Irregular Warfare Weekly Review

The Resistance Hub

March 17–24, 2025
Fires, Fiber Cuts, Laws, and Leaks: Global Resistance and Sabotage in Focus

In an increasingly turbulent global landscape, irregular warfare has emerged as the method of choice for both state and non-state actors seeking to shape political, military, and economic outcomes without engaging in open conflict. From railway sabotage in Crimea to suspected eco-terrorist attacks in Norway, the past week saw a dramatic uptick in disruptive operations targeting infrastructure, information networks, and national authority structures.

This review chronicles the most significant irregular warfare events from March 17 to 24, 2025—both kinetic and cyber, overt and covert. Each development signals broader undercurrents at play in the contested zones of Europe, East Asia, and the digital battlefield.

🇫🇷 France: Telecom Infrastructure Sabotaged Near Paris

On March 22, coordinated sabotage attacks struck fiber optic infrastructure in the Île-de-France region. Multiple underground cable conduits were deliberately severed near Nozay, affecting major telecom providers, including Free and Orange. The result: widespread outages impacting internet service, mobile networks, and even ATM systems for thousands of users in the Paris area.

While French authorities have not released suspects publicly, this mirrors similar 2022 and 2023 attacks linked to ultra-left anarchist cells, particularly those protesting the 5G rollout and perceived state surveillance. However, given the renewed geopolitical tensions in Europe, some officials have not ruled out foreign state proxies using sabotage to test civil resiliency.

This type of “low-tech but high-impact” infrastructure targeting underscores the growing trend of soft disruption over direct confrontation. The incident also reaffirms how vulnerable modern societies remain to a few well-timed wire cuts.

🇷🇺 Crimea: Atesh Partisans Hit Russian Rail Line

On March 20, the Ukrainian resistance group Atesh claimed a successful sabotage of a railway near the village of Stolbove in Russian-occupied Crimea. According to their report, a covert agent destroyed a key relay cabinet that managed signaling to supply lines running toward the Zaporizhzhia front. Satellite images released later show emergency maintenance crews and rail delays, lending credibility to the claim.

This fits into a wider resistance campaign behind enemy lines, where localized, low-visibility sabotage actions cause outsized disruption. It also reflects Ukraine’s growing reliance on partisan warfare to supplement conventional operations, especially as Western weapons deliveries fluctuate.

While Kyiv rarely acknowledges Atesh’s operations directly, they appear to be loosely coordinated with broader Ukrainian military objectives. The group continues to publish visual proof and claim ideological alignment with Ukrainian sovereignty rather than political power centers.

🇭🇰 Hong Kong: Sweeping New Anti-Subversion Law Passed

On March 19, the Hong Kong Legislative Council unanimously passed the long-feared Safeguarding National Security Law, bringing sweeping changes to how dissent is policed. The law criminalizes treason, sedition, and external interference—with life imprisonment penalties and authority granted for closed-door trials.

Analysts warn this law is a watershed moment, likely to drive opposition underground. Civil society actors have warned of a “Second Resistance Wave,” where digital encryption, self-exile, and covert protest networks become the only viable avenues for dissent. From an irregular warfare perspective, Hong Kong may evolve into a new theater of soft-power resistance, with exiled activists acting as info-ops hubs abroad while covert networks work internally.

Beijing, meanwhile, is positioning the law as a “final safeguard” against Western influence operations. However, the law’s sweeping nature may backfire, breeding quiet defiance and sharpening ideological resolve among the youth.

🇬🇧 United Kingdom: Heathrow Airport Disrupted by Fire

A suspicious electrical fire broke out at a major substation serving Heathrow Airport on March 21, grounding flights, delaying services, and disrupting air traffic across Western Europe. While the fire was officially attributed to a systems failure, its timing and location raised questions among security analysts.

Substations, though critical, are rarely subject to spontaneous combustion without warning. Heathrow handles over 1,300 flights and hundreds of thousands of passengers daily—making it a prime target for disruption that doesn’t require mass casualties to succeed in strategic terms.

Though no group has claimed responsibility, the episode follows a wave of infrastructure-targeted incidents across the UK over the past year. Investigators have quietly looked into far-right saboteurs, Russian-aligned actors, and anarchist collectives—though no attribution has been made public.

🇳🇴 Norway: Massive Oil Leak Blamed on Sabotage

On March 17, authorities in Oslo responded to an environmental emergency: over 60,000 liters of insulating oil had leaked from a disused transformer station owned by the national grid operator Statnett. The company believes the leak may have been caused by deliberate tampering. Police confirmed signs of forced entry.

Norway plays a critical role in Europe’s energy security—especially after the sabotage of the Nord Stream pipelines—so this incident carries strategic weight. While environmental activists are one line of inquiry, Norwegian security services are also considering Russian state-linked operatives as potential culprits.

This incident echoes NATO warnings that Arctic and North Sea infrastructure is increasingly a target in the new shadow war for resource control and energy influence.

🌐 Cyber and Info-War Escalation: AI in the Shadows

A Europol report released on March 18 warns of an alarming uptick in artificial intelligence being weaponized by criminal syndicates operating as state proxies. These groups have begun using AI to accelerate phishing attacks, automate malware generation, and generate deepfake propaganda.

Russia and China are believed to be the primary backers of such efforts, often laundering them through dark web markets or “semi-deniable” contractors. Europol emphasized the blending of state and non-state actors in a new digital insurgency where attribution becomes nearly impossible—and the consequences are far-reaching.

Importantly, AI doesn’t just make traditional cyber operations faster—it alters the tempo and psychology of irregular warfare itself.

🇺🇸 United States: Strategic De-Prioritization of Russian Hybrid Threats

In a quiet but profound policy shift, the Trump administration on March 19 suspended multiple national security initiatives designed to counter Russian disinformation, sabotage, and cyber intrusion. According to Reuters, this includes efforts housed within the State Department’s Global Engagement Center and the Pentagon’s hybrid warfare task force.

The administration framed this as part of an effort to open channels with Moscow, but critics argue this leaves the United States exposed at a critical time. Russian gray-zone activity has not ceased—it’s evolved. Analysts fear this creates strategic blind spots that adversaries will exploit.

🇰🇵 North Korea Forms ‘Center 227’ to Weaponize AI and Hacking

New intelligence from South Korean and U.S. sources confirms the establishment of “Research Center 227,” a dedicated cyberwarfare unit under North Korea’s Reconnaissance General Bureau. The unit’s mission is to develop offensive cyber capabilities focusing on AI-enabled malware, penetration of financial systems, and destabilizing propaganda.

North Korea’s cyber corps has long pushed above their weight, most notably with the WannaCry ransomware attacks and major bank thefts. Center 227 represents a strategic shift from financial crime to broader asymmetric warfare, with AI as the enabler.

This follows a global pattern: conventional capabilities remain capped, so rogue states invest in deniable, agile, and scalable tools for disruption.

🔍 Takeaways: A War Without Frontlines

• Infrastructure remains the most targeted domain, with fiber, energy grids, rail, and airports all hit in the same 7-day span.
• AI rapidly shifts the cyber domain from technical hacking to narrative and psychological warfare.
• Laws can be weapons, too—Hong Kong’s security law shows how legislation can be used to break resistance or spark new waves of irregular opposition.
• Attribution remains the most powerful form of defense—and its absence allows shadow actors to thrive.

Final Analysis: Resistance Is Adapting

These incidents are not isolated from Hong Kong’s legislative crackdown on Norwegian oil sabotage. They are signals of a broader shift—where irregular warfare is not just a tool of the weak but a strategic domain where all actors operate: resistance movements, great powers, and criminal proxies.

This week’s developments reinforce that irregular warfare is no longer a peripheral concern. It’s the main battlefield—waged in silence, shadows, and systems. For a consolidated list of institutions focused on this discipline, visit our resources page.