, and actions agreed upon at the Hague Summit.
“We will use the full range of tools to deter, defend against, and respond to cyber threats, at a time and manner of our choosing, in line with international law and in cooperation with our partners, including the EU,” the statement concluded.