EMET NEWS PRESS

The Essentials in 30 Seconds

Sweden plans to activate its new civilian foreign intelligence service, Sveriges utrikes underrättelsetjänst (UND), on 1 January 2027. Parts of the foreign intelligence function currently held by MUST are expected to transfer into the new structure.

MUST Chief Lieutenant General Thomas Nilsson has identified the implementation timetable as an operational risk. During Almedalen Week in Visby, he stated that Sweden could not afford to “drop the ball” under current security conditions. A reform of this scale could reduce operational effectiveness; that reduction must not reach a level that degrades ongoing intelligence production.

The transition affects the same personnel, technical access, and international liaison arrangements that MUST requires for Russia intelligence, military early warning, Baltic Sea situational awareness, and NATO support. The reform may strengthen strategic intelligence support to the government over time. Until early 2027, it creates a capability risk if personnel, SIGINT access, and liaison procedures are removed prematurely from military intelligence work.

The Essentials in 30 Seconds

• A Russian attack on Estonia, Latvia or Lithuania would place NATO and the European Union in a simultaneous collective-defence and mutual-assistance crisis.

• Switzerland and Austria would remain formally neutral. Both states would nonetheless become part of a European conflict environment shaped by transit, infrastructure, cyber defence, defence industry, energy security and counter-intelligence.

• Austria would be legally obliged under Article 42(7) TEU to provide aid and assistance. The neutrality reservation limits the form of assistance; it does not create a cost-free option of political non-involvement.

• Switzerland could restrict militarily relevant support more extensively. Its 2022 and 2023 re-export policy nevertheless demonstrated that European partners can treat Swiss defence goods and components as an availability risk.

• Russia’s objective would not primarily be the formal abolition of neutrality. It would seek to constrain European decision-making through deterrent messaging, sabotage, cyber operations and political polarisation.

The Essentials in 30 Seconds

• Canada has formalised delivery of an Arctic Over-the-Horizon Radar capability, A-OTHR, with Australia and BAE Systems Australia. BAE Systems Australia is scheduled to begin work on 1 July 2026; Initial Capability is planned for December 2029.

• The Canada–Australia government-to-government agreement is valued at AUD 2.5 billion. Canada’s wider A-OTHR programme exceeds CAD 6 billion, covering sites, infrastructure, integration, operating preparation and later expansion.

• A-OTHR uses JORN-derived HF skywave radar technology but requires adaptation to North Atlantic operating conditions, Canadian geography and NORAD command-and-control architecture.

• The decisive programme risk lies in ionospheric availability, software and data integration, electronic protection, bilateral NORAD interfaces and the conversion of radar tracks into actionable response chains.

Canada has moved its Arctic Over-the-Horizon Radar capability, A-OTHR, into the delivery phase through an agreement with Australia and BAE Systems Australia. The programme forms part of Canada’s NORAD modernisation effort and is intended to extend early warning and target tracking across northern and northeastern approaches to North America.

Ottawa is not acquiring a direct replica of Australia’s Jindalee Operational Radar Network, JORN. Canada is procuring a JORN-derived architecture configured for Canadian terrain, North Atlantic operating conditions, northern air and maritime approaches, national infrastructure and integration into binational NORAD command-and-control systems.

Canada and Australia established the technical partnership in 2025. The agreement signed on 22 June 2026 now covers system delivery, technology rights, industrial participation and long-term technical cooperation. BAE Systems Australia is scheduled to begin implementation on 1 July 2026.

The Essentials in 30 Seconds

• Attackers gained access to at least one file server operated by the Centre for East European and International Studies in Berlin. It remains unclear whether files were copied and which data sets may be affected.

• Russian nationals with documented cooperation links to ZOiS face the highest risk because Russia has designated the institute an “undesirable organisation” since October 2023.

• A data breach could connect individuals, research activity and contact networks. This creates potential exposure to criminal prosecution, border questioning, pressure on relatives and targeted digital follow-on operations.

• Russian involvement has not been established. Technical forensics and any subsequent context-specific targeting will determine the further assessment.

The Centre for East European and International Studies confirmed on 25 June 2026 that an unauthorised actor had accessed at least one file server. According to the institute, files stored on the system were accessible to the attackers. It remains unclear whether files were copied or exfiltrated and which data sets may have been affected.

ZOiS stated that its email infrastructure is not affected according to the current assessment. The institute isolated affected systems, reset credentials, initiated forensic examinations and notified the relevant security and data-protection authorities.

The technical impact cannot yet be quantified. The central security question is whether the affected systems contained personal, contact or project data capable of documenting a traceable link between individual Russian nationals and an organisation criminalised by the Russian state.

The Essentials in 30 Seconds

• Russia remains the most acute threat actor affecting Switzerland. Intelligence collection, cyber-enabled activity, influence operations, sanctions evasion and suspected sabotage preparation form a connected hybrid threat environment.

• Switzerland is not only a target area. Its role as a financial centre, research hub, digital infrastructure location and host of international organisations provides access opportunities for operations directed against European third states.

• China presents a different risk profile: long-term access to technology, research, industrial capabilities and economic dependencies.

• The NDB assessment on Iranian guided missiles is prospective. It describes a possible future expansion of Iranian strike reach into Europe, not a current direct missile threat to Swiss territory.

The 2026 assessment by Switzerland’s Federal Intelligence Service identifies a further deterioration in the national security environment. Russia remains the principal acute threat actor. Espionage, cyber activity, influence operations, sanctions evasion, terrorism and violent extremism do not operate as separate risk categories. They overlap within the same European operating environment.

Switzerland remains politically neutral. Operationally, it is embedded in the European hybrid threat space. Its international institutions, financial systems, research capacity and digital infrastructure create intelligence access, technical dependencies and disruption opportunities with effects beyond Swiss territory.

The Essentials in 30 Seconds

• The German Ministry of Defence has terminated the programme for six F126 frigates. The decision was driven by delays, rising costs and the risks associated with a change of prime contractor.

• The programme, originally costed at around ten billion euros, would have required more than 18 billion euros if continued. Costs already incurred and potential damages claims against Damen remain part of the financial and legal follow-up.

• Subject to budgetary and contractual implementation, Germany intends to procure eight MEKO A-200 DEU frigates. The project was initially designed as a bridging solution against F126 delays and is now becoming the core ASW programme of the German surface fleet.

• The higher unit count improves fleet rotation and platform availability. Organic airborne ASW redundancy, however, declines: F126 was designed for two NH90 Sea Tiger helicopters; the currently known MEKO configuration accommodates one medium helicopter or, alternatively, two light aircraft.

The F126 programme has been terminated. Germany’s planned large-frigate line for the 2030s will therefore not materialise.

Six F126 frigates were intended to provide the German Navy with large multi-role platforms featuring high endurance, extensive internal volume and modular mission capacity. The planned task spectrum included anti-submarine warfare, escort operations, maritime surveillance, forward presence, command support, evacuation operations and the embarkation of additional personnel and mission-specific equipment.

The cancellation changes German force planning in the North Atlantic, the North Sea and the Baltic Sea, as well as along NATO’s reinforcement axis between North America and Europe.

The Essentials in 30 Seconds

The BND and BfV face increased collection pressure. Personnel, facilities, access systems and security procedures constitute separate intelligence targets.

No public attribution links the reported incidents at BND sites to Russian services. The confirmed assessment concerns the particular Russian collection interest in employees of German intelligence services.

Drone flights, vehicle surveillance, test contacts at access points and approaches toward employees can produce data on response times, security zones, technical installations and personal contact surfaces.

Intelligence facilities require local C-UAS sensors, pre-arranged JÜKO procedures, fixed police interfaces and integrated assessment of physical, digital and personnel-related indicators.

Russian intelligence services treat German security authorities as operational target environments. Relevant collection targets include classified material, technical capabilities, source access, security procedures, infrastructure and personnel.

Access controls, guard routines, alerting procedures, technical protection measures, energy supply, delivery traffic and employee movement patterns provide information on the protection level, response time and vulnerabilities of a facility.

Publicly known suspected incidents include conspicuous visitors at BND headquarters, drone overflights, repeatedly observed vehicles, possible surveillance of employees, unusual contact attempts and an alleged fence breach at the Centre for Intelligence Training and Further Education.

The Federal Office for the Protection of the Constitution assesses its employees as subject to particular Russian collection interest because of their access to state secrets. The threat situation is continuously assessed with national and international partners. Protective measures are adjusted according to the situation.

The Essentials in 30 Seconds

The IDF conducted a scheduled exercise in the Eilat area on 23 June 2026. The activity followed a confirmed maritime incident on 29 May 2026, when a jet ski approaching from the Jordanian direction crossed into Israeli waters in the Gulf of Aqaba and was forced to turn back by a patrol boat of the 916th Squadron.

According to a Haaretz report, Shin Bet Director David Zini internally prioritised preparations against a coordinated attack on Eilat originating from Jordanian territory or through the Gulf of Aqaba. Shin Bet also stated that Zini’s visit to Eilat had not been triggered by specific warning intelligence.

The Houthi movement remains the most clearly demonstrated external threat axis. On 9 June 2026, Israeli air defence intercepted a drone launched from Yemen over Eilat. Earlier successful Houthi drone attacks against Eilat also show that the air threat is not theoretical.

Publicly visible indicators of an imminent large-scale operation remain absent: no confirmed hostile structure in the Eilat area, no verified preparation of multiple attack axes, no documented weapons transfers, no known target reconnaissance, and no publicly evidenced activation of local support networks.

 The Essentials in 30 Seconds

• On 24 June 2026, Germany’s Federal Prosecutor General ordered searches at premises in Berlin and Frankfurt am Main.

• A Russian national is suspected of aiding and abetting offences under the Foreign Trade and Payments Act and aiding and abetting attempted anti-constitutional sabotage.

• The case concerns the planned liquidation of the former Gazprom Germania GmbH in March 2022 after an acquisition that remained legally ineffective pending investment review.

• According to the Federal Ministry for Economic Affairs and Climate Action, the Moscow-based JSC Palmary was the indirect acquirer.

• The Customs Criminal Investigation Office leads the police investigation. The proceeding combines foreign-trade criminal law, financial investigation and a state-security offence.

The Essentials in 30 Seconds

The German–Polish defence agreement of 17 June 2026 does not close an abstract cooperation gap. It targets defined eastern-flank requirements: movement of heavy forces, host nation support, air defence, engineer support, cyber defence, defence-industrial cooperation, Baltic Sea security and protection of critical infrastructure.

Poland allocates around PLN 200 billion to defence in 2026, roughly 4.8 percent of GDP and about USD 55 billion. Germany remains the rear operational, transit and industrial area. Poland remains the forward state between Belarus, Kaliningrad, Ukraine, the Baltic Sea and the Baltic reinforcement corridor. The axis only has military effect if troop movement, ammunition stocks, interceptor depth, command networks and infrastructure hardening are materially available.

Kaliningrad defines the immediate pressure space. Iskander-M reaches up to 500 kilometres. S-400 with 40N6 missiles is reported with a nominal range of up to 400 kilometres, while sensor horizon, target altitude, terrain and electronic countermeasures limit practical engagement geometry. Polish staging areas, air-defence nodes, ports, energy infrastructure and transport hubs remain within direct Russian pressure range.