Table of Contents
In September 2024, Norway’s telecommunications authority Nkom made an extraordinary announcement: they would stop tracking GPS jamming incidents in Finnmark.
Not because the jamming stopped. Because it became so constant that tracking it was pointless.
Welcome to the new normal.
The Numbers Are Staggering#
GPS jamming in Finnmark (Nkom):
| Year | Days with GPS jamming |
|---|---|
| 2021 | 18 days |
| 2022 | 122 days |
| 2023 | 294 days |
| 2024 | Almost every day |
From 18 days to 294 days in two years. That’s not an anomaly - that’s electronic warfare.
Nkom has confirmed through helicopter measurements that the interference originates from Russian territory, where Russia’s Northern Fleet operates electronic warfare units near Severomorsk and in the Pechenga region bordering Norway and Finland.
Real Consequences for Real People#
This isn’t abstract. The jamming affects:
- Widerøe flights forced to abort landings (most recently in Vardø, September 2025)
- SAS and Norwegian flights disrupted
- Air ambulances unable to operate normally
- Police search and rescue operations hampered
- Ambulances, fire trucks, civil defense - all affected
“We are extremely concerned about such GPS jamming. Unfortunately, it is nothing new here in Eastern Finnmark,” said Catharina Solli from Widerøe in September 2025.
Police Inspector Trond Eirik Nilsen explained the stakes: “We are dependent on good GPS signals to quickly locate areas with missing persons in extreme weather.”
Affected airports include Kirkenes (55 km from the Russian border), Vardø, Vadsø, Båtsfjord, Berlevåg, Mehamn, Lakselv, and Alta.
40 Sabotage Operations in One Year#
GPS jamming is just one front. According to E-tjenesten’s FOKUS 2025 report, there were 40 confirmed or planned Russian sabotage operations across Europe in 2024.
Intelligence Chief Nils Andreas Stensønes was blunt: “Since we presented this last year, the world has become more dangerous.”
And: “Russia considers itself in direct conflict with the West. This will persist regardless of the outcome of the war in Ukraine.”
A Norwegian Dam - Hacked#
In April 2025, the hybrid war reached Norwegian critical infrastructure directly.
The Risevatnet dam in Bremanger was hacked by pro-Russian actors:
- Attackers took control of the dam system
- Opened the water valve to 100% capacity
- Released approximately 7.2 million liters over 4 hours
- The breach wasn’t detected for 4 hours
The cause? A weak password on an internet-exposed control panel. No multi-factor authentication.
PST Chief Beate Gangås confirmed in August 2025: “Over the past year, we have seen a change in the activity of pro-Russian cyber actors. In April, a dam in Western Norway became the target of such an operation.”
She explained the purpose: “They don’t necessarily want to spread destruction, but to show what they are capable of. The purpose of this type of action is to contribute to influence and create fear or unease among the country’s population.”
This was the first confirmed Russian sabotage against European dam infrastructure.
Norwegian Cables Under Attack#
Before the Baltic incidents, Norway had its own cable attacks.
In January 2022, the Svalbard fiber cable was damaged - one of two cables connecting the world’s largest polar satellite ground station to the mainland.
NRK’s investigation revealed the Russian trawler Melkart-5 had crossed the cable area more than 140 times. In just the first nine days of January: 107 crossings.
When the ship docked in Båtsfjord, police questioned the captain. Despite investigators finding “deep tracks on the seabed that might originate from a trawler door,” the case was closed.
A joint Nordic investigation by NRK, DR, SVT and Yle - presented in the Brennpunkt documentary “Skyggekrigen” (The Shadow War) - tracked hundreds of Russian vessels from 2013 to present:
- At least 50 ships over 10 years had opportunity to gather intelligence
- Russian vessels were present when cables were damaged off both Vesterålen and Svalbard
- Tracks found near small airports, deep-water quays, and critical bridges
- Ships regularly turned off location transponders
Norway’s Intelligence Chief told NRK: “The intelligence activity is conducted on top of the normal commercial activity.”
In May 2025, EU sanctioned the company owning Melkart-5 - but as NRK reported, the same vessels still dock in Norwegian ports.
The Baltic Sea Cable Attacks#
The pattern extends across the region. The Baltic Sea has seen a wave of infrastructure attacks:
| Date | Target | Suspected Vessel |
|---|---|---|
| Oct 2023 | Balticconnector gas pipeline + telecom cables | NewNew Polar Bear (Chinese) |
| Nov 2024 | BCS East-West Interlink + C-Lion1 cables | Yi Peng 3 (Chinese) |
| Dec 2024 | Estlink 2 + 4 telecom cables | Eagle S (Russian shadow fleet) |
| Feb 2025 | Germany-Finland data cable | Unknown |
The Eagle S dragged its anchor approximately 100 km along the seabed. Estlink 2 was out of service for over 7 months.
Since 2022, approximately 10 undersea cables have been cut in the Baltic Sea - 7 of them between November 2024 and January 2025.
In January 2025, Norway seized the ship Silver Dania with an all-Russian crew, suspected of involvement in Baltic cable damage.
What Norwegian Security Services Are Saying#
The February 2025 threat assessments from Norway’s three security services were unprecedented in their clarity:
PST Chief Beate Gangås:
“Overall, the threats from state actors against Norway are more unpredictable, more extensive, and more demanding than in many decades.”
“We expect 2025 to be characterized by compound threats. This includes sabotage, influence operations, and illegal intelligence gathering.”
Intelligence Chief Nils Andreas Stensønes:
“Russia recruits criminals who do this for payment for Russian intelligence.”
NSM Director Arne Christian Haugstøyl:
“Many Norwegian businesses are naive in the sense that they don’t take the changes we’ve seen in recent years seriously enough.”
“It’s no longer about whether it happens, but when it happens.”
“A state actor that wants to carry out a sabotage action will succeed.”
That last quote deserves to sink in: “A state actor that wants to carry out a sabotage action will succeed.”
The Digital Dimension#
Now here’s what should concern every Norwegian: if physical infrastructure like dams, cables, and GPS systems can be attacked, what about digital infrastructure?
Consider what the Risevatnet hack revealed:
- Weak passwords on critical systems
- No multi-factor authentication
- Internet-exposed control panels
- Detection failure for hours
NSM’s Risiko 2025 report warns about:
- Web-exposed control panels with weak passwords
- Lack of multi-factor authentication
- Insufficient segmentation of OT networks
- Inadequate monitoring of ICS/SCADA systems
And this is infrastructure Norway controls. What about the infrastructure we’ve outsourced?
The Uncomfortable Parallel#
Physical infrastructure under attack:
- GPS signals jammed daily from Russian territory
- Undersea cables cut by shadow fleet vessels
- Dams hacked through exposed systems
- PST: Sabotage is “probable” in 2025
Digital infrastructure we’ve outsourced:
- 63% of Norwegian cloud market controlled by Microsoft
- 81% controlled by American companies
- 96% of state agencies using cloud services
- All subject to the US CLOUD Act
We’re hardening our physical defenses while simultaneously increasing our digital dependency on foreign actors.
The Question We’re Not Asking#
When Russia jams GPS in Finnmark, we track it, report it, and work on alternatives.
When pro-Russian hackers breach a Norwegian dam, we investigate and learn lessons.
When cables are cut in the Baltic, NATO responds with “Baltic Sentry” and increased surveillance.
But when it comes to our digital infrastructure - the systems that run our hospitals, our government, our businesses - we keep moving more data and more services to American cloud providers.
Shouldn’t the same vigilance apply to our digital infrastructure?
What NSM Recommends#
NSM’s recommendations for businesses apply equally to digital sovereignty:
- Map your own values and dependencies - assess consequences of loss
- Establish backup solutions - for critical functions
- Build repair readiness - spare parts, personnel, alternative providers
- Update contingency plans - account for today’s threat picture
- Practice for loss - of power, transport, internet, water, cloud services
- Strengthen detection measures - increase vigilance
- Monitor digital systems - reduce digital vulnerabilities
NSM’s key message: “Understand the risk. Reduce vulnerabilities. Build backup solutions.”
This applies to Microsoft 365 just as much as it applies to physical infrastructure.
The Timeline Should Alarm You#
| Date | Event |
|---|---|
| 2017 | First GPS jamming during Zapad exercise |
| 2022 | 122 days of jamming + Russia invades Ukraine |
| 2023 | 294 days of jamming |
| 2023 | Iranian cyber attack on Norway |
| 2024 | 40 sabotage operations in Europe |
| 2024 | Baltic cables cut repeatedly |
| 2025 | Risevatnet dam hacked |
| 2025 | PST: Sabotage is “probable” |
| 2025 | GPS jamming so constant Nkom stops tracking |
The trend is clear. The threat is escalating. And we’re responding to physical threats while ignoring digital ones.
Your Move#
NSM Director Haugstøyl warned: “We cannot expect more warnings before a potential sabotage action.”
The warnings have been given. The Risevatnet dam was hacked. The GPS is jammed daily. The cables are being cut.
The hybrid war is here. What are you going to do about it?
If You Lead an Organization#
- Map your digital dependencies - Which foreign providers could cut you off tomorrow?
- Demand exit strategies - Can you export your data? How long would migration take?
- Test your backups - When did you last verify recovery actually works?
- Include digital scenarios in crisis planning - What if Microsoft, Google, or AWS became unavailable?
- Read NSM Risiko 2025 - The official recommendations apply to your digital infrastructure too
If You Work in IT or Development#
- Advocate for European alternatives - Nextcloud, Collabora, Open-Xchange exist and work
- Build with open standards - Data in open formats can be moved; proprietary formats create lock-in
- Document dependencies - Your organization needs to know what breaks if a provider disappears
- Implement proper security basics - The Risevatnet dam was hacked through a weak password. Don’t be next
- Consider sovereignty in architecture decisions - Where does the data live? Who can access it?
If You Use Digital Services#
- Take control of your digital life - Personal steps you can take today
- Ask your employer questions - Where is company data stored? What’s the backup plan?
- Support Norwegian and European alternatives - Your choices shape the market
- Stay informed - Follow NSM, PST, and E-tjenesten for threat updates
- Understand what’s at stake - The trust equation has changed
The hybrid war doesn’t announce itself. It arrives as a jammed GPS signal, a hacked dam, a cut cable - or a cloud service that suddenly becomes unavailable.
“It’s no longer about whether it happens, but when it happens.”
Don’t wait for the digital equivalent of a cut cable to discover you needed a backup.
Sources#
Norwegian Security Assessments (February 2025):
- E-tjenesten FOKUS 2025 - Norwegian Intelligence Service annual assessment
- PST Nasjonal trusselvurdering 2025 - Police Security Service threat assessment
- NSM Risiko 2025 - National Security Authority risk assessment
- Regjeringen: Threat assessments presented
GPS Jamming:
- Nkom - Norwegian Communications Authority statistics
- The Barents Observer - GPS jamming coverage
- High North News - Aviation impact reporting
Related Articles: