Russia steps up theft of Western tech as sanctions bite

Russia’s intelligence services are intensifying their hunt for Western technology as sanctions squeeze the wartime economy, shifting pressure from the open marketplace into covert networks built around fake companies, middlemen, cyber spies and hackers. Three senior European intelligence officials said the goal is no longer just classic espionage. It is also industrial substitution: if Moscow cannot legally buy what it needs, it is trying to steal the knowledge, designs and access paths instead.

The targets are broad and practical. Officials in Finland said Russia is seeking space, quantum, Arctic and marine technology, part of a longer contest to keep pace with the West over the coming decades. In Sweden, security officials said the Kremlin is targeting the defense industry and advanced research tied to systems such as Saab’s Gripen fighter jet, while also trying to obtain civilian camera and laser technology that could be adapted for weapons systems. The pattern shows an intelligence effort aimed not only at military secrets but at dual-use tools that can sustain both the war effort and the civilian economy.

The pressure is mounting as Europe keeps tightening economic restrictions. On April 23, 2026, the Council of the European Union adopted its 20th sanctions package against Russia, targeting energy, financial services, trade and crypto. That follows four years of restrictions that have made it harder for Russia to buy machinery, technology and research from Europe, and the result has been a deeper turn toward covert procurement. The same pressure has also weighed on key industries and raised concerns about a broader financial strain inside Russia.

Western security agencies have been warning for years that Russian services do not rely on one method alone. A 2025 joint advisory from the United States, the United Kingdom, Germany, the Czech Republic, Poland, Australia, Canada, Denmark, Estonia, France and the Netherlands said Russian military intelligence unit 26165, known as Fancy Bear, had run a cyber campaign against defense, transport and technology firms supporting Ukraine for more than two years. The warning highlighted targeted scam emails and stolen passwords, underlining how digital intrusion and human tradecraft now work together.

The wider picture is one of an adversary under pressure but still adaptive. The Associated Press has tracked 145 Russia-linked sabotage and disruption cases in Europe since the 2022 invasion of Ukraine, showing the campaign extends beyond theft into broader destabilization. As sanctions narrow lawful access, Moscow’s intelligence services are leaning harder on shadow networks to fill the gaps, and that makes export controls, cyber defense and supply-chain security more important, not less.