Seventy-five years ago this week, the Royal Air Force’s No. 617 Squadron launched ‘Operation Chastise’ – a daring and ingenious assault on dams in the Ruhr and Eder valleys. The Dambusters scored critical hits against key Axis infrastructure, but also delivered a propaganda coup at home and abroad. Fast-forward to today: assaults on Critical National Infrastructure (CNI), by all manner of players and states – are more widespread than ever. Until recently, Governments largely kept these stories under wraps, but the reverberations of recent attacks make them too loud to ignore.

Attacks on CNI will likely become ever more common as states, and malign actors, increasingly deploy hybrid warfare tactics rather than traditional kinetic action to achieve their aims. Whilst Russia is a leading perpetrator of these attacks, it is by no means alone: China, North Korea and a number of other nations are assessed to have launched assaults targeting CNI, often subcontracting to malign groups in order to secure a degree of deniability. The question of where the agency of individuals ends, and the inciting of actions by state or non-state actors begins, occupies more and more of our security services’ time, and further stacks the deck in the favour of those forces prepared to play dirty.

Not all assaults on infrastructure are the same: whereas some may aim to cripple a particular facility, others have more nuanced objectives. However, state-sponsored attacks largely fall into five categories:

Critical Reconnaissance

The first and often most common goal is to discreetly understand and test the capabilities and vulnerabilities of British CNI. Russia currently does not distinguish between being at war or at peace, being in a constant state of readiness and preparation for any potential threat or offensive action. As a very public example, Russia too regularly flies its Bear fighter jets along our North Sea coast, skirting our airspace in order to assess the effectiveness of our monitoring and our responses: do we spot them? Do we deploy our Typhoons in response? Where from? And how quickly? It is interesting to contrast this behaviour to that experienced by another state closer to Russia: Finland, where Russia provocatively enters their airspace to send quite a different message.

Power Warnings

The second goal is as a warning: to leave the country whose CNI they are probing or attacking in no doubt that they are willing and able to do more. That they are more than capable of infecting, disabling or destroying CNI. This can be particularly effective when the aggressor perceives a nation state to be too slow in choosing to support a military, diplomatic, or economic policy the aggressor is pursuing. Whilst distinctly different, one can draw parallels to the poisoning of Alexander Litvinenko and Sergei and Yulia Skripal, where the weapon chosen was one that left a clear calling card. It acted as a warning to others: do not defect, do not dissent – no matter how far you run, we can get you. Litvinenko’s death was a brazen warning: even in a foreign, friendly land – state sponsored murder is in our playbook

Upper Hand

The third goal enables the aggressor state to better achieve dominance and success in achieving its strategic aims. This sees states attack CNI in order to steal intelligence or intellectual property to gain the upper hand in trade, defence or other negotiations and capabilities. This can include sitting inside CNI communications structures, pulling off streams of data and emails, in order to gain information that can be used against employees, bureaucrats and politicians.

Publicly Undermined

The fourth goal is to undermine the public’s confidence in the Government being attacked. Disabling or disrupting CNI operations can be extremely public, for example outing power systems, forcing a Government to incur the cost of emergency responses and the distraction from regular governance. Depending on the target and scale of the attack, it can weaken a Government’s position on the world stage, and without question undermine the confidence of its people in the Government’s ability to keep them safe. For this reason an attacker may seek to make the successful attack public, should a Government decide not to. The ensuing distraction and crisis of confidence could also provide an ideal opportunity to launch further assaults to achieve another goal.


The final goal is an attack against a nation in order to cripple its Critical National Infrastructure. This enables the aggressor or malign entity to achieve a specific outcome, or as part of all-out warfare against the state. There is no question that attacking Britain’s underwater communication cables, energy or water supplies, or economic infrastructure could be a highly effective tactic as part of all-out warfare.


Domestically, UK Government efforts to build resilience within CNI are substantial. But no system or effort is ever completely immune to malign interference. The main vulnerabilities remain you and me: employees, trusted individuals – particularly at companies that are internet-facing. A great deal of assaults committed target our Government, nuclear, water, energy, aviation and defence infrastructure. They are achieved by sending spear-phishing emails to employees or altering websites for waterhole attacks.

A great deal of CNI sits in private hands, and attacks are more likely to be successful when targeting CNI supply chains, particularly those based abroad or held by small companies with less developed or entrenched cybersecurity policies. With the increasing reliance on the internet and interconnectedness of systems, it’s vital that businesses train their employees to identify dubious emails, invest in first-class cybersecurity systems, and incorporate air-bridges and breaks between CNI and the internet. The Government and private sector will each continue to identify methods of attack and new defensive mechanisms to stop them. In this way we can reduce our national vulnerabilities.

Since the end of the Cold War, hybrid warfare – the sustained and persistent strategic deployment of all potential instruments of influence: economic, informational, military, cultural, cyber, diplomatic, criminal and civil society – at all levels – to achieve a specific world order or strategic intent – is more pervasive than ever before.

No space is off limits and it is deployed concurrently in peace and war time. State and non-state actors now pursue a wide breadth of hybrid strategies, including interference in foreign elections, the creation of troll farms, fake NGOs, think tanks and quangos, astroturfing, hacking, aggressive economic expansion into foreign nations’ key infrastructure and attacks on CNI. Whilst these examples are known in the public sphere, the most effective hybrid warfare tactics, unsurprisingly, exist beyond the public or even Government consciousness.

The threat is out there, and is continuously evolving. Our Government does much to keep us safe, without us ever knowing; we in turn must remain vigilant and sceptical – you never know where the next threat will come from.

Alicia Kearns is an Independent Counter-Disinformation, Counter-Extremism and Hybrid Warfare Consultant