The geopolitical cyber situation has become much more acute in the second quarter compared to the report for the first quarter of 2026. Iran, Salt Typhoon, destructive OT attacks and autonomous AI systems make it clear that Europe's cyber risk is not only due to new attacks, but also to dependencies, exposures and detection gaps that are becoming increasingly difficult to see. An analysis of the most important shifts shows where and to what extent the situation has changed since Q1/26.
The overview shows the changes at a glance. We then classify the five developments and derive specific takeaways for cyber defense.
|
Topic |
Q1/2026 status |
Q2/2026 update |
Threat level |
|
Iran |
|
|
🔴 Critical - escalating |
|
China |
|
|
🟠High - geographically expanding |
|
Russia |
|
|
🟠High - destructive escalation |
|
AI attacks |
|
|
🔴 Critical - qualitatively new threat level |
|
USA (alliance context) |
|
|
⚪ Not hostile - but own interests |
Table 1: Changes in the areas of escalation compared to Q1/26
After 47 days of digital isolation, Iran has been gradually reconnected since April 17, 2026 - allowing even highly specialized APT units to act in a more coordinated manner. In the Q1 report, we described February 28, 2026 as a turning point: Operation Epic Fury immediately triggered a multi-stage Iranian cyber retaliation wave, coordinated by the newly established Electronic Operations Room with over 60 active groups. This temporarily defused the situation technically: Israel and the US simultaneously carried out the largest cyber operation against Iran ever documented. This reduced Iran's internet connectivity to 1-4%. Even actors from highly specialized APT units were thus de facto cut off from the rest of the world.
That has changed. What was still visible as chaotic, decentralized hacktivism in Q1 now threatens to turn into coordinated cyber operations. Iran's reconnection is therefore not an all-clear signal. Rather, it marks the beginning of a more dangerous phase.
Iranian-affiliated groups are shifting their focus from Unitronics PLCs to Rockwell Automation FactoryTalk - and thus to a larger attack surface in industry, energy supply and water infrastructure. At the end of March 2026, Unit 42 identified a new attack cluster (CL-STA-1128 / CyberAv3ngers) that makes this target shift visible. Previously, the groups had primarily attacked Unitronics PLCs - Israeli brands that are used to a comparatively limited extent. Now the focus is shifting to Rockwell Automation FactoryTalk, an OT platform that is much more widely used.
This is relevant from a European perspective: This is because Rockwell systems are used across the board in industrial automation worldwide - in production plants, energy supply and water infrastructure, including in the DACH region. The attackers are therefore choosing an attack surface that is larger and potentially less hardened than the previously focused Unitronics systems.
This is not an abstract warning for companies with Rockwell environments. CyberAv3ngers have proven that they not only compromise OT systems, but also actively manipulate them. In previous campaigns, configurations were changed and processes disrupted without the need for wipers or ransomware.
Parallel to CyberAv3ngers, a newly identified Iranian actor has emerged that is technically very different from the previous groups: RedKitten. The group uses an attack methodology that is explicitly designed to remain under the radar of normal security tools.
The core mechanics: The attackers use crafted documents to execute the SloppyMIO backdoor. This uses steganography to read configuration data from image files on legitimate code repositories. Payloads are uploaded via cloud storage. All communication runs exclusively via messaging platform APIs - a so-called dead-drop resolver architecture that hides malicious traffic in ordinary cloud noise.
The result: traditional signature-based detection and network-based anomaly detection do not work because the traffic looks like normal SaaS usage behavior. After public exposure at the end of 2025, RedKitten quickly replaced its infrastructure and expanded targeting to over 20 countries - including Western Europe.
A pattern of the current conflict that is particularly relevant for Europe: pro-Iranian and pro-Russian hacktivist groups are coordinating their cyber operations opportunistically. SOCRadar recorded 1,357 documented incidents in over 25 countries and 15 sectors for the first month of the war (February 28 to March 31, 2026). Cyprus became the second largest European target with 68 incidents - not by chance, but because it is home to US military infrastructure and is geographically exposed. Romania follows with 58 incidents.
NoName057(16) uses the Iran operations for so-called double-benefit hits: the same DDoS wave simultaneously hits Iranian adversaries and NATO members in the context of the Ukraine war. For affected European organizations, the attribution is often unclear - and that is intentional.
Assessment Q2/2026
We are now in the phase that analysts have been warning about since February 2026: coordinated APT operations, not diversionary maneuvers. Organizations in the energy, industrial, telecom and public administration sectors should reassess their exposure to Rockwell systems, VPN gateways and exposed OT environments. Iran's reconnection is not an all-clear signal - it marks the end of the warm-up phase.
In our Q1 report, we described China's strategy as pre-positioning for a possible Taiwan conflict: quietly compromising critical infrastructure for years without raising the alarm. Q2/2026 brings European confirmation of what many already suspected.
In February 2026, Norway published its annual threat report. In it, PST Director Beate Gangås explicitly confirmed that Salt Typhoon had compromised network devices in Norwegian organizations - the first official Scandinavian confirmation that the campaign, long perceived as a US problem, had reached Northern Europe.
The PST's wording was remarkably direct: Norway is facing its most serious security situation since the Second World War. Norway's security authorities describe China, Russia and Iran not as abstract threats, but as secret services actively operating on Norwegian soil.
The US Office of the Director of National Intelligence reclassifies Chinese cyber operations in the Annual Threat Assessment 2026: Volt Typhoon and Salt Typhoon are no longer considered primarily espionage campaigns, but pre-positioning in critical infrastructure - with the aim of preparing sabotage for potential conflicts.
This reassessment is relevant for Europe because it clarifies the direction of travel: China is not building intelligence capabilities, it is building switches. Switches that can be activated in a geopolitical crisis - Taiwan, trade war, military escalation. The European infrastructure is not a target, but a lever: if you can destabilize Europe, you weaken Western support for Taiwan.
Salt Typhoon and Volt Typhoon share a methodology that makes them almost invisible to traditional security architectures: living-off-the-land. No malware, just native system tools. No command-and-control servers with conspicuous domains, only compromised SOHO routers as relay infrastructure. In several documented cases, the groups remained undetected for up to five years.
For organizations in Scandinavia, the Netherlands, Germany and Austria, this means that the question is no longer just whether Chinese actors are already present in European networks, but whether this presence is known. Based on the available data, the probability of this is considerable.
Assessment Q2/2026
The Norwegian confirmation is not an isolated case. It is the first publicly confirmed tip of a European iceberg. Telecommunications, energy and defense companies in Europe should assume that network devices at the perimeter - firewalls, VPN concentrators, switches - are primary attack surfaces. These devices are systematically under-monitored and typically lack EDR coverage.
Russia's cyber strategy against Europe is not a reaction to current events. It is a permanent campaign of attrition with a clearly defined goal: to cause maximum damage without exceeding NATO's Article 5 threshold and triggering a collective military response. Q2/2026 makes this calculation visible in a specific case.
In December 2025 - a month with a below-average total number of security incidents - Poland was the target of one of the most serious cyber operations against EU infrastructure. Russian-affiliated attackers compromised control systems in the energy sector. Critical control systems were disrupted and industrial equipment was permanently damaged - physically, not "just" digitally. Repair instead of recovery.
But the important thing is what didn't happen: no widespread blackout, no fatalities, no reason for an Article 5 consultation. The event remains just below the escalation threshold, but costs Polish energy suppliers millions, destabilizes trust in critical systems and sends an unmistakable message to NATO members who support Ukraine.
In a report from April 2026, the Atlantic Council documents over 150 sabotage, cyber and influence incidents in Europe since 2022 - with increasing frequency and increasing destructiveness. The pattern is consistent: test, escalate, freeze, repeat.
As US cyber deterrence wanes, the pressure increases for Europe to think more strategically about its own cyber capabilities. In a report from March 2026, CEPA establishes a correlation: where intelligence sharing is restricted, coordinated responses are lacking and operations take place without NATO advance information, the costs of Russian hybrid attacks fall.
The logic is simple: when costs fall, activity increases. From the point of view of European security architects, this is a turning point. Europe can no longer assume that US cyber capabilities will act as an extended deterrent. This is not a catastrophe - it is a strategic reality that brings Europe's own capabilities to the fore.
Assessment Q2/2026
Russia's below-threshold model is not a transitional phase. It is the new normal. Energy suppliers, infrastructure operators and government agencies must expect OT systems to no longer be seen as just targets for espionage. They are increasingly seen as targets for physical sabotage. The December attack on Poland is a proof of concept, not an isolated case.
A modern airliner can fly completely autonomously today. Autopilot, automatic landing, collision warning - technically speaking, no human pilot would be necessary. Nevertheless, there is at least one trained person in the cockpit of every commercial aircraft. The reason is simple: with 300 passengers on board, the consequences of an error are catastrophic and irreversible. The system can carry out 9,999 flights perfectly, but a human must be able to intervene for the 10,000th flight.
Cyber defense works on exactly the same principle: an undetected attack, an unblocked payload or a false negative on a productive system can be enough. The defense must always win. This is why human-in-the-loop is essential: experienced analysts who classify context, evaluate anomalies and take responsibility for decisions.
The exact opposite applies to the attacker. If an autonomous attack fails, it costs nothing. No human hours, no operator to bear the consequences. Simply launch the next one - faster, cheaper, with adapted methodology. The asymmetry is fundamental: the defense always has to win, an attack only has to win once. AI makes the attack infinitely scalable and repeatable: What fails is adapted and restarted. For the defense, the margin for error remains small. It must automate, but retain human judgment in the assessment loop.
AI in cyberattacks is not new. For years, AI has been used for spear phishing personalization, automated vulnerability scans and malware variants. What has changed in Q2/2026 is the quality: from AI as a tool to AI as an autonomous actor.
Armis' Head of Threat Intelligence, Michael Freeman, has put it in concrete terms: By mid-2026, at least one global company will be compromised by a fully autonomous agentic AI system - with reinforcement learning and multi-agent coordination for the complete attack lifecycle without human oversight. Reconnaissance, exploitation, lateral movement, data exfiltration - all automated, all without human intervention. The WEF Global Cybersecurity Outlook 2026 shows: 87% of security managers surveyed worldwide name AI vulnerabilities as the fastest growing threat.
Nation-state actors are not laggards here, but drivers: reports from the threat intelligence community show that state-controlled groups are already automating 90% of their intrusion campaigns. According to the Anthropic report (November 2025), Chinese actors have deployed fully automated attack chains against technology companies and government agencies. Iran is proven to be working on AI-powered spear phishing systems.
The pattern is also evident in the criminal ransomware scene. Q1/2026 brought a reconsolidation of the market: Qilin, LockBit and The Gentlemen are expanding. Qilin introduced in-house legal services to increase pressure on victims. The Global Group launched AI chatbots for negotiations - autonomous systems that adjust ransom demands, set deadlines and communicate without human intervention.
The Sicarii Group goes even further: its ransomware deletes its own decryption keys after encryption - a weapon aimed not at blackmail, but at permanent destruction. Payment is pointless. Recovery is impossible. This is the transition from ransomware as a business model to ransomware as a weapon of sabotage.
AI asymmetry poses a structural problem for security architectures: the more automation on the attacker side, the greater the pressure to also automate on the defender side - but the fault tolerance remains asymmetrical. Automated defense systems can produce false positives that disrupt operations or false negatives that let attacks through. Every wrong decision in the defense has consequences. For attackers, on the other hand, a failed attempt only means training material for the next attack.
This leads to a consequence that seems counterintuitive, but is operationally correct: the more autonomous attacks become, the more important the human threat hunter becomes. Not as a reaction to alarms, but as a proactive hunter in environments in which automated systems are systematically bypassed.
Assessment Q2/2026
Autonomous AI attacks are no longer a future scenario. They are operational. The defense must accept this asymmetry: Automation on the defender side is necessary, but not sufficient. The co-pilot model still applies - technical systems fly the aircraft, but an experienced human must be able to intervene if necessary.
Translated into the world of cybersecurity, this co-pilot model is called threat hunting. This refers to a In-depth analysis of exposure risks by experienced incident responders, which makes visible what automated systems often overlook - traces, anomalies and attack patterns that only become apparent in the context of the current threat situation.
Preliminary remark on the tone of this chapter: What follows is not a criticism of the USA as a country or an ally. It is the sober application of a basic rule of international politics that has applied since the Peace of Westphalia in 1648: every state acts primarily in its own interests. This is neither surprising nor reprehensible - it is the reality of every sovereign actor, including the European states themselves. The only question is whether Europe accepts this as a given and acts accordingly.
In January 2026, the largest transformation of US Cyber Command to date was presented to the US Senate Armed Services Committee: CYBERCOM 2.0. The responsible Assistant Secretary of War for Cyber Policy described it as "the most significant transformation of USCYBERCOM since its inception over 15 years ago" - a fundamental realignment that establishes offensive persistent presence in adversary networks as a routine tool.
In March 2026, Trump's new National Cyber Strategy followed: explicitly more aggressive than all its predecessors, with the aim of countering threats "before" they reach American networks. The concept of "persistent engagement" - continuous offensive operations in enemy infrastructure - becomes official doctrine.
What does this mean for Europe? Two dimensions: Firstly, a more powerful US cyber capacity strengthens the collective deterrent against Russia, China and Iran - from which Europe benefits indirectly. Secondly, the USA is normalizing offensive cyber operations as a legitimate state instrument on a new level. Europe will have to ask itself how it deals with this precedent - and whether the same doctrine that appears justifiable against Moscow also influences trust in US technology infrastructure.
Perhaps the most concrete risk to European cyber security does not come from an attack, but from a law. The US CLOUD Act (Clarifying Lawful Overseas Use of Data Act) allows US authorities to demand access to data from US companies - regardless of where this data is physically stored.
In June 2025, Microsoft France was asked directly in a hearing before the French Senate: Can you guarantee that European customer data will never be requested by US authorities? The answer was clear and under oath: No. This guarantee cannot be given. Not because Microsoft doesn't want to, but because Microsoft is a US company and US law applies to US companies everywhere in the world.
This doesn't just apply to Microsoft. AWS cannot give the same guarantee. Neither can Google. Every US hyperscaler, every US-based security solution, every US EDR - they are all subject to the same legal framework. A European data center changes the geography of the data, but not the jurisdiction over the company.
This has concrete implications for the cybersecurity architecture of European organizations: Anyone using US-based security tools - and that is the vast majority - potentially has a third actor in the network. Not necessarily maliciously, but outside of European control and European law. At a time when US and European interests in trade, geopolitics and defense are increasingly diverging, this is a strategic variable that needs to be taken into account.
Three publicly documented incidents from the last 15 months illustrate the pattern:
Signal Leak (March 2025): US Secretary of Defense Pete Hegseth discussed military plans via an unclassified commercial app and inadvertently shared it with a journalist. Internally, he referred to Europe as "freeloaders". European allies learned of the military actions from the press instead of through secure channels.
Greenland (August 2025): Danish broadcaster DR reported, based on intelligence sources, that at least three individuals close to Trump were conducting covert influence operations on Danish territory (Greenland). Denmark's foreign minister summoned the US ambassador. Denmark's Prime Minister publicly stated: "You cannot spy against an ally."
Operation "Epic Fury" (February 2026): The US and Israel launched a military operation against Iran that led to the killing of the Supreme Leader and destabilized the entire Gulf region - without prior information to NATO allies. The Atlantic Council writes explicitly: "Trump apparently caught NATO, Gulf, and Asian allies off guard, reportedly providing no advance warning." This is not a communication breakdown. This is a strategic decision.
These three incidents are not outliers. They are the pattern of an administration that consistently implements "America First" - rational from a US perspective, challenging from a European perspective. What they have in common: Europe was not an equally important strategic variable in the US calculation in any of these cases.
The answer to this analysis is neither the construction of an enemy image nor a naïve loss of trust; it is strategic maturity. Europe should benefit from the US alliance where it offers advantages - and at the same time stop equating US interests with European interests.
In concrete terms, this means for cyber security: European digital sovereignty is not an anti-American policy. It is the logical consequence of the realization that dependence on foreign infrastructure, whether Chinese, Russian or American, represents a security risk. The EU has taken the first steps in this direction with the Cloud Sovereignty Framework (October 2025), the Cyber Resilience Act and EuroStack. It is not enough - but it is the right direction.
Assessment Q2/2026
Every state acts in its own interest. That is not a criticism. It is the basic rule according to which every security strategy should be built. For European organizations, this practically means: use US technology where it is the best solution - but with the knowledge of the legal framework (CLOUD Act, FISA) and with architectural decisions that keep critical data and system access under European control.
The core finding from our Q1 report has become much more pronounced: 57% of all compromises are not detected by internal security systems, but by external indications. The median time an attacker spends in European networks is 22 days (EMEA median, Mandiant M-Trends 2025).
In Q2/2026, the detection issue in particular will intensify: LOTL (living-off-the-land) attacks were already invisible to signature-based systems. Autonomous AI attacks with no fixed timing, no human behavior pattern and no static infrastructure also pose new challenges for behavior-based anomaly detection. RedKitten's dead-drop resolver architecture, which communicates entirely via legitimate cloud APIs, shows where things are heading: attack traffic that is indistinguishable from normal SaaS traffic.
In addition to the detection gap, risk exposure is coming to the fore: exposed systems, overlooked dependencies, incorrectly prioritized vulnerabilities and insufficiently monitored access points create conditions in which attacks can be more easily prepared and concealed.
It is precisely this pattern that is confirmed in incident response practice: state attackers rarely attract attention through alarms, but through external clues, accidental discoveries or older access paths that only become visible in another incident.
Proactive threat hunting by experienced incident responders is not an optional addition to the existing security architecture in the current threat situation - Iran Phase 2, China in Northern Europe, Russia destructively in Poland, autonomous AI attacks operationally. It starts exactly where automated systems reach their limits: with traces, hypotheses and attack patterns for which there is no alarm yet.
The difference to automated systems lies in the approach: Threat Hunters do not start with an alarm. They start with a hypothesis - based on current threat intelligence, the organization's profile and knowledge of how state attackers operate in comparable environments. They don't look for known patterns. They look for what should be visible if the current threat situation has already arrived in their own environment.
CISA's own threat hunting team has shown what this means: it found Volt Typhoon in US infrastructure - in environments where all other automated systems had failed. Not because the team had better tools. But because experienced incident responders know where to look.
For organizations that do not yet engage in regular threat hunting, a compromise assessment can be a useful way of determining the current situation: a forensic check to see whether there are already indications of a compromise - methodically, with up-to-date knowledge of the tactics of the relevant threat actors.
However, this is only sufficient as a snapshot. Anyone who takes the current threat situation seriously considers compromise and exposure together: Are there signs of current or previous attacks? And which attack surfaces increase the risk that the next incident will result?
Given the situation in Q2/2026 - Iran phase 2 online, China confirmed in northern Europe, Russia destructively active, autonomous AI attacks operational - it is not about actionism, but about a reliable basis for decision-making. The later organizations gain clarity about compromise and risk exposure, the more they depend on external clues, chance discoveries or the next incident.
Q2/2026 is not a sequel. It is an exaggeration. Iran is back online after 47 days and switches from hacktivism to coordinated APT operations with new OT targets. China has reached Scandinavia. Russia has permanently destroyed industrial facilities in Poland for the first time without provoking a NATO response. Autonomous AI attacks are operational. And a look at our own alliance shows that strategic autonomy is not isolation - it is the necessary consequence of the realization that no ally places its own interests above ours.
For organizations, this means that proactive threat hunting and the continuous assessment of risk exposure belong together. The result is not a promise of absolute security, but a resilient approach to a constantly changing attack surface.
Whether there are already traces of a compromise and which attack surfaces increase the real risk can only be answered if threat hunting and managed risk exposure are considered together. The findings from threat hunting, incident response and threat intelligence in recent months provide a technical basis for this.
The first step in a cyber risk analysis is a sober assessment of the situation: what is compromised, what is exposed - and what needs to be reduced first? Use the white paper "InfoGuard Threat Intelligence Insights 2025" as a reality check: find out which attack patterns are particularly relevant now and which steps are now a priority for your organization.
Did you enjoy reading it? We're glad you did! Did you know that the third quarter Threat Intelligence Report is coming soon? Subscribe to our blog updates now and you will receive the next classification of the cyber threat situation directly in your inbox - compact, relevant and with the most important developments at first hand.
Sources & references
• Palo Alto Networks Unit 42: Threat Brief Iran – Updated April 17, 2026
• SOCRadar: Iran War Cyber Threat Outlook – Conflict Phases and What Comes Next (April 2026)
• Trellix: The Iranian Cyber Capability 2026 (März 2026)
• Europol: Elevated terrorism and cyber threat in EU amid Iran conflict (März 2026)
• Canadian Centre for Cyber Security: Iranian Cyber Threat Bulletin (Februar 2026)
• Halcyon: Iranian Use of Cybercriminal Tactics – 2026 Updates (März 2026)
• Arctic Wolf: Heightened Cyber Risk February 2026 US/Israel-Iran Escalation
• The Record / Recorded Future: Norway / PST Annual Threat Assessment 2026 (Februar 2026)
• ODNI: Annual Threat Assessment 2026 – China Leading Cyber Threat
• Atlantic Council: Dispatches from the Front Lines of Russia-Linked Cyberattacks on Europe (April 2026)
• CEPA: A Joint Cyber Defense for Europe? (März 2026)
• WEF Global Cybersecurity Outlook 2026
• ISACA: AI-Driven Ransomware Fuels Rise in New Cyberthreat Groups (Mai 2026)
• SecurityWeek: Cyber Insights 2026 – Malware and Cyberattacks in the Age of AI
• Trend Micro: The AI-fication of Cyberthreats – Security Predictions 2026
• US Senate Armed Services Committee: Written Testimony Katherine Sutton – CYBERCOM 2.0 (Januar 2026)
• FDD / Lawfare: Implementing Cybercom 2.0 (April 2026)
• Atlantic Council: By Alienating Its Intelligence Partners, the US Risks Losing More Than Trust (März 2026)
• CYFIRMA: Cyber Espionage Among Allies – Strategic Posturing in an Era of Trade Tensions (2026)
• Databalance.eu: Microsoft Cloud Sovereignty 2026 (Februar 2026)
• DanubeData: The US CLOUD Act Explained – European Alternatives 2026
• Kiteworks: EU Data Act, GDPR and CLOUD Act Conflict (März 2026)
• Mandiant M-Trends 2025 (Google Cloud / Alphabet)
• ENISA Threat Landscape 2025 (Oktober 2025)
• BSI Lagebericht zur IT-Sicherheit in Deutschland 2024
Caption: Image generated with AI