BRUSSELS — The European Union should stay the course to create a joint intelligence agency by building trust among national spy services, a senior adviser to the bloc on its security and crisis response plans has warned. “If we can build enough trust, we can also build the agency,” former Finnish President Sauli Niinistö told POLITICO in an interview. European Commission President Ursula von der Leyen tapped Niinistö last year to draft a report on how the EU could strengthen its civilian and defense preparedness in an increasingly unpredictable world — similar to the advisory reports penned by former Italian premiers Mario Draghi on Europe’s competitiveness problem and Enrico Letta on the future of the EU’s single market. Niinistö’s report, published one year ago this Thursday, recommended creating a “fully fledged intelligence cooperation service” at the EU level to bridge gaps between national agencies and improve early warning capabilities. Europe is seeking to bolster its joint intelligence capabilities as it faces a crisis in relations with the United States and a growing threat from Russia. In the past year, many national capitals have embedded intelligence officials in their Brussels representation offices and the European Union’s in-house intelligence unit has started briefing top-level officials. But security services have deep, decades-old trust issues. New revelations that Hungarian intelligence officials disguised as diplomats tried to infiltrate the EU institutions show how governments within the EU still keep close watch over each other. “The idea of a European intelligence agency, it is more for the future and we have to develop toward that,” Niinistö acknowledged. Since publishing his report, the European Commission came out with the Preparedness Union Strategy in May to better anticipate, prevent, and respond to hybrid threats including cyberattacks, sabotage, disinformation campaigns and the impact of climate change. It also announced the ReArm Europe plan, a €800 billion initiative to boost European defense spending and military readiness. COMING TO GRIPS WITH WAR The 77-year-old statesman said Europeans should get used to the idea of war in order to allow governments to scale up their defenses. “My ideal situation is that people in Europe — all over Europe — understand that security is the foundation of everything,” Niinistö said, adding he “would like to see a change of mindset.” For Niinistö, the challenge is not only political but psychological. Democracies, he noted, move at the pace of public opinion — and without broad recognition of the need for stronger defenses, governments will struggle to act decisively. “To a certain extent, I think it’s developing positively — that people, even in countries not located on the frontline with Russia, start to understand why it is important,” he said. Niinistö stepped down as president in 2024. | Ina Fassbender/AFP via Getty Images Niinistö stepped down as president in 2024. He steered Finland through its NATO accession, which was completed in April 2023. The former president pointed to shifting global dynamics. He cited the recent Shanghai Cooperation Organisation summit in Tianjin as evidence that China is seeking to project political as well as military power on the world stage, as it pushed for a“fairer multipolar world” and tighter security cooperation with members. “That was a clear message,” he said. The former Finnish leader warned that Europe can no longer afford to rely indefinitely on the United States for its protection. Washington, he noted, is increasingly preoccupied with other regions, which would leave Europe more exposed in the years ahead. “Europe needs to be able to take care of itself by developing its own capabilities,” Niinistö said. “This is a major question for us Europeans in the future — how much can we take care of ourselves for our security, information, and technology?” “You have to be able to cooperate with your friends,” he added, “but you also have to be able to work alone — in case your friends are more active elsewhere.”

Elisabeth Braw is a senior fellow at the Atlantic Council, the author of the award-winning “Goodbye Globalization” and a regular columnist for POLITICO. Seven years ago, Sweden made global headlines with “In Case of Crisis or War” — a crisis preparedness leaflet sent to all households in the country. Unsurprisingly, preparedness leaflets have become a trend across Europe since then. But now, Sweden is ahead of the game once more, this time with a preparedness leaflet specifically for businesses. Informing companies about threats that could harm them, and how they can prepare, makes perfect sense. And in today’s geopolitical reality, it’s becoming indispensable. I remember when “In Case of Crisis or War” was first published in 2018: The Swedish Civil Contingencies Agency, or MSB, sent the leaflet out by post to every single home. The use of snail mail wasn’t accidental — in a crisis, there could be devastating cyberattacks that would prevent people from accessing information online. The leaflet — an updated version of the Cold War-era “In Case of War” — contained information about all manner of possible harm, along with information about how to best prepare and protect oneself. Then, there was the key statement: “If Sweden is attacked, we will never surrender. Any suggestion to the contrary is false.” Over the top, suggested some outside observers derisively. Why cause panic among people? But, oh, what folly! Preparedness leaflets have been used elsewhere too. I came to appreciate preparedness education during my years as a resident of San Francisco — a city prone to earthquakes. On buses, at bus stops and online, residents like me were constantly reminded that an earthquake could strike at any moment and we were told how to prepare, what to do while the earthquake was happening, how to find loved ones afterward and how to fend for ourselves for up to three days after a tremor. The city’s then-Mayor Gavin Newsom had made disaster preparedness a key part of his program and to this day, I know exactly what items to always have at home in case of a crisis: Water, blankets, flashlights, canned food and a hand-cranked radio. And those items are the same, whether the crisis is an earthquake, a cyberattack or a military assault. Other earthquake-prone cities and regions disseminate similar preparedness advice — as do a fast-growing number of countries, now facing threats from hostile states. Poland, as it happens, published its new leaflet just a few days before Russia’s drones entered its airspace. But these preparedness instructions have generally focused on citizens and households; businesses have to come up with their own preparedness plans against whatever Russia or other hostile states and their proxies think up — and against extreme weather events too. That’s a lot of hostile activity. In the past couple years alone, undersea cables have been damaged under mysterious circumstances; a Polish shopping mall and a Lithuanian Ikea store have been subject to arson attacks; drones have been circling above weapons-manufacturing facilities; and a defense-manufacturing CEO has been the target of an assassination plot; just to name a few incidents. San Francisco’s then-Mayor Gavin Newsom had made disaster preparedness a key part of his program. | Tayfun Coskun/Anadolu via Getty Images It’s no wonder geopolitical threats are causing alarm to the private sector. Global insurance broker Willis Towers Watson’s 2025 Political Risk Survey, which focuses on multinationals, found that the political risk losses in 2023 — the most recent year for which data is available — were at their highest level since the survey began. Companies are particularly concerned about economic retaliation, state-linked cyberattacks and state-linked attacks on infrastructure in the area of gray-zone aggression. Yes, businesses around Europe receive warnings and updates from their governments, and large businesses have crisis managers and run crisis management exercises for their staff. But there was no national preparedness guide for businesses — until now. MSB’s preparedness leaflet directed at Sweden’s companies is breaking new ground. It will feature the same kind of easy-to-implement advice as “In Case of Crisis or War,” and it will be just as useful for family-run shops as it is for multinationals, helping companies to keep operating matters far beyond the businesses themselves. By targeting the private sector, hostile states can quickly bring countries to a grinding and discombobulating halt. That must not happen — and preventing should involve both governments and the companies themselves. Naturally, a leaflet is only the beginning. As I’ve written before, governments would do well to conduct tabletop preparedness exercises with businesses — Sweden and the Czech Republic are ahead on this — and simulation exercises would be even better. But a leaflet is a fabulous cost-effective start. It’s also powerful deterrence-signaling to prospective attackers. And in issuing its leaflet, Sweden is signaling that targeting the country’s businesses won’t be as effective as would-be attackers would wish. (The leaflet, by the way, will be blue. The leaflet for private citizens was yellow. Get it? The colors, too, are a powerful message.)

Russia is waging a campaign to “unsettle” citizens by flying drones into European airspace, European Commission President Ursula von der Leyen warned Wednesday. “Something new and dangerous is happening in our skies … This is not random harassment. It is a coherent and escalating campaign to unsettle our citizens, test our resolve, divide our Union, and weaken our support for Ukraine,” von der Leyen said in a speech at the European Parliament in Strasbourg. “And it is time to call it by its name. This is hybrid warfare.” There has been a surge in reports of unmanned aerial vehicles flying over Europe in the past month, including in Poland, Romania, Germany, Norway and Denmark. Some, such as war drones overflying Poland and Romania, have been identified as Russian, while the origin of others has been harder to determine. In response, Copenhagen last week temporarily banned drone flights, while NATO has launched an Eastern Sentry program to tackle gaps in the alliance’s air defenses. Meanwhile, von der Leyen has pitched building a drone wall to protect Europe against Russia, an idea that has drawn criticism over its feasibility and cost. But von der Leyen on Wednesday said protecting Europe’s eastern border is not enough, and a broader approach is needed. “Tackling Russia’s hybrid war is not only about traditional defense. It is about software for drones and spare parts for pipelines. It is rapid cyber-response teams and public information campaigns to spread awareness. This requires a new mindset for all of us,” she said. Europe needs to strengthen its defense industry and focus on the initiatives from member countries, such as the Prague-led ammunition initiative to deliver shells to Kyiv, von der Leyen said.

The European Commission president’s big set-piece speech of the year is upon us. The State of the Union address is where Ursula von der Leyen sets out her vision for the year ahead, and it promises to be a very challenging 12 months, for her and for Europe. So we tapped into the POLITICO newsroom’s deep knowledge of the political and policy realms and have attempted to preempt her speech by writing our own version. This is what we think she’ll say. Remember, this is not the actual State of the Union but our version of it. As it says on all speeches sent to journalists ahead of time, “please check against delivery.” Madam President, Honorable members, My fellow Europeans, This comes at a pivotal moment for Europe. We live in a world that presents many challenges for our Union; challenges that we as Europeans will have to face together. It is also a time for Europeans to decide which kind of future they wish to embrace; one of unity, one of strength, one of making our continent a better, more secure place; or one of conflict and dissent, in which we let external forces dictate the direction of our lives. There are people out there who want to destroy Europe; who side not with those of us who want a peaceful, prosperous Europe, but with our enemies. I know which path I will choose. And I believe, as I am sure you do too, that the people of Europe will take the right road. That is why, as we reflect on the State of our Union, we must acknowledge the advances we have made but also build the foundations of a more stable Europe, one that is less reliant on others in critical areas. UKRAINE AND DEFENSE Mesdames et Messieurs, les députés, Russia’s brutal war against Ukraine has presented us with challenges not seen since World War Two. As a result, we must take greater responsibility for our own security. That means investing in robust defense, safeguarding our people, and ensuring we have the resources to act when needed.  The EU’s likely message to Ukraine? We are at your side. | Olivier Hoslet/EPA Investing in European defense means investing in peace and long-term stability for current and future generations. It also means boosting technological innovation, supporting European competitiveness, promoting regional development, and powering economic growth.   Our ReArm Europe plan gives member states greater flexibility to spend more on defense while ensuring that the European defense industry can produce at speed and volume. It will also allow the rapid deployment of troops and assets across the EU. Red tape needs to be slashed to reach these aims. In a first step to simplify regulations, the Commission has already proposed a Defence Readiness Omnibus that will help untangle investment rules. However, simply spending more is not enough. Member states need to spend better, work together, and prioritize European companies. The EU will support this by helping coordinate investments and making sure that defense equipment is ‘Made in Europe’.  Yet the challenges caused by Russia are great and varied, including the threats caused by hybrid warfare attacking European infrastructure, and the increasing spread of disinformation online. We already have plans for an early-warning system and rapid response teams to help hospitals fight off cyberattacks. We can only overcome these problems by working together and, rest assured, Europe will also maintain diplomatic and, in particular, economic pressure on Russia. This week we will publish the 19th package of sanctions, as we tighten the net on those who do business with Russia. Working with our partners in the U.S., we are continuing to limit Russia’s potential and showing Vladimir Putin that we are serious about bringing an end to this war. Because a predator such as Putin can only be kept in check through strong deterrence. Our boost to defense is not just for our own security but for that of our allies and neighbors, and those who share our European values and wish to join the bloc. That is why our message to Ukraine is clear: Your future is in the European Union and we have been, and will continue to be, at your side every step of the way. REVIVING THE EUROPEAN ECONOMY Meine Damen und Herren Abgeordnete, As we look to advance our goals to boost European competitiveness, we have strong foundations such as our potential to unleash vast resources and latent technological and industrial power. I asked Mario Draghi to deliver a report on how to revive the European economy. One year ago, he delivered that report and we have been delivering on his recommendations. The year since the publication of Mario Draghi’s report has been all about cutting red tape and … boosting European competitiveness. | Olivier Hoslet/EPA As part of the Commission’s plans for the next multiannual financial framework — an ambitious and dynamic budget that will help us meet the challenges of the future — we created a €409 billion cash pot to fund Europe’s industrial revival, allowing European firms to rapidly scale up and cut red tape when accessing EU funds. And after a very clear signal from the European business sector that there is too much complexity in EU regulation, we launched the Omnibus Package to simplify legislation for sustainable finance, due diligence and taxonomy rules, and save companies €37 billion a year by 2029.   Mr. Draghi also recommended a single market for investment in the EU, and we have pushed forward plans for a Savings and Investments Union that would integrate supervision of capital markets and break down national barriers for the likes of stock exchanges and clearinghouses. The other major challenge we face is trade. The Commission has taken steps to deepen partnerships with trusted allies, partners and friends, which is an essential step in today’s uncertain geopolitical climate. We have in recent weeks secured trade deals with the United States as well as with Mexico and the Mercosur bloc of Latin American countries. I urge everyone in this House who believes in making our Union stronger to support these trade deals as they, and others, will help businesses across the continent, opening up our markets and diversifying our exports. The Mercosur deal alone opens up a market of over 280 million people for European exports, while the U.S. trade deal saves trade flows, saves jobs in Europe and opens up a new chapter in EU-U.S. relations. MIGRATION Señoras y señores diputados, Europe remains a place of safe refuge for those fleeing conflict and climate change. But I am of the firm belief that migration needs to be managed. That is why, after the launch of the Migration and Asylum Pact, we created a plan to streamline deportations, toughen penalties for rejected migrants who do not leave the bloc, and create hubs in countries outside the EU to house people awaiting deportation. Migration is often exploited by populists for political gain. But we want to create a system that supports those with a genuine asylum claim while making clear the rules on forced returns, and incentivizing voluntary returns. We also want to continue attracting talent from across the globe in areas where Europe is a world leader, such as in the life sciences and biotech spheres. Migration is a key issue for European citizens, but there are others. The latest Eurobarometer survey shows that the No. 1 issue Europeans want the EU institutions to resolve is the cost of living crisis. Across the continent, families are struggling to pay for homes, and this Commission is determined to do everything in its power to ease the pressure they are facing.  Migration is a key issue for European citizens. | Gene Medi/NurPhoto via Getty Images Early next year, we will present Europe’s first-ever European Affordable Housing Plan, which will aim to accelerate the construction of new homes, the renovation of existing buildings, and ensure no one sleeps on the streets by 2030. To do so, we will move to put in new measures to limit speculation, introduce regulations for short-term rentals in stressed housing markets, and cut red tape to boost public and private investments in the construction of new homes. People are also concerned about their energy bills and, here, the Commission is taking action. We must never forget Putin’s deliberate use of gas as a weapon, and that is why the EU will phase out Russian gas by 2027 thanks to the REPowerEU roadmap. As part of our deal with Washington, we will increase our energy imports from the U.S. over the next three years, a plan that is fully compatible with our medium- and long-term policy to diversify our energy sources and part of our commitment to the green agenda that so many in this House, myself included, fully support. That is why we have drawn up the Grids Package, which will come out later this year and aims to turbocharge investment in power networks, which is the key bottleneck in the uptake of more renewables. ARTIFICIAL INTELLIGENCE Signore e signori, deputati, The time is coming when artificial intelligence will match human thinking. That is why this week we published a report looking at the challenges and opportunities of AI. In Europe, we must take a leading role in shaping high-impact technologies. We will make sure there is smart yet strategic regulation while creating the right incentives, including funding and investment, to prevent AI and other technologies from becoming destabilizing forces. But we must not forget our traditional industries. The automotive sector is a critical pillar of the European economy, supporting more than 13 million jobs. The industry is facing increased competition from those who have benefited from unfair subsidies, and we have taken big steps to ensure this critical sector remains competitive and made in Europe. With our Automotive Action Plan, we set a strong course for building European batteries and ensuring our companies are the technological leaders in autonomous driving. At the same time, we have made big strides in maintaining our climate goals while giving our companies the necessary flexibility to stay competitive. THE EU BUDGET Panie i panowie, posłowie, We want a stronger European Union, stronger member states, and stronger regional and city governments, and we will work with local leaders — those closest to Europe’s citizens — to ensure they get the funds they need.  Cohesion Funds have helped build our Union with bridges and railways, public sports halls and libraries. Our cohesion policy is a central pillar of the European Union, and we will ensure that it continues to bridge gaps between regions, while also earmarking funds for the cities in which nearly three-quarters of all Europeans live. But we also want to protect and promote one of the most important elements of Europe, its agriculture and farmers. With our budget proposal we are safeguarding direct payments to farmers, boosting the funding available to rural communities, and giving more money to national governments to spend on agriculture. Farmers are essential to Europe, and what matters to Europeans matters to Europe. We need a continent that is united, safe and prosperous. I believe we can rise to the challenge. Long live Europe. Thanks to Victor Jack, Sam Clark, Max Griera, Pieter Haeck, Jordyn Dahl, Aitor Hernández-Morales and Helen Collis.

A cyberattack compromised the personal data of around 850,000 Belgian customers, French telecoms operator Orange said Wednesday. In an email sent to affected clients — including some POLITICO staff — Orange Belgium said hackers had gained access to names, telephone numbers, SIM card details, tariff plans and the Personal Unlocking Key (PUK) codes of users. No passwords, email addresses or financial information had been stolen, the company stressed. “Orange Belgium has informed the relevant authorities and an official complaint has been filed with the judicial authorities,” the company said in a statement. The group — which serves more than 290 million customers globally — warned that some services could be affected by its response to the incident, though it did not disclose the precise nature of the attack. Orange’s handling of the incident was met with sharp criticism from some of Belgium’s cybersecurity community. In a LinkedIn post, Inti De Ceukelaire, chief hacker at Belgian bug-bounty platform Intigriti, called the company’s response “very disappointing,” accusing Orange of following “the same old corporate PR playbook” to protect its brand rather than its customers. De Ceukelaire warned that the dedicated information page published by Orange downplayed the real risks — such as SIM swapping and number theft — while shifting the burden onto users to guard against phishing. The company also “subsequently downplay[s] the financial compensation claims stating that damage needs to be proven,” he added. Another LinkedIn user, Koen Gabriels, wrote: “Sure, providing every affected customer with a new SIM card is expensive and quite the logistical operation, but it would prove to me that they are worthy of storing my data.” The breach comes as European regulators and telecoms operators step up scrutiny of cybersecurity standards amid a rise in large-scale data leaks targeting critical infrastructure. Orange, one of the biggest mobile service providers in both Europe and Africa, separately announced at the end of July that it had suffered a cyberattack affecting one of its internal systems. Orange did not reply to POLITICO’s request for comment by the time of publication.

The Norwegian Police Security Service suspects pro-Russian hackers sabotaged a dam in southwestern Norway in April. Norwegian daily newspaper VG reported that the hackers breached the dam’s control system, opening valves for four hours, sending large amounts of water gushing forth until the valves could be shut. The chief of the Norwegian Police Security Service (PST) Beate Gangås, disclosed the incident during a presentation on pro-Russian cyber operations at a public event on Wednesday. According to VG, Gangås said that the number of cyberattacks on Western infrastructure was increasing, often not to cause damage but to “demonstrate what they are capable of.” She also said Norway should be prepared for further hacking attacks. At the same event, Nils Andreas Stensønes, head of the Norwegian Intelligence Service said that Russia was the biggest threat to Norway’s security. Cyberattacks on Western targets are part of Russia’s hybrid warfare strategy. In another water-related case in January 2024, a hacking group breached a Texas water facility’s system, causing it to overflow. The suspected hackers are linked to the Kremlin. The dam is located in the municipality of Bremanger, approximately 150 kilometers north of the city of Bergen. Local media say that the dam is not used for energy production and that the hackers might have exploited a security gap created by a weak password.

The International Criminal Court (ICC) said it was hit by a “sophisticated and targeted” cyberattack as NATO leaders gathered in The Hague for a summit last week. The ICC, which is based in The Hague, said it detected the incident “late last week” and had contained the threat. “A Court-wide impact analysis is being carried out, and steps are already being taken to mitigate any effects of the incident,” the court said in a statement on Monday. The Hague was the scene of the NATO Summit early last week. Dutch cybersecurity authorities reported a series of cyberattacks known as distributed denial-of-service (DDoS) attacks against local governments and other institutions in the run-up and during the summit. Those attacks, limited in impact, were claimed by known pro-Russian hacktivist groups online. A power outage also caused massive disruption to train traffic in the country last Tuesday. Dutch authorities said they were investigating the incident and the country’s justice minister said he couldn’t rule out sabotage as a possible cause. The ICC in 2023 also reported a hack of its computer systems it believed was an attempt to spy on the institution. The global tribunal has recently come under scrutiny after it issued arrest warrants for Israeli Prime Minister Benjamin Netanyahu and his former defense minister, Yoav Gallant, over Israel’s military campaign in Gaza. The U.S. Trump administration has slapped sanctions on the court’s Chief Prosecutor Karim Khan in response to the arrest warrants. Khan also lost access to his email provided by Microsoft in May, in an incident that has galvanized a political push in Europe to wean off American technology for critical communications.