Polish fighter jets were scrambled on Christmas Eve, 2025, to intercept a Russian reconnaissance aircraft as unidentified aerial objects crossed the country’s border from Belarus, marking a significant escalation in a campaign of hybrid warfare tactics targeting Poland.
The incursions, which did not result in direct military engagement, highlight a sustained effort by Russia to destabilize Poland through a range of disruptive activities, including GPS jamming, cyberattacks, and sabotage of critical infrastructure. Experts estimate these operations have already cost the Polish economy hundreds of millions of zlotys, forcing a reassessment of national fiscal policy.
Since the 2022 invasion of Ukraine, Poland has become a focal point for Russian hybrid operations, tactics that have since been replicated in other European nations. A particularly damaging incident occurred with the fire that destroyed Warsaw’s Marywilska 44 shopping center, a major wholesale distribution hub. The blaze, which impacted over 1,400 commercial units across 700,000 square feet, disrupted supply chains and had a cascading economic effect.
The disruption extends to the aviation sector. Systematic GPS interference originating from the Russian exclave of Kaliningrad affected nearly 123,000 flights in the Baltic region during the first four months of 2025 alone. These disruptions force costly rerouting, increasing fuel consumption and insurance premiums, potentially adding hundreds of thousands of euros in daily costs for transport networks.
Defense analyst Konrad Muzyka emphasized the cost asymmetry of these operations. He noted that intercepting a swarm of Russian decoy drones last September, requiring the deployment of Polish F-16s and Dutch F-35s, incurred costs in the hundreds of thousands of zlotys for flight hours and missile expenditure. Poland currently faces approximately 4,000 cyberattacks daily, many targeting critical infrastructure, and surpassed the U.S., Ukraine, and Israel as the world’s most targeted country for politically motivated cyber incidents in 2025, ranking among the top three globally for ransomware attacks, accounting for 6% of all incidents in the latter half of the year.
Military expert Artur Dubiel stated that Russia is deliberately attempting to inflict financial damage on Poland although minimizing resource expenditure, describing the activity as a strategy to exhaust resources and undermine morale.
In response, Warsaw allocated over 4 billion zlotys ($1.12 billion) to cybersecurity in 2025, the largest investment in the nation’s history. Though, this increased spending is contributing to a projected 2026 budget deficit of 6.3% of GDP, exceeding the EU’s 3% limit. Prime Minister Donald Tusk defended a record 200 billion zloty ($55 billion) defense budget for 2026 – representing 4.83% of GDP – nearly tripling NATO’s 2% minimum and surpassing the U.S. Allocation of 3.2%.
Approximately 40% of this defense budget is being financed through debt instruments managed by the state-owned bank BGK, allowing Warsaw to circumvent constitutional debt limits and EU fiscal constraints to accelerate hardware acquisitions. However, a 2025 report from the Łukasiewicz Research Network cautioned that a reliance on “off-the-shelf” purchases from the U.S. And South Korea could hinder the development of domestic technological innovation.
Poland is now exploring the EU’s Security Action for Europe (SAFE) program, a €150 billion ($177 billion) joint loan facility, to finance defense investments and bolster Europe’s military-industrial base. Warsaw hopes to leverage SAFE funds to rebalance procurement towards domestic and European co-production, easing fiscal pressure and fostering deeper integration within the EU defense market.
Poland’s experience serves as a warning for the wider continent. From cyberattacks targeting Italy’s Foreign Ministry to numerous acts of infrastructure sabotage reported in Germany, the Kremlin’s actions are intended to undermine the social cohesion of Western nations. British Prime Minister Rishi Sunak, speaking at the Munich Security Conference on February 14, 2026, described these actions as “tearing at our social order,” noting Moscow’s recruitment of third-country nationals via messaging platforms to carry out these acts, maintaining deniability while exacerbating social tensions and increasing security costs across Europe.
