Polish soldiers patrolling on the border with Belarus in Usnarz Gorny (REUTERS/Kuba Stezycki)

Cyber Attacks on Poland’s Water Infrastructure

In 2025, Poland faced a series of alarming cyber attacks that compromised the water infrastructure in various towns—a concerted effort attributed to Russian hacker groups. The Bezpieczeństwa Wewnętrznego Agency (ABW) has identified these incidents as among the most significant threats to national security.

Attack Details

The hackers managed to infiltrate industrial control systems in water treatment stations across Jabłonna Lacka, Szczytno, Małdyty, Tolkmicko, and Sierakowo. By manipulating critical technical parameters, they jeopardized the continuity of water service, posing a direct risk to public health and safety.

Coordinated Cyber Assaults

Deputy Prime Minister Krzysztof Gawkowski reported that these cyberattacks formed part of a larger plan involving a coordinated national blackout. This endeavor targeted Poland’s energy infrastructure during a harsh winter, amplifying the potential impact on the citizenry.

Attribution to APT Groups

Investigators identified the hacker groups APT28 and APT29 behind these attacks. Both groups are known for their advanced tactics and links to Russian intelligence, specifically the GRU and FSB. They exploited known vulnerabilities in industrial systems, such as weak passwords and publicly exposed admin panels, to gain unauthorized access.

The Broader Implications of Cyber Warfare

The recent rise in cyberattacks underscores the urgent need for enhanced cybersecurity measures and national alert protocols. According to the ABW, the attacks sought to induce not just service interruption but also societal destabilization, creating an environment of fear and uncertainty.

Hybrid Warfare Tactics

The ABW report highlights a disturbing trend: the use of hybrid strategies combining cyber offensives with disinformation and espionage. This necessitates a comprehensive response involving both public and private sectors, particularly those managing critical infrastructure.

Response Measures by Polish Authorities

In the aftermath of these attacks, Polish authorities have ramped up surveillance and are reassessing industrial systems to prevent further breaches. Recommendations from the ABW stress the importance of strengthening password protocols and securing administrative access to control systems.

A Community Threat

These incidents are not isolated; they reflect a broader Russian offensive against multiple nations in the European Union. Such coordinated cyber efforts elevate the threat level to a communal issue, impacting not only individual countries but challenging the stability of the entire region.



General News – 2