Latvia’s security agency has warned that Russia’s cyberattacks and sabotage campaigns against the country show no sign of slowing, even though most incidents so far have failed to cause serious disruption.
In its annual report released this week, Latvia’s national security service, SAB, said 2025 marked an all-time high in registered cyber threats targeting the country, with activity surging significantly past levels seen before Russia’s invasion of Ukraine in 2022.
Most of the incidents were linked to cybercrime and digital fraud and rarely posed a direct threat to critical infrastructure or national security, the report said. The most serious cases included intrusion attempts, malware distribution, equipment compromise and distributed denial-of-service (DDoS) attacks.
Russia remains the primary source of cyber risk to Latvia, according to SAB, driven both by Moscow’s broader strategic objectives and by Latvia’s political, military and material support for Ukraine.
The report also warned of growing risks to operational technology systems used to manage energy, water and transport infrastructure, noting that such systems often lack sufficient cybersecurity protections.
Russian-linked hacktivist groups have demonstrated both the willingness and capability to target industrial control systems in Latvia and other Western countries, SAB said, typically aiming to cause short-term disruption, intimidate the population and punish countries for backing Ukraine.
Russian DDoS attacks against Latvian government institutions, municipalities and critical infrastructure often coincide with politically sensitive dates or decisions. In late July, for example, Latvian authorities said they recorded a large DDoS attack following the announcement that a Latvian company had won an international drone procurement contract. Most such attacks had little or no impact on service availability.
Looking ahead, the security service said the threat from Russia would remain high regardless of the outcome of the war in Ukraine, warning that Moscow was prepared to continue hostile activities into 2026 and beyond.
SAB also cautioned that Russia’s perception of Latvia is increasingly beginning to resemble how Moscow viewed Ukraine before the war — a shift that, while not pointing to an immediate military threat, could translate into more aggressive decisions over time, according to the report.
The warning echoes broader concerns across Europe. In October, Ursula von der Leyen, president of the European Commission, said Russia was waging a “hybrid war” against Europe through cyberattacks, sabotage and provocation.
“This is hybrid warfare, and we have to take it very seriously,” she said.
Recorded Future
Intelligence Cloud.
No previous article
No new articles
Daryna Antoniuk
is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.
