Poland’s intelligence agency said it detected attacks on five water treatment plants where hackers could have taken control of industrial equipment inside, including, in the worst case, breaching the security of the water supply.
The story is relevant beyond Poland’s borders: US water infrastructure has faced similar threats in recent years. In 2021, a hacker briefly gained access to a water treatment plant in Oldsmar, Florida and tried to raise the level of sodium hydroxide – a caustic chemical – to dangerous levels. The FBI and the US Cybersecurity and Infrastructure Security Agency have since warned that water utilities remain a soft target for foreign hackers.
On Friday, Poland’s Internal Security Service, the country’s top intelligence agency, published a report covering the last two years of the organization and the threats the country faced. The report said that Polish intelligence prevented multiple acts of sabotage by Russian government spies and hackers, which targeted military installations, critical infrastructure (key systems such as electricity, water and transport networks), as well as civilian targets. These attacks, according to the report, may have resulted in deaths.
“The most serious challenge remains sabotage activity against Poland, inspired and organized by Russian intelligence services. This threat was (and is) real and immediate. It requires full mobilization,” the report said.
The report did not specify whether the hackers behind the attacks on the water treatment facilities were spies for the Russian government. However, Poland has recently been the target of several attempts by Russian government hackers to attack its infrastructure, including a failed attempt to take down the country’s energy grid. This breach was later attributed to inadequate security controls at the targeted facilities.
Poland’s experience is part of a growing global pattern of attacks on water and energy infrastructure. Just last month, a joint advisory from the Cybersecurity and Infrastructure Security Agency, the FBI, the NSA and several other federal agencies warned that Iranian-backed hackers are actively targeting programmable logic controllers — the industrial computers that run water and power facilities — at U.S. utilities. The same Iranian hacking group, CyberAv3ngers, previously broke into digital control panels at multiple US water treatment plants in Pennsylvania in 2023, in attacks that federal agencies linked to escalating hostilities in the Middle East.
In other words, the attacks against Poland are not unique, they follow a strategy applied by the Russian government both in war zones like Ukraine, and against Western countries it sees as long-term enemies. The plan, according to Polish intelligence, is to destabilize and weaken the West, and cyberattacks and cyberespionage are just tools in a larger toolbox for the Putin regime.
Techcrunch event
San Francisco, California
|
13-15 October 2026
When you purchase through links in our articles, we may earn a small commission. This does not affect our editorial independence.
