Germany’s Total-Defence Moment: NATO’s eastern flank hardens, Europe’s home front militarises, and the hybrid fight moves into HR inboxes

In the past seven days, Europe’s security debate has stopped pretending that “war” is something that happens only at the front. From Lithuania to Kiel to the Arctic, NATO is reshaping command structures and rehearsing reinforcement at scale; in Berlin, resilience is being written into law; and in cyberspace, the most valuable targets are increasingly not servers but people. For Germany, this is the practical edge of the Zeitenwende: comprehensive defence is no longer a slogan—it is becoming an operating model.

Lithuania stops being a tripwire: Germany turns NATO’s forward presence into a standing combat structure

The most strategically consequential development of the week happened on 4 February, when Lithuania’s NATO Multinational Battlegroup was formally transferred into the command and composition of Germany’s 45th Armoured Brigade “Litauen”. Lithuania’s defence ministry framed the handover as a visible marker of unity and long-term commitment, underscoring that the battlegroup—after nine years under a Lithuanian unit—now sits inside a German brigade structure designed for permanent deterrence on NATO territory (Lithuanian Ministry of National Defence).

This shift matters because it tightens the coupling between forward defence and reinforcement. Rotational battlegroups were built for signalling and delay; a brigade framework is built for command continuity, force integration, and wartime employment. Reporting this week captured the operational implication succinctly: the eFP battlegroup’s subordination to Panzerbrigade 45 is a milestone on the path to a fully operational German combat brigade on NATO’s eastern flank by 2027 (Janes).

The move also aligns uncomfortably well with the threat timeline now being articulated publicly by eastern-flank services. Estonia’s foreign intelligence chief told AP that Russia cannot attack NATO “this year or next” but is planning to boost forces along NATO borders depending on how the war in Ukraine evolves, signalling a longer-term reconstitution challenge rather than an immediate lightning strike problem (AP). For Germany and NATO, the implication is not a headline-grabbing crisis but a grinding requirement: build structures that can absorb pressure, not just demonstrate presence.

Steadfast Dart comes ashore: NATO stress-tests reinforcement through German ports, roads, and command chains

As forward defence hardens in Lithuania, NATO is simultaneously rehearsing the other half of deterrence: the ability to move mass quickly. Steadfast Dart 2026—described by participating defence ministries as the largest and most comprehensive NATO exercise of the year—entered a decisive phase in Germany from 8–25 February, running alongside Germany’s own Quadriga-linked national activities (Turkish Ministry of National Defence).

On 11 February, the exercise’s logic became visible in steel: a naval task group associated with NATO’s Allied Reaction Force arrived in Kiel, marking the end of a deployment phase that moved units into the exercise area via air, sea, and land under coordinated command arrangements (WELT). This is not theatre. It is an audit of Europe’s military mobility in real time: port handling, convoy protection, fuel, rail capacity, host-nation support, and the bureaucratic friction that can quietly kill speed.

For Germany, the strategic interpretation is straightforward and not flattering: in any serious eastern-flank contingency, Germany is less a “rear area” than NATO’s primary transit and sustainment machine. Exercises like Steadfast Dart are therefore not merely about warfighting units; they are about whether the German state can function as a military logistics hub while remaining politically coherent and economically operational. That is total defence in practice: the line between “Bundeswehr readiness” and “national readiness” disappears the moment the first ships dock and the first rail movements begin.

Resilience becomes law: KRITIS protection and the politics of civil defence after sabotage shocks

Germany’s home-front agenda moved in parallel. The country’s new critical infrastructure framework law—the KRITIS umbrella law—has become the centre of gravity for how Berlin talks about hybrid threats, physical sabotage, and civil defence. A detailed regional-security assessment published on 4 February described the law’s cross-sector scope and its enforcement teeth, including risk-analysis requirements and potential fines, while also highlighting the political controversy over thresholds, funding, and the slow timeline for implementing regulations (OSW Centre for Eastern Studies).

The strategic significance lies less in the existence of another compliance regime and more in what it acknowledges: Germany is legislating for a security environment in which disruption is a method, not an accident. The same OSW analysis explicitly links the push to rising attacks and suspicious activity around sensitive sites, and notes that Berlin’s early-January power-grid sabotage episode has already fed a secondary policy debate—whether publicly accessible infrastructure location data should be restricted as a resilience measure rather than treated as a transparency default (OSW Centre for Eastern Studies).

This is where Gesamtverteidigung stops being rhetorical. If Germany treats energy, transport, water, and communications as part of the battlespace, then civil protection agencies, regulators, and operators become defence actors by function. That, in turn, forces an uncomfortable NATO-relevant question: can Germany protect the infrastructure that NATO needs in order to reinforce the east—especially under conditions of sabotage, drone incursions, and social amplification campaigns—while still sustaining democratic consent for the inevitable trade-offs?

Hybrid pressure targets people, not just networks—and NATO expands “Sentry” vigilance from the Baltics to the Arctic

The week’s most important cyber trend was the confirmation—backed by Google threat researchers—that state-linked actors are increasingly targeting defence-sector employees directly, often outside corporate perimeters, including through recruitment channels and personalised lures that are harder for conventional enterprise security to detect (The Guardian). This is not a narrow technical shift; it is a strategic one. If the human layer becomes the preferred access vector, then “cyber defence” becomes inseparable from workforce security, vetting, training, and supply-chain HR processes—precisely the places where defence organisations are culturally least prepared to behave like intelligence targets.

Europe is also seeing the operational face of politically motivated disruption. Financial Times reporting on Russia-linked actors attempting DDoS disruption around the Winter Olympics in Italy reinforces a wider pattern: even when attacks are tactically blunt, they are designed to impose reputational cost, operational distraction, and a sense of persistent vulnerability (Financial Times). For NATO and EU states, this kind of activity is not “below the threshold” noise; it is the texture of a contested rear area.

Against that backdrop, NATO on 11 February launched “Arctic Sentry”, a new effort intended to pull allied activities in the High North into a coherent, centrally visible framework—explicitly justified by increased Russian activity and growing Chinese interest in the region (NATO; AP). The alliance’s own description is telling: Arctic Sentry is about visibility, coherence, and gap-finding across domains, not about announcing a permanent deployment. In other words, NATO is standardising vigilance as an operating concept—an approach that implicitly treats critical infrastructure, sea lines, and grey-zone pressure as alliance business, not merely national business.

Politically, this lands as Europe heads into the Munich Security Conference with a public conversation—sharpened by the conference’s own report—about Europe needing greater military autonomy and more assertive decision-making under conditions of US unpredictability (The Guardian). For Germany, the strategic message is tight: you cannot argue for European responsibility while outsourcing the risks of readiness to Lithuania, the Baltics, or “NATO” as an abstraction. Readiness is now being measured in integrated brigades, usable ports, protected infrastructure, and employees who do not become the breach.

Across these developments, the through-line is not escalation; it is institutionalisation. NATO is knitting exercises, vigilance, and forward command structures into something more durable, while Germany is beginning to treat resilience, civil protection, and critical infrastructure security as defence policy rather than domestic housekeeping. The credibility of that shift—within Germany, across Europe, and inside NATO—will hinge on whether Berlin can align its eastern-flank commitments with the less visible but decisive requirements of comprehensive defence at home.