Emerging Eco-Terrorism and the Threat to Infrastructure


  • It is becoming highly likely that eco-terrorism will emerge in Western Europe.
  • Climate activists in the region are already moving from disruptive protests and civil disobedience to more radical tactics including sabotage of infrastructure. 
  • Most critical infrastructure in Western Europe is unprotected against anything more serious than low-level crime.
  • The United Kingdom’s recently published National Risk Register 2023 does not mention eco-terrorism or radical environmentalism, and it isn’t clear that this emerging threat has been considered in the National Security Risk Assessment.
  • Infrastructure stakeholders should take the possibility of this threat seriously and review their own vulnerabilities to it.
Activists preparing for an attack against bundles of fibre optic cables on the Bologna-Milano high speed rail line.

How well protected is critical infrastructure in Western Europe against more serious threats like sabotage? We recently conducted a detailed study of this question, which came up with some worrying results. Our review was prompted by a client’s concerns about the possibility of sabotage by state or state-sponsored actors. The broad scenario considered the possibility that Russia might try to overcome its lack of conventional offensive options by pursuing a strategy of sabotage against Western critical infrastructure. 

Whilst this scenario seemed plausible, our research revealed a far more likely threat in the form of emerging eco-terrorism. In simple terms, we used the net assessment approach (described in a previous article on forecasting Russian options after Ukraine) to assess the likelihood that climate and environmental activism will evolve into more extremist variants, including eco-terrorism. This characterises the threat and produces the first set of conditional probabilities. We then used detailed scenarios to evaluate what ‘attacks’ might look like, and to estimate their probability of success. The results of our scenario analysis might be surprising:

  • There is between a 70% and 85% conditional probability that eco-terrorism will emerge in Western Europe. The percentages reflect the range of uncertainty, lack of data, and some differences in opinion between our analysts, but the overall conclusion is that this threat is ‘very likely’.
  • Close to 65% of critical infrastructure in Western Europe is unprotected against any threat higher than trespass and opportunistic low-level crime.
  • The extent of this vulnerability means that the tactical-level attack scenarios we envisaged effectively had a 100% probability of causing serious damage to property, with associated serious risks to life and health and safety of the public.

‘Terrorism’ can be a politically and emotionally charged word, so for the sake of this discussion we’re using the definition in the UK’s Terrorism Act 2000. Framed this way, the specific actions associated with extremist variants of activism, indeed qualify as terrorism. In our view it doesn’t really matter whether you call it eco-terrorism, eco-extremism or ‘civil resistance’ – the effects are the same.

How to blow up a pipeline

Published at the beginning of 2021, Andreas Malm’s book How to Blow up a Pipeline argued the case for a campaign of sabotage against fossil fuel infrastructure and other property. This was a sharp break from climate activism’s longstanding taboo against violence, which Malm argued had contributed to the loss of momentum the movement had experienced as a result of its suspension of activities during Covid in 2019.

An Extinction Rebellion activist reading How to Blow up a Pipeline during a protest in The Hague. Photograph: Michael Porro / Getty Images / The Guardian.

Since its publication, groups within the climate activist A22 Network have experimented with different tactics and now both the frequency and types of acts involving sabotage are increasing.

In his book, Malm was careful to stop short of promoting violence against people, but since then attitudes in the climate movement have shifted to encompass a greater readiness to use violence. In response to the recent How to Blow up a Pipeline film, Malm has expressed surprise and approval at the change in attitudes in favour of potentially violent extremism. As he put it in an article in the Guardian in April 2023, violent activism is “going mainstream” and has “very broad appeal”.

Malm has described the current state of climate activism as being “in between waves”. What he means by this is that whilst the scale of activity hasn’t returned to the same level as before 2019, the type of activity is diversifying and fragmenting to include more radical tactics. In other words, we might be at the start of a process of evolution which opens up the real possibility of novel threat scenarios. The ideas and motivation are already in place and websites like Warrior Up make it clear that capability isn’t far behind.

Vulnerability: Acceptable risk?

Our survey of the current level of protection at critical infrastructure in Western Europe focused on fossil fuel refining and distribution networks, rail, cell phone towers and electricity distribution. Nuclear and chemical facilities were outside the scope of our research.

Our methodology combined the normal elements of Security Vulnerability Assessment, with an emphasis on scenario pathway analysis to determine the effectiveness of physical and procedural mitigation against plausible attack scenarios. We based our attack scenarios on a realistic assessment of the capabilities that might emerge from likely evolutions of the climate activist movement. Careful scrutiny of extremist websites helped to characterise the threat actors’ modus operandi and capabilities.

The most striking outcome of our analysis was the overwhelming probability of success for a moderately well-planned sabotage attack. In other words, most critical infrastructure in Western Europe is unprotected to the extent that there is no significant risk of failure for a well-organised attacker. At many sites across Western Europe, there is no viable deterrence, detection, delay, or response capability at all. A very few sites have these capabilities to a level that could be considered fully effective.

We were also surprised that the UK Government’s recently published National Risk Register 2023 (‘NRR’) doesn’t mention threats related to climate activism at all in its scenarios dealing with sabotage to infrastructure. Whilst this emerging threat might have been considered, there is no way of knowing this from the published Guidance. The NRR concludes that the likelihood of sabotage scenarios is ‘highly unlikely’ (5-25% likelihood of a reasonable worst-case scenario over 2 years) – but offers no explanation of how this rating was arrived at. 

Our own clients have already experienced low-level sabotage and are concerned about when and how the threat might develop. While the NRR might be right to conclude that a ‘reasonable worst-case scenario’ won’t happen within 2 years, critical infrastructure stakeholders might not be so confident. One of the difficulties in determining risk tolerance in the case of critical infrastructure, is that the consequences of a security event tend to be higher owing to the ‘criticality’ factor. And this usually means that a scenario that might be tolerated in other sectors is likely to be unacceptable.

The Cost: Do something or wait and see?

We recognise that it’s hard to make a case for costly mitigation before a threat has fully manifested. Our advice to clients is always to gather as much accurate information about their current level of protection and vulnerability and to balance this against plausible risk scenarios. The inherent difficulty is that, with emerging threats, there isn’t a lot of data and judgements have to be made on the basis of an uncomfortable amount of subjectivity. But is a paucity of data a good reason to do nothing?

We find that taking a client through this process introduces a new element of thinking into the way the organisation thinks about security, in terms of making decisions in the face of significant uncertainty and deciding where security risk sits as an operational or strategic concern. This can result in a significant shift in how an organisation defines its security risk appetite and tolerance, and ultimately how it decides to protect its critical facilities against uncertain threats.

In our next article we’ll explain more about how we use the net assessment and scenario analysis techniques to help clients determine what threats they’re up against. We’ll also discuss security risk appetite and tolerance, and how using a properly defined framework for these can help with making difficult decisions about the cost of mitigation in the face of significant uncertainty.

For further information on our work and experience in this and other fields, feel free get in touch with us using the form on our Contact Us page or email us at info@cygnus-resilience.com.

Back to Insights

Share this insight