About Sabotage Watch
Documenting hybrid-warfare threats through transparent, data-driven open-source analysis.
Sabotage Watch documents and analyses sabotage incidents using open-source intelligence (OSINT), to raise public awareness about the growing threats posed by adversaries engaging in hybrid warfare against Western nations and their allies.
By collecting, verifying and visualising incidents of sabotage, cyberattacks, infrastructure damage and other hybrid threats, we give researchers, policymakers, journalists and the public accessible, transparent data about these emerging security challenges.
What is hybrid warfare?
Hybrid warfare combines conventional military force with unconventional methods — cyberattacks, disinformation, economic coercion and sabotage — to destabilise adversaries below the threshold of armed conflict. These "gray zone" tactics are difficult to detect, attribute and counter, making transparent documentation essential.
Why this matters
- Increase public awareness of ongoing threats
- Support academic research and policy analysis
- Enable investigative journalism
- Help identify patterns and vulnerabilities
What we track
Every entry in the record is classified into one of twelve incident categories — the same taxonomy used to colour the live map.
Our methodology
A consistent, source-first process governs every incident from discovery to publication.
Source Verification
Every incident links to credible, publicly available sources — news reports, government statements, and official investigations.
Geolocation
Incidents are mapped with precise coordinates when available, enabling spatial analysis of threat patterns.
Temporal Tracking
Each incident is timestamped to enable trend analysis and identification of escalation patterns.
Attribution
Where possible and supported by credible sources, we document suspected or confirmed perpetrators.
Continuous Updates
Our database is regularly updated as new incidents occur and additional information becomes available.
Built on open collaboration
Sabotage Watch is an independent, volunteer-driven project. There are several ways to support the mission.
Transparency
- OSINT-only — exclusively public information
- Non-political — analytical neutrality maintained
- Community-driven — open to corrections
Disclaimer
Information is compiled from public sources for educational purposes. We cannot guarantee absolute accuracy, and incidents with unclear attribution should be treated as preliminary. Sabotage Watch is an independent project, not affiliated with any government.
Frequently asked questions
Quick answers about what Sabotage Watch is, how it verifies incidents, and how to contribute.
What is Sabotage Watch?
Sabotage Watch is an independent open-source intelligence (OSINT) project that documents and maps sabotage, submarine-cable cuts, drone incursions, arson, GPS jamming and cyber operations against Western critical infrastructure. Every incident is drawn from public reporting and plotted on an interactive map with a sourced dossier.
What is hybrid warfare?
Hybrid warfare combines conventional force with unconventional methods — cyberattacks, disinformation, economic coercion and physical sabotage — to destabilise an adversary below the threshold of open armed conflict. These "gray zone" actions are deliberately hard to detect and attribute, which is why transparent documentation matters.
How does Sabotage Watch verify incidents?
Each incident is built only from publicly available sources, pinned to coordinates where possible, timestamped, and linked to at least one citable report. Attribution is recorded as assessed in the open-source record; where responsibility is unconfirmed it is labelled suspected. Entries are updated as new information becomes publicly available.
What types of incidents are tracked?
Twelve categories: airspace violations, arson, cyber attacks, disinformation and interference, drone sightings, kidnapping, killing or poisoning, sabotage, spoofing and jamming, submarine-cable damage, terrorism, and other hybrid threats.
Is Sabotage Watch affiliated with any government?
No. Sabotage Watch is an independent, non-political project. It relies exclusively on open sources, maintains analytical neutrality, and is open to corrections from the public.
How can I report or contribute an incident?
Anyone can submit a suspected incident through the Contribute page, including a title, category, date, location, coordinates and at least one source link. Submissions are reviewed and cross-checked against credible open sources before they are published.
Where does the incident data come from?
From public sources such as official government statements, established newsrooms, vessel- and flight-tracking platforms, satellite imagery and open geospatial data. The Toolkit page lists the OSINT tools and datasets used.