Espionage is nothing new. Since the rise of organized states and trade, powers have sought to gather information about their adversaries, partners, and competitors. Even in ancient times, rulers sent messengers, double agents, or disguised merchants into enemy territory.

During the Cold War, the race for the best sources and informants reached systematic and institutionalized perfection. The focus then was on the long-term cultivation of “valuable” sources—people deeply embedded in organizations who built trust over years and continuously provided information.

Today, in the era of new geopolitics, the logic of these covert operations has changed—and so has the threat landscape for German companies. Russia, in particular, increasingly relies on so-called disposable agents: short-term, easily replaceable operatives deployed to achieve maximum impact in minimal time.

The German Federal Criminal Police Office (BKA) and the intelligence services have long warned the public about recruitment attempts for espionage and sabotage via social media. Together, they launched the campaign “Don’t Become a Disposable Agent!”, which educates the public and encourages users to report suspicious recruitment attempts. Perhaps similar initiatives for German companies—on how to protect themselves from disposable agents—will follow.

Disposable agents are the opposite of traditional “human sources.” They are not nurtured over years but are quickly inserted into companies, networks, or supply chains to complete a specific task: stealing technology, manipulating processes, or installing malware via internal access. Once their mission is complete—or their cover blown—they are discarded.

This approach carries minimal risk for the deploying actor. There is no need for long-term investment in the operative, and the loss of an agent is negligible. It allows for high flexibility, drawing personnel from a broad pool, often including migrants, transient businesspeople, or seemingly inconspicuous specialists. The likelihood of detection is low because short-term operations do not fit traditional espionage patterns.

German companies are particularly attractive targets. The country remains a hub of technological expertise, reliable supply chains, and a well-structured Mittelstand. Russian services are primarily interested in technology transfer: from mechanical engineering to chemistry, they seek intellectual property to modernize their own industry. Additionally, disposable agents can help circumvent sanctions by bypassing export controls or moving critical components abroad.

These agents are also used for influence operations: inserting narratives, fueling internal conflicts, or undermining trust in management. The threat is especially acute in critical sectors such as energy, defense, and IT infrastructure.

Recruitment methods have evolved. Whereas classical agents often came through diplomatic channels or seemingly legitimate cover companies, disposable agents are now recruited via social media and job platforms, allowing temporary personnel or project workers to infiltrate organizations quickly. Interns and students with access to R&D departments can copy sensitive data unnoticed, and subcontractors in complex supply chains are another entry point. Often, disposable agents also prepare the ground for hybrid operations, such as collecting access credentials for later cyberattacks.

For executives, this creates a clear agenda. First, awareness must be raised: espionage is no longer “someone else’s problem,” but affects even the German Mittelstand. Second, background checks should be intensified, especially for temporary employees, contractors, and freelancers.

Equally critical is cultivating a strong security culture: employees must understand that data leaks and unauthorized access are not trivial offenses. Leadership must develop geopolitical sensitivity, recognizing the links between international conflicts and business risks. Close collaboration with security authorities is also advisable, as they provide timely warnings and support in suspected cases.

Russia’s use of disposable agents signals a paradigm shift: espionage is no longer primarily long-term but tactical, flexible, and ruthlessly expendable. For German companies, this represents a new level of threat.

Anyone who still assumes that industrial espionage only affects large corporations is leaving the door wide open for attackers. Geopolitically aware executives must now integrate espionage defense as a core element of corporate strategy. In a world where data is power, protecting it is ultimately a question of survival.