BRUSSELS — European Union countries on Monday slapped new sanctions on hacking groups, including an Iranian group that targeted subscribers of the French satirical magazine Charlie Hebdo. Capitals froze assets and banned doing business with Iranian company Emennet Pasargad, which in 2023 stole data of subscribers to the French magazine and advertised the data for sale on the dark web. Charlie Hebdo was targeted by terrorists in 2015 after publishing cartoons of the Prophet Muhammed. Microsoft in 2023 pinned the data theft on Emennet Pasargad, which happened after the magazine published cartoons mocking then-Iranian Supreme Leader Ali Khamenei. Capitals also sanctioned Chinese company Integrity Technology Group and Chinese firm Anxun Information Technology, also known as i-Soon, and its co-founders Chen Cheng and Wu Haibo, who are banned from entering the EU, the EU sanctions listing showed. According to the details of the sanctions, Anxun Information Technology targeted “critical infrastructure and critical state functions” of EU countries and sold classified information as part of so-called hack-for-hire services.  The United States Department of Justice in March 2025 indicted 12 people involved in i-Soon for cyberattacks the U.S. said it had carried out at the behest of Chinese security services. Chinese security services “paid handsomely” for the data the groups stole, the department said.  Integrity Technology Group, the other Chinese company, facilitated the activities of a Chinese state hacking group dubbed Flax Typhoon, which security officials say has targeted organizations in Taiwan for espionage purposes. Flax Typhoon used Integrity’s products and technology to hack into more than 65,000 devices in six EU member countries, the Council of the EU said on Monday. The U.S. Treasury Department also sanctioned Integrity in January 2025. The United Kingdom hit both Chinese companies with sanctions late last year. 

Anton, a 44-year-old Russian soldier who heads a workshop responsible for repairing and supplying drones, was at his kitchen table when he learned last month that Elon Musk’s SpaceX had cut off access to Starlink terminals used by Russian forces. He scrambled for alternatives, but none offered unlimited internet, data plans were restrictive, and coverage did not extend to the areas of Ukraine where his unit operated. It’s not only American tech executives who are narrowing communications options for Russians. Days later, Russian authorities began slowing down access nationwide to the messaging app Telegram, the service that frontline troops use to coordinate directly with one another and bypass slower chains of command. “All military work goes through Telegram — all communication,” Anton, whose name has been changed because he fears government reprisal, told POLITICO in voice messages sent via the app. “That would be like shooting the entire Russian army in the head.” Telegram would be joining a home screen’s worth of apps that have become useless to Russians. Kremlin policymakers have already blocked or limited access to WhatsApp, along with parent company Meta’s Facebook and Instagram, Microsoft’s LinkedIn, Google’s YouTube, Apple’s FaceTime, Snapchat and X, which like SpaceX is owned by Musk. Encrypted messaging apps Signal and Discord, as well as Japanese-owned Viber, have been inaccessible since 2024. Last month, President Vladimir Putin signed a law requiring telecom operators to block cellular and fixed internet access at the request of the Federal Security Service. Shortly after it took effect on March 3, Moscow residents reported widespread problems with mobile internet, calls and text messages across all major operators for several days, with outages affecting mobile service and Wi-Fi even inside the State Duma. Those decisions have left Russians increasingly cut off from both the outside world and one another, complicating battlefield coordination and disrupting online communities that organize volunteer aid, fundraising and discussion of the war effort. Deepening digital isolation could turn Russia into something akin to “a large, nuclear-armed North Korea and a junior partner to China,” according to Alexander Gabuev, the Berlin-based director of the Carnegie Russia Eurasia Center. In April, the Kremlin is expected to escalate its campaign against Telegram — already one of Russia’s most popular messaging platforms, but now in the absence of other social-media options, a central hub for news, business and entertainment. It may block the platform altogether. That is likely to fuel an escalating struggle between state censorship and the tools people use to evade it, with Russia’s place in the world hanging in the balance. “It’s turned into a war,” said Mikhail Klimarev, executive director of the internet Protection Society, a digital rights group that monitors Russia’s censorship infrastructure. “A guerrilla war. They hunt down the VPNs they can see, they block them — and the ‘partisans’ run, build new bunkers, and come back.” THE APP THAT RUNS THE WAR On Feb. 4, SpaceX tightened the authentication system that Starlink terminals use to connect to its satellite network, introducing stricter verification for registered devices. The change effectively blocked many terminals operated by Russian units relying on unauthorized connections, cutting Starlink traffic inside Ukraine by roughly 75 percent, according to internet traffic analysis by Doug Madory, an analyst at the U.S. network monitoring firm Kentik. The move threw Russian operations into disarray, allowing Ukraine to make battlefield gains. Russia has turned to a workaround widely used before satellite internet was an option: laying fiber-optic lines, from rear areas toward frontline battlefield positions. Until then, Starlink terminals had allowed drone operators to stream live video through platforms such as Discord, which is officially blocked in Russia but still sometimes used by the Russian military via VPNs, to commanders at multiple levels. A battalion commander could watch an assault unfold in real time and issue corrections — “enemy ahead” or “turn left” — via radio or Telegram. What once required layers of approval could now happen in minutes. Satellite-connected messaging apps became the fastest way to transmit coordinates, imagery and targeting data. But on Feb. 10, Roskomnadzor, the Russian communications regulator, began slowing down Telegram for users across Russia, citing alleged violations of Russian law. Russian news outlet RBC reported, citing two sources, that authorities plan to shut down Telegram in early April — though not on the front line. In mid-February, Digital Development Minister Maksut Shadayev said the government did not yet intend to restrict Telegram at the front but hoped servicemen would gradually transition to other platforms. Kremlin spokesperson Dmitry Peskov said this week the company could avoid a full ban by complying with Russian legislation and maintaining what he described as “flexible contact” with authorities. Roskomnadzor has accused Telegram of failing to protect personal data, combat fraud and prevent its use by terrorists and criminals. Similar accusations have been directed at other foreign tech platforms. In 2022, a Russian court designated Meta an “extremist organization” after the company said it would temporarily allow posts calling for violence against Russian soldiers in the context of the Ukraine war — a decision authorities used to justify blocking Facebook and Instagram in Russia and increasing pressure on the company’s other services, including WhatsApp. Telegram founder Pavel Durov, a Russian-born entrepreneur now based in the United Arab Emirates, says the throttiling is being used as a pretext to push Russians toward a government-controlled messaging app designed for surveillance and political censorship. That app is MAX, which was launched in March 2025 and has been compared to China’s WeChat in its ambition to anchor a domestic digital ecosystem. Authorities are increasingly steering Russians toward MAX through employers, neighborhood chats and the government services portal Gosuslugi — where citizens retrieve documents, pay fines and book appointments — as well as through banks and retailers. The app’s developer, VK, reports rapid user growth, though those figures are difficult to independently verify. “They didn’t just leave people to fend for themselves — you could say they led them by the hand through that adaptation by offering alternatives,” said Levada Center pollster Denis Volkov, who has studied Russian attitudes toward technology use. The strategy, he said, has been to provide a Russian or state-backed alternative for the majority, while stopping short of fully criminalizing workarounds for more technologically savvy users who do not want to switch. Elena, a 38-year-old Yekaterinburg resident whose surname has been withheld because she fears government reprisal, said her daughter’s primary school moved official communication from WhatsApp to MAX without consulting parents. She keeps MAX installed on a separate tablet that remains mostly in a drawer — a version of what some Russians call a “MAXophone,” gadgets solely for that app, without any other data being left on those phones for the (very real) fear the government could access it. “It works badly. Messages are delayed. Notifications don’t come,” she said. “I don’t trust it … And this whole situation just makes people angry.” THE VPN ARMS RACE Unlike China’s centralized “Great Firewall,” which filters traffic at the country’s digital borders, Russia’s system operates internally. Internet providers are required to route traffic through state-installed deep packet inspection equipment capable of controlling and analyzing data flows in real time. “It’s not one wall,” Klimarev said. “It’s thousands of fences. You climb one, then there’s another.” The architecture allows authorities to slow services without formally banning them — a tactic used against YouTube before its web address was removed from government-run domain-name servers last month. Russian law explicitly provides government authority for blocking websites on grounds such as extremism, terrorism, illegal content or violations of data regulations, but it does not clearly define throttling — slowing traffic rather than blocking it outright — as a formal enforcement mechanism. “The slowdown isn’t described anywhere in legislation,” Klimarev said. “It’s pressure without procedure.” In September, Russia banned advertising for virtual private network services that citizens use to bypass government-imposed restrictions on certain apps or sites. By Klimarev’s estimate, roughly half of Russian internet users now know what a VPN is, and millions pay for one. Polling last year by the Levada Center, Russia’s only major independent pollster, suggests regular use is lower, finding about one-quarter of Russians said they have used VPN services. Russian courts can treat the use of anonymization tools as an aggravating factor in certain crimes — steps that signal growing pressure on circumvention technologies without formally outlawing them. In February, the Federal Antimonopoly Service opened what appears to be the first case against a media outlet for promoting a VPN after the regional publication Serditaya Chuvashiya advertised such a service on its Telegram channel. Surveys in recent years have shown that many Russians, particularly older citizens, support tighter internet regulation, often citing fraud, extremism and online safety. That sentiment gives authorities political space to tighten controls even when the restrictions are unpopular among more technologically savvy users. Even so, the slowdown of Telegram drew criticism from unlikely quarters, including Sergei Mironov, a longtime Kremlin ally and leader of the Just Russia party. In a statement posted on his Telegram channel on Feb. 11, he blasted the regulators behind the move as “idiots,” accusing them of undermining soldiers at the front. He said troops rely on the app to communicate with relatives and organize fundraising for the war effort, warning that restricting it could cost lives. While praising the state-backed messaging app MAX, he argued that Russians should be free to choose which platforms they use. Pro-war Telegram channels frame the government’s blocking techniques as sabotage of the war effort. Ivan Philippov, who tracks Russia’s influential military bloggers, said the reaction inside that ecosystem to news about Telegram has been visceral “rage.” Unlike Starlink, whose cutoff could be blamed on a foreign company, restrictions on Telegram are viewed as self-inflicted. Bloggers accuse regulators of undermining the war effort. Telegram is used not only for battlefield coordination but also for volunteer fundraising networks that provide basic logistics the state does not reliably cover — from transport vehicles and fuel to body armor, trench materials and even evacuation equipment. Telegram serves as the primary hub for donations and reporting back to supporters. “If you break Telegram inside Russia, you break fundraising,” Philippov said. “And without fundraising, a lot of units simply don’t function.” Few in that community trust MAX, citing technical flaws and privacy concerns. Because MAX operates under Russian data-retention laws and is integrated with state services, many assume their communications would be accessible to authorities. Philippov said the app’s prominent defenders are largely figures tied to state media or the presidential administration. “Among independent military bloggers, I haven’t seen a single person who supports it,” he said. Small groups of activists attempted to organize rallies in at least 11 Russian cities, including Moscow, Irkutsk and Novosibirsk, in defense of Telegram. Authorities rejected or obstructed most of the proposed demonstrations — in some cases citing pandemic-era restrictions, weather conditions or vague security concerns — and in several cases revoked previously issued permits. In Novosibirsk, police detained around 15 people ahead of a planned rally. Although a small number of protests were formally approved, no large-scale demonstrations ultimately took place. THE POWER TO PULL THE PLUG The new law signed last month allows Russia’s Federal Security Service to order telecom operators to block cellular and fixed internet access. Peskov, the Kremlin spokesman, said subsequent shutdowns of service in Moscow were linked to security measures aimed at protecting critical infrastructure and countering drone threats, adding that such limitations would remain in place “for as long as necessary.” In practice, the disruptions rarely amount to a total communications blackout. Most target mobile internet rather than all services, while voice calls and SMS often continue to function. Some domestic websites and apps — including government portals or banking services — may remain accessible through “whitelists,” meaning authorities allow certain services to keep operating even while broader internet access is restricted. The restrictions are typically localized and temporary, affecting specific regions or parts of cities rather than the entire country. Internet disruptions have increasingly become a tool of control beyond individual platforms. Research by the independent outlet Meduza and the monitoring project Na Svyazi has documented dozens of regional internet shutdowns and mobile network restrictions across Russia, with disruptions occurring regularly since May 2025. The communications shutdown, and uncertainty around where it will go next, is affecting life for citizens of all kinds, from the elderly struggling to contact family members abroad to tech-savvy users who juggle SIM cards and secondary phones to stay connected. Demand has risen for dated communication devices — including walkie-talkies, pagers and landline phones — along with paper maps as mobile networks become less reliable, according to retailers interviewed by RBC. “It feels like we’re isolating ourselves,” said Dmitry, 35, who splits his time between Moscow and Dubai and whose surname has been withheld to protect his identity under fear of governmental reprisal. “Like building a sovereign grave.” Those who track Russian public opinion say the pattern is consistent: irritation followed by adaptation. When Instagram and YouTube were blocked or slowed in recent years, their audiences shrank rapidly as users migrated to alternative services rather than mobilizing against the restrictions. For now, Russia’s digital tightening resembles managed escalation rather than total isolation. Officials deny plans for a full shutdown, and even critics say a complete severing would cripple banking, logistics and foreign trade. “It’s possible,” Klimarev said. “But if they do that, the internet won’t be the main problem anymore.”

Poland is looking into whether an attempted cyberattack on a nuclear research facility was carried out by Iran, the government said on Thursday. The country’s digital minister Krzysztof Gawkowski said in an emailed statement that Poland had “identified an attempted cyberattack on the servers of the National Centre for Nuclear Research,” which authorities had thwarted. He told local media that the attack was carried out “in the past few days,” Reuters reported.  The nuclear center said in a statement that “all safety systems operated according to procedures.” A reactor is “operating safely and smoothly at full power,” Jakub Kupecki, the center’s director said in the statement. The facility carries out research into nuclear energy; Poland does not have nuclear weapons of its own.  Polish cybersecurity services and the energy ministry are working with the facility, Gawkowski said.  The minister told local media that there are early signals suggesting the attack came from Iran, Reuters reported. “The first identifications of the entry vectors … are related to Iran,” he said, adding that more investigation is required.  Gawkowski added that hackers could also have used indicators linking the attack to Iran in efforts to hide their real origins. Poland has faced a huge number of Russian cyberattacks since the war in Ukraine began in 2022. Western cyber and intelligence agencies have warned critical entities to be on high alert for Iranian cyberattacks following the start of the conflict in late February. The Iranian embassy in Warsaw did not immediately respond to a request for comment.

LONDON — Elon Musk has been granted a license to supply energy in the U.K. Ofgem announced Thursday morning it has issued Musk-owned Tesla Energy Ventures with a license to provide electricity to U.K. businesses and households.  It brings a fresh contender into the supplier market, amid fears the global energy crisis will force up household bills.  The decision comes at the end of a seven-month approval process. Musk’s bid to enter the U.K. market has been highly controversial, after the world’s richest man and ally of U.S. President Donald Trump publicly criticized Prime Minister Keir Starmer and his government’s handling of the grooming gangs scandal.  Musk appeared last year via video link at a rally organized by the far-right activist Tommy Robinson, where he warned that “violence is going to come” to the British people “whether you choose violence or not.”   Energy Secretary Ed Miliband responded at the Labour Party conference in September: “We have a message for Elon Musk. Get the hell out of our politics and our country.” Miliband said Musk “incites violence on our streets.”   But Miliband would not be drawn at the time on whether Tesla Ventures should be granted an energy license. He insisted it was a matter for Ofgem and had to “go through the proper process.”  Miliband has faced calls from the centrist Liberal Democrats, and from some of Labour’s own MPs, to block the license.  After Musk’s comments about violence, Labour backbencher Clive Lewis said in September: “Elon Musk shouldn’t be allowed anywhere near our critical infrastructure.” The news comes at it a critical time for the domestic retail market, with industry warnings that customer debts have hit £5.5 billion. Disruption of key trade routes in the Gulf has pushed up wholesale gas and oil prices sharply.   Ofgem’s license for Tesla Ventures took effect on Wednesday, the regulator said.  It said the company must comply with all licensing conditions including requirements for treating customers fairly, financial responsibility, operational capability, billing, information provision and consumer protection.  Ofgem will have assessed whether Musk was a “fit and proper” person to lead a U.K energy supplier, although experts have previously said that is unlikely to take political statements into account. Ed Miliband’s Department for Energy Security and Net Zero has been approached for comment.

LONDON — The Iranian regime is warning it will attack European cities in any country that joins Donald Trump’s military operation and governments across the region are stepping up security in response. So far, Iranian drones have already targeted Cyprus, with one striking a British Royal Air Force base on the island, and others shot down before they could hit. That prompted the U.K., France and Greece to send jets, warships and helicopters to Cyprus to protect the country from further drone attacks. But with the British, French and German leaders saying they are ready to launch defensive military action in the Middle East, Tehran threatened to retaliate against these countries with attacks on European soil. “It would be an act of war. Any such act against Iran would be regarded as complicity with the aggressors. It would be regarded as an act of war against Iran,” Esmail Baghaei, Iran’s foreign ministry spokesperson, told Iranian state media. Mark Rutte, the former Dutch Prime Minister who now leads NATO, warned on Tuesday that Tehran posed a threat that reached deep into Europe. “Let’s be absolutely clear-eyed to what’s happening here,” Rutte said. “Iran is close to getting its hands on a nuclear capability and on a ballistic missile capability, which is posing a threat not only to the region — the Middle East, including posing an existential threat to Israel — it is also posing a huge threat to us here in Europe.” Iran is “an exporter of chaos” responsible over decades for terrorist plots and assassination attempts, including against people living on European soil, he said.  Here, POLITICO sets out what Iran is capable of, and where European countries may be at greatest risk.  MISSILES AIMED AT ATHENS AND EVEN BERLIN According to reports, Iran has been developing an intercontinental ballistic missile with a range of 10,000 kilometers, which would put European and even American territory potentially within range, said Antonio Giustozzi from the Royal United Services Institute think tank in London. It is not clear whether, under constant attack, Tehran would be able to manufacture and deploy an experimental missile like this, he said.  “Realistically, the further away you fire them, the less precise they will be,” Giustozzi told POLITICO. “Let’s say they had four or five long-range missiles. There may be some value to target something in Europe just to create some excitement and scare public opinion from intervening.”  Iran’s ballistic missile arsenal is known to include several medium-range systems that stretch to roughly 2,000 kilometers, according to the Center for Strategic and International Studies’ Missile Threat database. The solid-fueled Sejjil and Khorramshahr missiles are both assessed to have about that range, which would extend to parts of southeastern Europe from Iranian territory, including areas of Greece, Bulgaria and Romania, depending on the launch location. Romania has a U.S. missile shield site at Deveselu in the southern part of the country which was built to intercept potential missile attacks from Iran. This week, military security was stepped up at the site, according to Romania’s defense minister.  Tehran has long described 2,000 kilometers as a self-imposed ceiling for its ballistic missile program — a limit that keeps most of Europe outside of the envelope while preserving regional reach.  Defence Express, a Kyiv-based defense consultancy group, said the Khorramshahr missile may be capable of hitting targets 3,000 kilometers away if it was fitted with a lighter warhead, potentially bringing Berlin and Rome within range. However, the number of such long-range missiles in Iran’s arsenal is unlikely to be large.  ‘SHAHED’ DRONES AND TOYS PACKED WITH EXPLOSIVES  Iran has invested heavily in drone development and production, and these uncrewed projectiles may be its best flexible weapon. Iran’s “Shahed” drones have been deployed by Russian forces since the early days of the full-scale invasion of Ukraine. These one-way attack drones have a range claimed to be as much as 2,500 kilometers.  To reach targets inside European territory they would need to fly at low altitude across countries such as Turkey and Jordan, though Cyprus has already found out it is within range. Analysts believe the drone that hit U.K.’s RAF Akrotiri air base in Cyprus was likely a shahed-type, and may have been fired from Lebanon by Hezbollah, Iran’s proxy.  But Giustozzi said commercially available drones — even toys — could be used to cause havoc inside Europe. Iran is known to have a network of sleeper agents operating across many countries in Europe, he said, who use criminal groups to carry out attacks.  They could be tasked with a coordinated effort to fly drones over civilian airports, forcing flights to be halted and causing chaos to air traffic across Europe, he said. This would be cheap and easy to do. More ambitious attacks could include striking military targets with drones loaded with explosives. A residential building and cars are damaged by a Shahed drone attack in Kharkiv, Ukraine, last month. The drones have been deployed by Russian forces since the early days of the full-scale invasion of Ukraine. | Pavlo Pakhomenko/NurPhoto via Getty Images But such risk may be low, Giustozzi said, as Iran may not have been able to smuggle bomb making components into European countries as this has not been its primary mode of operation in the region in recent years.  HIT SQUADS AND TERRORISTS  Tehran’s recent focus has been on intimidating and targeting people and groups who are critical of the regime, particularly among the large Iranian diaspora dispersed widely across European countries, according to analysts.  According to an intelligence summary from one Western government, Iran has a long record of plots to assassinate and attack targets inside Europe. Its state-sponsored terrorism involves a mix of direct operations by Iranian forces and, according to the intelligence summary, a growing reliance on organized criminal gangs to maintain “plausible deniability.”  In the past decade, incidents have included the arrest of Iranian diplomat Assadollah Assadi for providing explosives to a couple tasked with bombing a large rally of the National Council of Resistance of Iran (NCRI). Assadi was sentenced to 20 years in prison.  After massive cyberattacks against state infrastructure, the Albanian government formally severed all ties with Iran in 2022. Four years earlier, Albania expelled the Iranian ambassador and several diplomats for plotting a truck bomb attack against an Iranian dissident camp. The Dutch government accused Iran of involvement in the targeted killing of two dissidents, in 2015 and 2017.  Suspected Iranian-backed assassination plots and other attacks have also been reported in Belgium, Cyprus, France, Germany, Sweden, and the U.K., among other countries in Europe.  CYBER ATTACKS  The threat to Europeans from Iran is not just physical, with the regime long being regarded as a capable actor in cyber warfare.   Experts and officials warned Iran could launch fresh cyber operations against Europe in the wake of the war started by the U.S. and Israel, either by targeting governments directly or by hitting critical infrastructure operators.  “We have to monitor now the situation very carefully when it comes to our cyber security and especially our critical infrastructure,” European Commission Executive Vice President Henna Virkkunen told POLITICO. “We know that the online dimension is also very important, the recruiting channel and especially the propaganda is also spread very much online.” Iran is typically seen as one of the big four cyber adversaries to the West — alongside Russia, China and North Korea. So far, however, there is little evidence to suggest it’s actively targeting Europe. In fact, Iran’s cyber activity has largely stopped since the U.S. bombing began, according to one senior European cybersecurity official, granted anonymity to discuss ongoing assessments.  If and when European countries make their support for U.S. and Israeli activities more explicit, that will likely draw them into the firing line, cyber industry officials said. “Europe should definitely expect that exactly what happened in the Gulf could happen and should happen in Europe,” said Gil Messing, chief of staff at Israeli cyber firm Check Point. EU Commissioner Henna Virkkunen spoke of the need to monitor cyber security and especially critical infrastructure. | Thierry Monasse/Getty Images Messing said his firm is already seeing evidence of cyberattacks in Cyprus, the only EU country that Iran has targeted with physical attacks so far. There’s no evidence of attacks in other European countries but it’s likely coming down the tracks, he said. And if attacks do take place, Iran’s capabilities, though lessened in recent years, remain significant, experts said. Iran’s security and intelligence services have cyber units comprising hundreds of people, with tens of millions of dollars of funding, Messing said. “If the regime lasts,” the senior official quoted above said, “they will be back.” Victor Goury-Laffont, Laura Kayali, Antoaneta Roussi, Joshua Berlinger and Sebastian Starcevic contributed reporting.

Washington’s Gulf Arab partners are bracing themselves for a fraught period ahead as the U.S. and Israel press on with a major operation in Iran — one they had lobbied against. With Iran retaliating and taking aim at targets in Bahrain, the United Arab Emirates, Jordan, Kuwait, Iraq, Qatar and elsewhere where the U.S. has military assets, these countries are considering their options and whether there is any way to avoid a regional war. Trump administration officials signaled to some U.S. allies in the Gulf ahead of time that the attacks were coming and have been in frequent contact with Gulf Arab officials in the hours since, according to two officials from Arab countries in the region. Those officials declined to provide details of the conversations other than to say they had been briefed on the operations. President Donald Trump has spoken with the leaders of Saudi Arabia, Qatar and the UAE, as well as NATO Secretary General Mark Rutte, White House spokesperson Karoline Leavitt said Saturday in a post on X. The White House didn’t immediately respond to a request for additional details. This is a delicate moment for Iran’s neighbors, many of which count on the U.S. for defense backing and are still hoping to have some influence over how the U.S.-Israel military campaign goes forward but now also need to focus on protecting their own airspaces and critical infrastructure. It’s clear the Trump administration disregarded pleas from allies in the region in launching the attack on Iran. At least half a dozen Middle Eastern officials, including two foreign ministers, descended to Washington in the past month to caution against strikes, including from Saudi Arabia, the UAE and Oman. These countries’ fears of a new level of instability in the region are already being realized. The six-member Gulf Cooperation Council — which includes Bahrain, Kuwait, Oman, Qatar, Saudi Arabia and the UAE — is now coordinating on how to respond. “The days ahead will be tricky,” a senior diplomat from a Gulf country said. “Iran grossly miscalculated by attacking the GCC,” using the abbreviation for the grouping. The person declined to say what actions were being discussed. The diplomat, like others, was granted anonymity to discuss sensitive deliberations. The GCC and each of the targeted countries issued statements condemning the Iranian attacks and have vowed to defend themselves. The leaders of the UAE and Saudi Arabia, who have been at odds for months over the civil war in Sudan and other tensions, spoke over the phone Saturday in a sign of how Iran’s response has jolted the region. Oman’s foreign minister Badr Albusaidi — who has been mediating nuclear talks between the U.S. and Iran — said Saturday he was “dismayed” by the joint operation, launched just hours after he met with Vice President JD Vance in a last-ditch effort to head off the military strikes. “Neither the interests of the United States nor the cause of global peace are well served by this,” Albusaidi said on X. “I urge the United States not to get sucked in further. This is not your war.” It’s unlikely U.S.-Iran technical talks scheduled to take place next week in Vienna will proceed. Turkey, the European Union and others have called for regional diplomacy to de-escalate tensions. Turkey, a NATO member which maintains relations with both governments and shares a border with Iran, lamented the U.S.-Israel attacks and Iran’s retaliation, saying in a statement: “We call on all parties to cease the attacks immediately.” Now facing escalating attacks from the Iranians, Gulf states have a series of difficult options. “The GCC is in the peculiar position of becoming a primary target when it had been pushing for de-escalation and diplomacy all along,” said Firas Maksad, managing director for Middle East and North Africa at the Eurasia Group. He said Iran hopes its targeting of Gulf states will pressure Washington to stop the attacks, though he said such an approach is unlikely to succeed. “A more likely outcome is a collective decision by GCC states to either allow the U.S. greater operational freedom to target Iran from their territories or even to respond themselves,” he said. The escalation scenario favors the U.S., he said. Should Iran target Gulf energy infrastructure, that would trigger even more of a response from the U.S. and its Arab allies. Elisa Ewers, a former U.S. official who has worked for decades on the Middle East, said these countries have no choice but to place significant faith in the Trump administration, especially now that Iran has upped the cost and targeted them so directly. “They must hope air defenses hold for as long as needed and this conflict isn’t prolonged with serious economic impacts” said Ewers, who is now at the Council on Foreign Relations.

BERLIN — The far-right opposition Alternative for Germany (AfD) party has triggered security fears in Berlin after officially requesting information on vulnerabilities in NATO defenses — insight that would prove useful to the Kremlin. The AfD, which frequently takes positions favorable to Russia, has developed an interest in last year’s “Hedgehog 2025” exercise, a major NATO operation in Estonia, in which Ukrainian drone specialists used tactics learned on the battlefield to “destroy” NATO units in a war game. In a letter obtained by POLITICO, Rüdiger Lucassen, the AfD’s defense spokesperson, asked the government on Feb. 19 to brief the defense committee in the country’s parliament on the lessons learned from the drill. “What capability gaps were identified — particularly in the areas of counter-drone defense, electronic warfare, command capability and the protection of mobile forces?” Lucassen asked in the letter. He also sought clarification on “which capability gaps still exist and by when they are to be closed.” It’s hardly the first time the AfD has raised concerns with inquiries that would elicit information of interest to Russia, and the country’s ruling coalition has sounded the alarm. “With some of the AfD’s motions and questions, the question increasingly arises as to what purpose they actually serve, and whose interests are being pursued,” Florian Dorn, a defense committee lawmaker for the country’s ruling Christian Democratic bloc, told POLITICO, when asked about the Hedgehog 2025 inquiry. “If such information falls into the wrong hands, it endangers our security and defense capability.” Under Germany’s political system, opposition parties have significant powers to demand answers from the government. Ministries can withhold classified material, but must generally respond to formal inquiries. Assessments of military exercises do more than describe what went wrong. They can reveal how exposed certain units were, how quickly they were neutralized, and how long it may take to fix any problems identified. European security officials assume that Russia and other adversaries mine publicly available material to piece together operational patterns. In drone warfare especially — where tactics evolve rapidly and adaptation cycles are short — knowing how long weaknesses may persist can offer strategic advantages. Thomas Erndl, the Christian Democrats’ defense policy spokesperson, also warned of the risks involved, including “the danger that security-relevant information could end up in the wrong hands.” He added that ministries have become accustomed to weighing such risks when drafting their responses to parliamentary inquiries. A senior NATO military official told POLITICO the inquiry hasn’t prompted any “dire concern” within the alliance, but added that NATO members “always want to be careful about the information that gets out publicly.” The controversy over Hedgehog 2025 follows earlier disputes in which AfD lawmakers submitted detailed questions about military transport routes, infrastructure protection and security systems.  Last year, the interior minister of the eastern German state of Thuringia, Georg Maier, accused the AfD of using parliamentary questions to “systematically scout critical infrastructure,” alleging in an interview with Handelsblatt that the party was effectively working its way through what he described as a “Kremlin task list.”  According to reporting by the German newspaper Welt, the state interior ministry compiled a list of 58 AfD inquiries since October 2024 that it said focused on sensitive infrastructure, including police IT systems, drone-defense capabilities, military transport routes, energy networks, water supply and civil protection. Lucassen rejected the suggestion the party had ulterior motives, calling his request a routine instrument of parliamentary oversight. In an e-mail to POLITICO, he said lawmakers have to rely on official military assessments rather than media reporting in order to support the armed forces through legislation and budget decisions. Victor Jack contributed reporting.

Chinese technology giant Huawei is participating in 16 projects funded by the European Commission’s Horizon Europe research and innovation program despite being dubbed a high-risk supplier. The Commission restricted Huawei from accessing Horizon projects in 2023 after saying that it (and another Chinese telecom supplier, ZTE) posed “materially higher risks than other 5G suppliers” in relation to cybersecurity and foreign influence. However, public data reviewed by POLITICO’s EU Influence newsletter shows that Huawei still takes part in several projects, many of which are in sensitive fields like cloud computing, 5G and 6G telecom technology and data centers. These projects mean Huawei has been working alongside universities and tech companies in Spain, France, Sweden, Denmark, the Netherlands, Germany, Belgium, Finland and Italy. It also has access to the intellectual property generated by the projects, as the contracts require the sharing of information as well as joint ownership of the results between partners. A Commission spokesperson confirmed that of the 16 projects, 15 were signed before the restrictions took place. The remaining project “was signed in 2025 and was assessed as falling outside the scope of the existing restrictions.” Many of the projects started in January 2023, with the contracts running out at the end of this year, while others will last until 2027, 2028 and 2030. “Huawei participates in and implements projects funded under Horizon Europe in a lawful and compliant manner,” a company spokesperson said. One of the projects is to develop data privacy and protection tools in the fields of AI and big data, along with Italy’s National Research Council, the University of Malaga, the University of Toulouse, the University of Calabria, and a Bavarian high-tech research institute for software-intensive systems. Huawei received €207,000 to lead the work on “design, implementation, and evaluation of use cases,” according to the contract for that project, seen by POLITICO. COMMISSION CRACKDOWN Last month the Commission proposed a new Cybersecurity Act that would restrict Huawei from critical telecoms networks under EU law, after years of asking national capitals to do so voluntarily. “I’m not satisfied [with] how the member states … have been implementing our 5G Toolbox,” the Commission’s executive VP for tech and security policy, Henna Virkkunen, told POLITICO at the time, referring to EU guidelines to deal with high-risk vendors. “We know that we still have high-risk vendors in our 5G networks, in the critical parts … so now we will have stricter rules on this.” The Commission is also working on measures to cut Chinese companies out of lucrative public contracts. Bart Groothuis, a liberal MEP working on the Cybersecurity Act, told POLITICO that the Commission should “honor the promises and commitments” it made “and push them out.” “They should be barred from participating. Period.” Huawei was also involved in an influence scandal last year, with Belgian authorities investigating whether the tech giant exerted undue influence over EU lawmakers. The scandal led to Huawei’s being banned from lobbying on the premises of the European Commission and the European Parliament.

Europe enters a more contested decade than any since the end of the Cold War. Yet the frontline shaping its security is no longer limited to land, sea, air or even space.   It runs directly through the digital backbone that powers modern life: the networks, data infrastructures and connectivity systems on which governments, economies and armed forces depend.  But Europe will not be secure until it takes this digital backbone’s security seriously, and governs its openness through risk-based, verifiable sovereignty rather than isolationism or complacency.  >  Europe will not be secure until it takes this digital backbone’s security > seriously, and governs its openness through risk-based, verifiable sovereignty A digital frontline that remains dangerously exposed  Hybrid threats no longer sit at the margins of European security. In reality, they cut straight through its core systems. Hospitals, energy grids, transport networks, financial markets and military command-and-control all rely on constant, resilient connectivity.   Via Vodafone. Joakim Reiter, group chief external and corporate affairs officer, Vodafone. And when those systems falter, nations falter. Recent blackouts in Portugal and Spain revealed what this means in practice. A ‘digital failure’ is not an IT incident. It is a national security event.   Adversaries have already drawn the lesson. Subsea cables carrying 95 percent of the world’s internet traffic face mounting sabotage risks. Satellites have become open theatres of geopolitical competition. And cyberattacks now routinely target both critical national infrastructure and the commercial networks that underpin defense readiness.   Despite this, much of Europe’s digital backbone is still approached as a utility, not a strategic asset. Market forces, on their own, cannot deliver the resilience, redundancy and diversity that modern deterrence requires. Piecemeal upgrades and fragmented responsibilities across civil, military and regulatory silos leave avoidable gaps that adversaries will inevitably exploit.  > A ‘digital failure’ is not an IT incident. It is a national security event.   Europe must therefore elevate secure connectivity to the level of defense preparedness — politically, financially and operationally. It requires moving beyond incrementalism to a coordinated framework that fosters and defends critical digital infrastructure — one that enables governments and operators to plan, train and respond together before, not during, the next crisis.  Sovereignty is about control, not isolation  Connectivity alone is not the issue. Europe’s strategic vulnerability also stems from how it governs the technologies on which its digital backbone depends.  And while digital sovereignty is one pillar of Europe’s wider resilience agenda — spanning critical value chains such as defense, automotive, chemicals and energy — it is the pillar without which none of the others can function.  Europe cannot attain digital sovereignty by continuing excessive dependence on a small number of non-European providers. But it also cannot achieve it by walling itself off from global innovation. Both extremes weaken resilience.  That’s why sovereignty done right means governing openness on Europe’s terms. Europe must keep critical operations in trusted European hands while maintaining access to the scale, performance and innovation that global platforms can provide.   This approach starts with understanding sovereignty across three dimensions:  — Data sovereignty: who has lawful access to information.  — Operational sovereignty: who runs and can intervene in critical systems.  — Technological sovereignty: which capabilities Europe must own or control.  The false choice between ‘ban foreign tech’ and ‘do nothing’ is a trap. The real path forward is risk-based, proportionate and verifiable. We must define what truly requires European control and work with like-minded international partners to build a trusted technology ecosystem. Sovereignty needs to be demonstrated in practice, not merely asserted in policy.  This approach would also enable Europe to pool industrial capacity with trusted partners such as Japan, Canada, Australia, the United Kingdom and South Korea. This is cooperation that strengthens Europe rather than diluting control.   From principles to verifiable control  Europe should reject blanket bans based on EU borders that raise costs, slow next-generation deployment and fail to deliver true control. Instead, sovereignty must be translated into concrete, auditable mechanisms that strengthen resilience.   To deliver it, Europe should follow four core principles:   1. Harden the backbone: Europe must create a much better business case for investing in resilient fiber, advanced 5G technologies and future networks built with defense-grade security. And it must fortify subsea cables, satellite systems and cross-border infrastructure against hybrid threats. This is defense spending by another name.  2. Engineer sovereignty into operations: ensure Europe retains verifiable control over access to sensitive systems and require European oversight of critical operations. Authorities must be able to verify who operates critical systems, where data is processed and which legal jurisdiction applies.  3. Certify ‘Trusted European Operators’: establish an EU-wide certification enabling European-anchored providers to manage access to global platforms within EU-governed environments. Make interoperability and portability mandatory to prevent lock-in and ensure resilience.  4. End ‘sovereignty washing’: providers claiming sovereign capabilities must prove it. Europe must require auditable disclosures and rigorous, risk-based assessments. If claims cannot be verified, they should not determine Europe’s critical infrastructure decisions.  In parallel, Europe should adopt a single EU framework defining practical levels across the data, operational and technological dimensions. This would give CIOs, regulators and public bodies clarity and consistency.   From doctrine to delivery  As the dust settles on the annual Munich Security Conference, Europe faces a defining choice. It can carry on treating its digital backbone as regulatory plumbing and watch vulnerabilities compound. Or it can recognise this backbone for what it is — a core line of defence.  > The real test of seriousness is whether governments and operators can plan > together, train together and respond together when systems are stressed.  The real test of seriousness is whether governments and operators can plan together, train together and respond together when systems are stressed. And this depends on whether investment, procurement and certification systems finally move at the speed security demands.  The way forward lies neither in dependence nor in fantasies of self-sufficiency. It must be grounded in risk-based sovereignty, delivered through verifiable control, modernized infrastructure and deeper public–private cooperation, aligned with trustworthy allies.  Ultimately, Europe cannot defend what it cannot connect, and it cannot compete if it closes itself off. Europe will fail this critical strategic test if the regulatory agenda for connectivity — the Digital Networks Act, Cybersecurity Act and merger guidelines revisions — does little to strengthen the very networks its security depends on.  If Europe gets this right, it can build a digital backbone capable of deterring adversaries, supporting allies, protecting citizens and powering innovation for decades to come.  -------------------------------------------------------------------------------- Disclaimer POLITICAL ADVERTISEMENT * The sponsor is Vodafone Group plc * The ultimate controlling entity is Vodafone Group plc * The political advertisement is linked to EU-level security and digital policy with particular focus on the Digital Networks Act, Cybersecurity Act, merger guidelines and broader digital sovereignty strategy. More information here.