Poland said it stopped a cyberattack targeting parts of its power system in late December, preventing disruption to electricity supplies. Prime Minister Donald Tusk said the attempted attack was detected and blocked on Dec 29 and Dec 30, and that the country avoided a wider impact on critical infrastructure.
Tusk said there are reasons to believe the attackers were linked to Russia’s intelligence agencies. He publicly blamed actors connected to Russian services and described the incident as a serious attempt to interfere with Poland’s energy security. Polish authorities have not released technical details about the methods used in the attack or identified the specific group responsible.
Officials said the attempted intrusion targeted systems connected to electricity generation and distribution. Polish authorities said the operation involved multiple targets, including renewable energy installations. Deputy Prime Minister and Digital Affairs Minister Krzysztof Gawkowski described the activity as coordinated and said it was aimed at disrupting communications and control processes used by energy operators.
Poland said the attack was foiled before it could trigger outages or broader disruption. Officials said the response involved cooperation between national cybersecurity teams and energy sector operators, and that defensive measures were implemented to contain the threat. The government has not reported any power cuts linked to the incident, and it said electricity supplies remained stable.
The case has drawn attention because it involves critical infrastructure and because senior Polish officials directly connected the incident to Russia. Tusk said Poland’s services acted quickly and effectively, and he presented the response as evidence of improved readiness. The government has not disclosed whether the attempted attack involved ransomware, data theft, or efforts to interfere with operational technology systems.
Polish officials said the incidents are being investigated and that further work is underway to strengthen the protection of key systems. The government has said it is continuing efforts to improve cybersecurity for critical infrastructure, including the power sector. No timeline has been provided for when the investigation will be completed or whether additional findings will be made public.
Poland has repeatedly warned about cyber threats targeting state institutions and infrastructure. In this case, officials said the attempted attack was contained without major disruption, while the prime minister’s statements placed responsibility on actors linked to Russian intelligence agencies.