امنیت انرژی اتحادیۀ اروپا زیر تأثیر تهدیدهای سایبری روسیه

مقاله‌های آماده انتشار

نوع مقاله : مقاله پژوهشی

نویسندگان

1 استاد، گروه مطالعات منطقه‌ای، دانشکده حقوق و علوم سیاسی، دانشگاه تهران، تهران، ایران

2 دانش‌آموخته کارشناسی ارشد رشته مطالعات منطقه‌ای، دانشکده حقوق و علوم سیاسی، دانشگاه تهران، تهران، ایران

10.22059/jcep.2025.394596.450321

چکیده

در دنیای دیجیتال و به‌هم‌پیوستۀ امروز، امنیت سایبری به چالشی ژئوپلیتیکی تبدیل شده است. اتحادیۀ اروپا به‌دلیل وابستگی به زیرساخت‌های دیجیتال و شبکه‌های انرژی، در برابر حمله‌های سایبری آسیب‌پذیر است. این حمله‌ها که بیشتر زیرساخت‌های حیاتی انرژی را هدف قرار می‌دهند، می‌توانند به بی‌ثباتی اقتصادی و تضعیف امنیت منطقه‌ای منجر شوند. روسیه به‌ویژه پس از تهاجم به اوکراین در سال ۲۰۲۲، از حمله‌های سایبری به‌عنوان بخشی از راهبرد جنگ ترکیبی خود بهره برده و امنیت انرژی اتحادیۀ اروپا را تهدید کرده است. در این نوشتار به‌دنبال پاسخ این پرسش هستیم که تهدیدهای سایبری روسیه چگونه بر امنیت انرژی اتحادیۀ اروپا تأثیر گذاشته و این اتحادیه چه پاسخ‌هایی ارائه داده است؟ در پاسخ این فرضیه مطرح می‌شود که حمله‌های سایبری روسیه امنیت انرژی اتحادیه را تضعیف کرده و پاسخ‌های اتحادیه، اگرچه با نوواقع‌گرایی تدافعی سازگار هستند، به‌دلیل ناهماهنگی‌ها، اثربخشی محدودی دارند. در این مطالعه با رویکرد کیفی و تحلیل مطالعات موردی، داده‌ها را از منابع ثانویه گردآوری و براساس چارچوب نوواقع‌گرایی تدافعی بررسی می‌کنیم. یافته‌ها نشان می‌دهند که حمله‌های سایبری روسیه مانند نات‌پتیا، بخشی از راهبرد بی‌ثبات‌سازی اتحادیۀ اروپا هستند. پاسخ‌های اتحادیۀ اروپا شامل تقویت سیاست‌های سایبری است، اما ناهماهنگی و وابستگی به سیستم‌های قدیمی، کارایی را کاهش داده است. در این نوشتار بر نیاز به هماهنگی بیشتر و نوآوری در امنیت سایبری تأکید داریم.

کلیدواژه‌ها

عنوان مقاله [English]

EU Energy Security under the Influence of Russian Cyber Threats

نویسندگان [English]

  • Davood Aghaee 1
  • Reza Abdollahi 2
1 Professor, Department of Regional Studies, Faculty of Law and Political Science, University of Tehran, Tehran, Iran
2 M.A. in Regional Studies, Faculty of Law and Political Science, University of Tehran, Tehran, Iran,
چکیده [English]

 
Introduction: In today’s interconnected and increasingly digital world, cybersecurity has emerged as one of the most important geopolitical challenges. The European Union, with its deep reliance on digital infrastructure and interconnected energy networks, finds itself particularly vulnerable to cyberattacks. These attacks, often aimed at disrupting critical energy infrastructure such as power grids, pipelines and industrial control systems, pose significant risks. They can lead to widespread economic instability, a loss of public trust in institutions and the weakening of the regional security framework on which the EU relies. Since Russia’s invasion of Ukraine in February 2022, cyberattacks have become a prominent tool in a broader hybrid warfare strategy, designed to destabilize the EU and advance Russia’s geopolitical objectives. This escalation of tensions has exposed the European Union's energy security, a vital pillar of its economic prosperity and political stability to an unprecedented threat. Using the theoretical perspective of defense neorealism, this study examines the impact of Russian cyber threats on the energy security of the European Union and critically evaluates the defense measures implemented by the Union. The aim of this research is to examine how these cyber threats endanger critical energy infrastructure, assess the robustness and limitations of the EU’s responses and highlight the broader implications for regional stability. Given the foundational role of energy security in maintaining the economic and political cohesion of the European Union, alongside the increasing complexity of cyber threats, this issue requires urgent scientific and political attention.
Research question:  How do Russian cyber threats affect the European Union energy security and what strategies has the EU implemented to mitigate these risks?
Research hypothesis: Russian cyber threats, integrated into a hybrid warfare framework, undermine the EU’s energy security by targeting critical infrastructure, such as electricity networks and gas pipelines. The EU’s defense strategies, including advanced cybersecurity policies and international partnerships, are aligned with the principles of defensive neorealism, emphasizing deterrence and survival in an anarchic system. However, these measures have been limited by political incoherence between member states, reliance on outdated technological systems and the inherently asymmetric nature of cyber threats, all of which reduce their overall effectiveness.
Methodology and theoretical framework: This research was conducted with a qualitative approach and focused on an in-depth analysis of selected case studies. Data were collected through a systematic review of secondary sources, including peer-reviewed academic articles, official EU reports and key policy documents such as the Network and Information Security (NIS) Directive and the REPowerEU plan. Case studies, including the 2017 NotPetya attack, the 2015 cyberattacks on Ukraine’s power grid and the sabotage of the Nord Stream pipeline in 2022, have been deliberately selected to illustrate important and relevant examples of cyber threats targeting the energy sector. The theoretical framework underlying this study is defensive neorealism, rooted in the seminal works of Kenneth Waltz and expanded upon by scholars such as Robert Jervis and Stephen Walt. Defensive neorealism holds that in an anarchic international system, states prioritize security and survival through defensive and deterrent strategies and their goal is to maintain the balance of power rather than pursue aggressive expansion. The analysis focuses on key concepts such as deterrence, security dilemma and defensive posture to assess the patterns of Russian cyberattacks and the EU’s counter-responses, providing a structured perspective for understanding this complex interaction.
Results and discussion: The research findings suggest that Russian cyberattacks which have intensified since the invasion of Ukraine in 2022, form a deliberate part of a hybrid warfare strategy aimed at destabilizing the EU. These attacks use sophisticated tools, such as the NotPetya and Industroyer malware, alongside combined tactics such as physical and cyber sabotage of the Nord Stream pipelines. They target critical energy infrastructure, including electricity grids, gas distribution networks and industrial control systems, leading to disruptions in energy supply, reduced public confidence, and instability in energy markets. Specific examples include the NotPetya attack, which paralyzed industries across Europe in 2017 and the Ukrainan power grid attacks that showed the potential for widespread blackouts. The Nord Stream incident further highlighted the vulnerability of physical energy assets to hybrid cyber-physical threats. In response, the EU has strengthened its cybersecurity framework through measures such as updating the NIS Directive, deepening cooperation with NATO and the United States and imposing targeted economic sanctions on entities linked to these attacks. These actions reflect defensive neorealism’s focus on deterrence and the avoidance of direct military confrontation. However, their effectiveness has been undermined by several factors: uncoordinated implementation of policies across member states, reliance on outdated infrastructure vulnerable to abuse and challenges related to attributing attacks to specific actors due to the anonymity of cyberspace. The interconnected nature of Europe’s energy systems exacerbates these risks, as seen in the regional consequences of NotPetya. Addressing these vulnerabilities requires greater policy coordination, accelerating infrastructure modernization and integrating advanced technologies like artificial intelligence for threat detection and blockchain to secure data exchanges.
Conclusion: This study concludes that Russian cyber threats, framed within a hybrid warfare paradigm, pose a profound and immediate risk to the EU’s energy security. While the EU’s defensive actions, from policy enhancements to international collaboration, are aligned with the principles of defense neorealism, their impact has been limited by structural and operational shortcomings. Policy fragmentation among member states, reliance on legacy systems and the ambiguous nature of cyber adversaries limits the Union’s ability to fully neutralize these threats. To strengthen its resilience, the EU should adopt binding policy frameworks to ensure cohesive action, invest heavily in modernizing its energy infrastructure with cyber-secure technologies, and expand international cooperation through joint cyber defense exercises and real-time intelligence sharing. Employing advanced tools, such as artificial intelligence for proactive threat detection and blockchain to protect critical communications, is equally essential. In an anarchic global system where hybrid threats are rapidly evolving, the EU’s ability to adapt quickly and decisively will determine its capacity to protect energy security and maintain stability. This research highlights the urgent need for a strategic review of the EU’s cyber defense to counter the multifaceted risks posed by hybrid warfare.

کلیدواژه‌ها [English]

  • Cyber Threat
  • Cybersecurity
  • Energy Security
  • European Union
  • Russia

مراجع

Aljohani, Tawfiq (2022), “Cyberattacks on Energy Infrastructures: Modern War Weapons”, IEEE Technology and Society Magazine, (doi: 10.48550/arXiv.2208.14225).
Arslan, Ahmet (2023), “Neorealist Analysis of Security Dilemma in Cyberspace; A Quantitative Study”, APSA Preprints, (doi: 10.33774/apsa-2023-wvw2z-v9).
Bélaïd, Fateh, Aisha Sarihi (2023), “Balancing Climate Mitigation and Energy Security Goals Amid Converging Global Energy Crises: The Role of Green Investments”, Renewable Energy, Vol. 205, No. 2023, pp. 534-54, (doi: 10.1016/j.renenenene.2023.01.083).
Blank, Stephen (2024), The Russian Military in Contemporary Perspective, translated by Elaheh Koolaee and Seyyedeh Motahereh Hosseini, Tehran: Tehran University of Tehran Press, [in Persian].
Bouramdane, Ayat-Allah (2023), “Cyberattacks in Smart Grids: Challenges and Solving the Multi-Criteria Decision-Making for Cybersecurity Options, Including Ones That Incorporate Artificial Intelligence, Using an Analytical Hierarchy Process”, Journal of Cybersecurity and Privacy, Vol. 3, No. 2, pp. 662-705, (doi:.org/ 10.3390/jcp3040031).
Buinevich, Mikhail and Grigory Moiseenko (2023), “Combining of Heterogeneous Destructive Impact on the Information System and Countering Attacks (on Example by Insider Activity and DDoS-Attack)”, Telecom IT, (doi:.org/10.31854/2307-1303-2023-11-3-27-36).
Wüest, Candid (2014), “Targeted Attacks Against the Energy Sector”, Symantec Corporation, Available at: https://icscsi.org/library/Documents/Cyber_Events/Symantec%20-%20Targeted%20Attacks%20Against%20the%20Energy%20Sector.pdf (Accessed on: 13/11/2024).
Cao, Yang, Wei Wei, Jianhui Wang, Shengwei Mei, Miadreza Shafie-khah and Catalão (2020), “Capacity Planning of Energy Hub in Multi-Carrier Energy Networks: A Data-Driven Robust Stochastic Programming Approach”, IEEE Transactions on Sustainable Energy, Vol. 11, No. 1, pp. 3-14, (doi: 10.1109/TSTE.2018.2878230).
Chaikin, Marc (2023), “Problems and Prospects of Implementing Assessment of the Level of Maturity of Cyber Security Processes of Critical Infrastructure Objects of the Energy Sector of Ukraine in Accordance with the NIST Cybersecurity Framework”, Èlektronnoe Modelirovanie, (doi: 10.15407/emodel.45.05.08).
Katanchi, Elnaz and Babak Pourqahrmani (2019) "Symbolic Policies of the Council of Europe Cybercrime Convention", Quarterly Journal of International Studies, Vol. 16, No. 62, pp. 31-47, (doi: 10.22034/isj.2019.99238(, [in Persian].
European Union Agency for Cybersecurity (ENISA), (2018), “EU Policy on Cyber Defence: Strengthening Europe's Cyber Resilience”, ENISA Publications, Available at: https://www.eeas.europa.eu/sites/default/files/documents/Comm_cyber%20defence.pdf (Accessed on: 10/11/2024).
Fedotenko, Kateryna (2023), “Cyber Warfare as Part of Information Warfare of Russia Against Ukraine since the Beginning of the 2022 Russian Invasion”, Věda a perspektivy, (doi:10.52058/2695-1592-2023-8(27)-351-357), [in Russian].
Hartvig, Áron Dénest Kiss-Dobronyi, Kotek, Takácsné Tóth, Iaonic Gutzianasand Zareczky and András Zsombor (2024), “The Economic and Energy Security Implications of the Russian Energy Weapon”, Energy, (doi: 10.1016/j.energy.2024.130972).
Ivan, Paul (2019), “Responding to Cyberattacks: Prospects for the EU Cyber Diplomacy Toolbox”, EPC Discussion paper, Available at: http://aei.pitt.edu/id/eprint/9707, (Accessed on: 18/03/2025).
Krzykowski, Michał (2021), “Legal Aspects of Cybersecurity in the Energy Sector—Current State and Latest Proposals of Legislative Changes by the EU”, Energies, Vol. 14, No. 23, pp. 1-14, (doi: 10.3390/en14237836).
Limnell, jarno (2018), “Cyber Threats and Energy Security in the European Union: Strategic Implications and Policy Responses”, Journal of Cyber Policy, Vol. 3, No. 2, pp. 187–202. Available at: https://www.jstor.org/stable/pdf/resrep21140.10.pdf (Accessed on: 18/03/2025).
Lin, Faqin, Xuecao Li, Ningyuan Jia, Fan Feng, Hai Huang, Jianxi Huang, Shenggen Fan, Philippe Ciais and Xiao-Peng Song (2023), “The Impact of Russia-Ukraine Conflict on Global Food Security”, Global Food Security, Vol. 36, No. 2, pp. 17-25, (doi: 10.1016/j.gfs.2022.100661).
Maliki, Musa (2022), “The Ideology Critique of Mearsheimer’s Theory of Offensive Neorealism: The Case of Russia-Ukraine War and Its Ideologization in Indonesia”, Journal of Global Strategic Studies, (doi:10.36859/jgss. v2i2.1212).
Molchanov, Matevosova (2020), “Energy Security in the Age of Digitalization”, Courier of Kutafin Moscow State Law University (MSAL), Vol. 3, No. 67, pp. 86-95, (doi: 10.17803/2311-5998.2020.67.3.086-095).
Nawrocki, Tomasz and Jonek-Kowalska (2023), “Efficiency of Polish Energy Companies in the Context of EU Climate Policy”, Energies, (doi: 10.3390/en16020826).
Farshasaid, Parviz, Mahmoud Jalali and Mahnaz Goodarzi (1401), "The Necessity of Strengthening Cybersecurity in the Energy Sector by Governments," Energy Law Studies, Vol. 8, No. 1, pp. 173-193, (doi: 10.22059/jrels.2022.316656.4(, [in Persian].
Pawlak, Patryk (2018), “Energy Security and Cyber Warfare: The Role of State and Non-State Actors in EU Cyber Resilience”, European Journal of Security Studies, Vol. 6, No. 1, pp. 45–67, Available at: https://www.jstor.org/stable/pdf/resrep21140.14.pdf, (Accessed on: 18/03/2025).
Pishchik, Victor and Petr V. Alekseev (2024), “Current Cybersecurity Issues in Russia: Global and National Aspects”, Теория и Практика Общественного Развития, Vol. 24, No. 10, pp. 112–121, (doi:10.24158/tipor.2024.10.15) [in Russian].
Niknami, Roxana (2024), "European Union Energy Sanctions against Russian Federation and Its Impact on their Trade System (2022-2024)", Central Eurasia Studies, Vol. 17, No. 1, pp. 363-390, (doi: 10.22059/jcep.2024.379436.45023(, [in Persian].
Rahami, Rouhollah and Amirhossein Azhdari (1401), "European Union Cybersecurity: Threats, Opportunities and Measures (From the Beginning to 2021)," Quarterly Journal of Legal Research, Vol. 25, No. 1, 25 (Special Issue on Law and Technology), pp. 273-302, (doi: 10.52547/jlr.2023.228106.226 ([in Persian].
Saberi, Sara, Mahtab Kouhizadeh, Joseph Sarkis and lejia Shen (2018), “Blockchain Technology and its Relationships to Sustainable Supply Chain Management”, International Journal of Production Research, Vol. 57, No. 3, pp. 1-19, (doi:10.1080/00207543.2018.1533261 [in Persian].
Schmitz-Berndt, Sandra and Pier Giorgio Chiara (2022), “One Step Ahead: Mapping the Italian and German Cybersecurity Laws Against the Proposal for a NIS2 Directive”, Vol. 3, No. 2, pp. 1-23, International Cybersecurity Law Review, https://link.springer.com/article/10.1365/s43439-022-00058-7, (Accessed on: 25/01/2025).
Shestak, Viktor and Alyona Tsyplakova (2023), “Countering Cyberattacks on the Energy Sector in the Russian Federation and the USA”, BRICS Law Journal, (doi: 10.21684/2412-2343-2023-10-4-35-52).
Ghanbari, Somayeh and Hossein Khani (2019) "Russian Cyber ​​Deterrence from a European Perspective", Quarterly Journal of Central Asian and Caucasus Studies, Vol. 26, No. 1, pp. 117-156, Available at: http://ca.ipisjournals.ir/article_242984.html, (Accessed on: 10/02/2025). [in Persian].
Sun, Nan, Ming Ding, Jiaojiao Jiang, Weikang Xu, Xiaoxing Mo and Yonghang Tai (2023), “Cyber Threat Intelligence Mining for Proactive Cybersecurity Defense: A Survey and New Perspectives”, IEEE Communications Surveys and Tutorials, (doi:10.1109/COMST.2023.3273282).
Taliaferro, Jeffrey (2000), “Security Seeking Under Anarchy: Defensive Realism Revisited”, International Security, Vol. 25, No. 3, pp. 128-151, (doi:10.1162/016228800560635).
Tichy, Lukáš and Zbyněk Dubsky (2024), “Cybersecurity in the European Energy Sector: Challenges and Policy Developments”, Energy Policy Review, Vol. 55, No. 1, pp. 92–108, (doi: 10.1016/j.exis.2023.101392).
Tin, Derrick, Dennis G. Barten, Fredrik Granholm, Pavlo Kovtonyuk, Frederick M. Burkle and Gregory R. Ciottone (2023), “Hybrid Warfare and Counter-Terrorism Medicine”, European Journal of Trauma and Emergency Surgery, Available at: https://link.springer.com/article/10.1007/s00068-023-02230-y, (Accessed on: 10/02/2025).
Vasiliu, Tomas (2019), “Cybersecurity Strategies for Critical Infrastructure Protection in the European Union”, International Journal of Security Studies, Vol. 12, No. 3, pp. 211–228, Available at: https://dione.lib.unipi.gr/xmlui/bitstream/handle/unipi/12412/Vasileiou_18012.pdf?sequence=2&isAllowed=y, (Accessed on: 14/02/2024).
Long Vu, Thanh, Sayak Mukherjee, Renke Huang and Qiuhua Hung (2021), “Barrier Function-Based Safe Reinforcement Learning for Emergency Control of Power Systems”, In 2021, 60th IEEE Conference on Decision and Control (CDC), pp. 3652-3657, IEEE, (doi: 10.1109/CDC45484.2021.9683573).
Waltz, Kenneth (1979), “Theory of International Politics”, Addison-Wesley Publishing, Available at: https://dl1.cuni.cz/pluginfile.php/486328/mod_resource/content/0/Kenneth%20N.%20Waltz%20Theory%20of%20International%20Politics%20Addison-Wesley%20series%20in%20political%20science%20%20%20%201979.pdf, (Accessed on: 15/11/2024).
Watney, Murdoch (2022), “Cybersecurity Threats to and Cyberattacks on Critical Infrastructure: A Legal Perspective”, European Conference on Cyber Warfare and Security, Vol. 21, No. 1, pp. 319-327, (doi:10.34190/eccws.21.1.196).
Wójtowicz, Anna (2024), “EU Energy Security After Russia’s Invasion of Ukraine–Substance, Strategy and Lobbying”, Studia Europejskie, Vol. 28, No. 2, pp. 157-171, (doi: 10.33067/SE.2.2024.8).
Yakoviyk, Ivan and Maksym Tsvelikh (2023), “Energy Security of the European Union in the Context of Russian Aggression against Ukraine”, Problems of Legality, Vol. 23, No. 160, pp. 170–191, (doi:10.21564/2414-990x.160.274518)
مطالعات اوراسیای مرکزی

مقاله‌های آماده انتشار، اصلاح شده برای چاپ
انتشار آنلاین از تاریخ 16 تیر 1404

فایل ها

هم رسانی

ارجاع به این مقاله

آمار