(TLP:CLEAR) UK National Protective Security Authority – Countering the Threat of Sabotage Operations to UK Interests and National Security

Summary: The UK’s National Protective Security Authority (NPSA) recently published a guidance report “Countering the Threat of Sabotage Operations to UK Interests and National Security,” which details the methods in which sabotage can be carried out by hostile nation states and offers security recommendations for organizations to consider. This guidance is an update to a 2024 report that WaterISAC previously shared.

Analyst Note: Growing geopolitical tensions between major powers is heightening the risk of sabotage and targeted attacks, directed by hostile nation states, against virtually all critical infrastructure sectors, which WaterISAC highlighted in its recently published 2025 “Threat Analysis Report.” Although this report focuses on UK critical infrastructure, it is still relevant for U.S. water and wastewater utilities.

According to NPSA’s guidance document, “sabotage is a means by which hostile state actors undermine the UK’s national security to further their political, military and economic interests.” An important aspect to consider is that sabotage may be executed directly by operatives of a foreign intelligence service but could also be conducted by proxies which can include criminals, violent extremists, or other individuals or organizations working knowingly or unwittingly on behalf of a foreign state. The report also notes potential threat actors may pre-position equipment and technology to commit acts of sabotage at a later date. The report discusses potential sabotage attacks from drones, improvised explosive devices, and fire as a weapon.

Lastly, to mitigate the risk of sabotage attacks, NPSA recommends that critical infrastructure organizations review their security strategies using the following prompts as a guide: 

• Review your protective security risk assessment and update your security strategies, focusing on your most critical assets.
• Recruit your people as part of your security effort and consider enhancing your protective security mitigations.
• Revise your response and recovery plans for an act of sabotage.
• Report any unusual or suspicious activity to your lead government department or the police.

Original Source: https://www.npsa.gov.uk/national-security-act/countering-threat-sabotage-operations-uk-interests-national-security 

Additional Reading:

• (TLP:CLEAR) Gate 15 Threat Awareness & Resilience Guidance Report: Hostile Nation States Employing Non-State Actors (26 June 2025)

Mitigation Recommendations:

• ODNI – Safeguarding the U.S. Defense Industrial Base and Private Industry Against Sabotage

Related WaterISAC PIRs: 1, 2, & 4