PARIS: As France’s postal system ground to a halt during the holiday rush, investigators traced the disruption to a familiar corner of Europe’s shadow war—one where cyberattacks, sabotage, and disinformation have become routine tools of geopolitical pressure.
A Cyber Disruption at a Critical Moment
In the final days before Christmas, France’s national postal service, La Poste, experienced a sudden and sweeping digital failure. Core computer systems stopped responding after being inundated with traffic, leaving postal workers unable to track parcels and customers unable to complete online payments through the company’s bank, La Banque Postale.
The timing amplified the impact. With more than 200,000 employees and volumes peaking during the holiday season, even a brief outage reverberated across logistics networks and households alike. Officials said the problems persisted for days after the initial breach was detected.
Soon after, a pro-Russian hacking collective known as NoName057(16) claimed responsibility, adding the incident to a growing list of cyber disruptions targeting European institutions that support Ukraine.
A Pattern of Attacks Across Europe
French officials view the postal-service attack not as an isolated incident but as part of a broader campaign. Since Russia’s invasion of Ukraine in February 2022, Western governments have accused Moscow of orchestrating or encouraging a range of hostile acts across Europe—arson at warehouses, damage to railways, and digital intrusions into government and commercial systems.
According to French authorities, the same hacking group has previously targeted government websites, including those of the Justice Ministry and multiple municipal offices. Beyond France, attacks attributed to the group have struck media organizations, public agencies, and businesses in Ukraine, Poland, Sweden, and Germany.
European intelligence officials say such operations are designed less to cause permanent damage than to create friction: disrupting daily life, eroding confidence in public institutions, and testing the resilience of states aligned with Kyiv.
Investigations and the Question of Attribution
The postal-service breach came just days after France disclosed a separate cyberattack on the Interior Ministry, which oversees national security. In that incident, a suspected hacker accessed police records and sensitive documents, according to Interior Minister Laurent Nuñez, speaking to French media.
France’s domestic intelligence service, DGSI, has taken charge of the investigation into the postal attack following the hackers’ public claim. Prosecutors have stopped short of formally attributing responsibility to a foreign state, though officials acknowledge that patterns of interference “very often come from the same country,” a remark widely understood as a reference to Russia.
In a related case underscoring official concern, prosecutors recently confirmed that France’s intelligence services are examining a planned cyber operation involving software that could have allowed remote control of a large passenger ferry. A Latvian crew member is being held on suspicion of working for a foreign power, though authorities have not publicly identified the country involved.
Policing the Digital Front Line
European law enforcement has attempted to disrupt these networks before. In July, police from 12 countries coordinated Operation Eastwood, shutting down more than 100 servers worldwide, arresting suspects in France and Spain, and issuing warrants for others, including several Russian nationals.
The effort had only temporary effect. Within days, officials say, the group resumed operations, highlighting the difficulty of dismantling loosely organized cyber collectives that operate across borders and jurisdictions.
