The RAF Brize Norton Breach: What Low-Tech Sabotage Says About UK Security
The Palestine Action group are at it again. This time going after an RAF airbase in what may be their most brazen operation to date—targeting the heart of Britain’s military infrastructure. In the early hours of June 18th, activists from the group infiltrated RAF Brize Norton, the UK’s largest and most strategically vital airbase, and managed to sabotage two Voyager aircraft used for aerial refueling and transport.
With little more than electric scooters, crowbars, and modified fire extinguishers filled with red paint, they caused millions in damages and escaped before security forces could intervene.
This isn’t the group’s first high-profile strike. As I detailed in a previous investigation into their Elbit Systems raid, Palestine Action has carved out a reputation for sabotage operations. But while their earlier attacks focused on weapons manufacturing sites, this latest incursion marks a significant escalation: a direct assault on active military hardware, within a base protected by the Ministry of Defence.
How They Pulled It Off: Infiltration by Simplicity
The Palestine Action group’s strike on RAF Brize Norton wasn’t a high-tech cyberattack or a Hollywood-style breach. It was a simple infiltration, planned with precision, executed with low-tech tools, and devastating in its impact.
This is likely the result of extensive recon, looking for vulnerabilities and routes that provided the least amount of surveillance and resistance, from the outside of the base to the airplanes, their targets.
RAF Brize Norton is a massive base, covering over 1,700 acres. Its sheer size creates natural surveillance blind spots. According to statements from the group and footage released post-incident, the activists knew the terrain and its vulnerabilities. They appear to have entered via a less-patrolled section of fencing, avoiding primary access points and CCTV-covered zones. The quiet of the early morning, combined with minimal foot patrols and lighting in peripheral sectors, gave them the window they needed.
Arrival by Electric Scooter
The activists approached the airbase perimeter in the dead of night, riding electric scooters. The interesting aspect of the use of these scooters implies that there was a method to get over fencing with bulky equipment. This implies the likely use of fence climbers or fence cutters … Assuming they didn’t simply find a hole in the fence.
These vehicles, allowed them to rapidly and quietly get from the outer perimeter to the aircraft. Obviously there are at least two security issues at this point already:
This group, had to bypass fencing with the scooters which likely means several minutes of prepping and climbing without being detected. This implies either a dead zone in security, or simple complacency on the guards part.
While the scooters may be difficult to detect via thermal cameras, due to the fact that the only heat will be the batteries, the people riding them should light up like little Christmas lights as they drive across the airfield. This clearly should have set off some kind of alert to security, which once again didn’t happen
Minimal Tools, Maximum Disruption
Their toolkit was minimalist: crowbars to pry open barriers or entry points, and fire extinguishers repurposed to spray red paint into the air intakes and turbine components of two Airbus Voyager aircraft.
The paint that the group used can compromise critical engine components, leading to expensive maintenance delays, possible part replacements, and thorough security checks.
Palestinian Action Group Info
Founding & Leadership
Founded: 30 July 2020, by Huda Ammori (of Palestinian heritage) and Richard Barnard, a seasoned left-wing activist
Purpose: To actively oppose UK arms exports to Israel, calling it “dismantling British complicity with Israeli apartheid”
Notable Actions
July 2020: Stormed and spray-painted Elbit Systems HQ in London—this inaugural action marked their all-out direct action approach
May 2021: Occupied an Elbit drone factory in Leicester for six days, drawing widespread attention and arrests
2022–2024: Launched multiple high-profile attacks—including weapons plants in Bristol, Thales equipment in Glasgow (causing over £1 million damage), and even a drone factory in Runcorn
March–June 2025: Continued a spree of paint-spray and break-in actions targeting Cambridge University buildings, Leonardo offices, Teledyne CML components factory, and other symbols of UK-Israel military ties
June 18, 2025: In their most audacious action yet, activists infiltrated RAF Brize Norton, vandalized two Voyager aircraft with red paint, and made a powerful political statement
Organizational Structure & Tactics
Operates through clandestine, small cells, coordinating via encrypted platforms like Signal
Offers training webinars (often via Zoom), instructing new recruits in property damage techniques, arrest preparedness, legal tactics, and messaging
Supports a tight-knit network: fundraising via crowdfunding, legal support, “emotional solidarity,” and assistance for jailed members, referring to them as “political prisoners”
Legal Status & Government Response
Home Secretary Yvette Cooper has moved to proscribe the group as a terrorist organization under the Terrorism Act 2000—placing them on equal footing with Hamas, al‑Qaida, and ISIS
The move followed increased counter-terror scrutiny after RAF Brize Norton’s breach; membership could carry up to 14 years in prison
The group has raised over £100,000 to legally challenge the ban, hiring veteran solicitor Gareth Peirce
Opposition voices (Amnesty, Liberty, Jeremy Corbyn, Lord Falconer) warn the ban blurs the line between protest and terrorism, and risks curbing political dissent
Who’s in Charge Today?
Co-founders remain the core leadership: Huda Ammori and Richard Barnard still shape strategic direction
They maintain a masked, decentralized leadership model in public, with operations mediated via anonymous or digitally encrypted channels .
Conclusion
The RAF Brize Norton breach underscores a reality few in the defense community want to confront: you don’t need elite training or advanced equipment to penetrate critical infrastructure. Palestine Action is not a group of ex-military operatives or professional saboteurs. Their members are often young, ideologically motivated civilians with little to no formal tactical background. Yet, time and again, they’ve shown that even loosely organized, minimally equipped activists can infiltrate secure facilities and inflict significant operational damage.
Their success doesn’t stem from advanced skills, it comes from exploiting complacency, surveillance gaps, and the vastness of infrastructure not built to defend against low-tech intrusions.
What’s truly alarming is what this says about the broader state of physical security. If a group with no formal training can repeatedly breach defense contractors, weapons factories, and now an active RAF base, it signals a deep vulnerability, one not easily solved by more cameras or higher fences.