Polish power grid: Sweden blames Russian hackers for attempting ‘destructive’ cyberattack on thermal plant

Russian-Linked Hackers Target Swedish Power Plant in Failed Cyberattack

In early 2025, Russian government-affiliated hackers attempted to disrupt operations at a Swedish thermal power plant, marking another escalation in cyber threats against critical infrastructure. Sweden’s Minister of Civil Defense, Carl-Oskar Bohlin, revealed the incident during a press conference, attributing the attack to groups with ties to Russian intelligence and security services.

While the hackers failed to breach the plant thanks to built-in security measures Bohlin warned that such attacks are growing more aggressive. "Pro-Russian groups that once relied on denial-of-service attacks are now pursuing destructive cyber operations across Europe," he stated.

The incident follows a pattern of Russian-linked cyberattacks on energy and water systems in Europe. In December 2025, Poland accused Russia of attempting to sabotage its power grid, while earlier that year, hackers briefly seized control of a Norwegian dam, releasing millions of gallons of water before being expelled. Ukraine has also faced repeated attacks, including a 2024 strike on a Lviv energy provider that left hundreds without heat during freezing temperatures.

Russia’s history of targeting critical infrastructure dates back to 2015, when cyberattacks caused widespread blackouts in Ukraine. The latest incidents underscore the rising threat of hybrid warfare, where cyber operations aim to inflict real-world disruption. Russia has not responded to requests for comment.

Source: https://techcrunch.com/2026/04/15/sweden-blames-russian-hackers-for-attempting-destructive-cyberattack-on-thermal-plant/

Polish Energy Partners cybersecurity rating report: https://www.rankiteo.com/company/polish-energy-partners

"id": "POL1776270886",
"linkid": "polish-energy-partners",
"type": "Cyber Attack",
"date": "1/2025",
"severity": "100",
"impact": "7",
"explanation": "Attack that could injure or kill people"

{'affected_entities': [{'industry': 'Energy',
                        'location': 'Sweden',
                        'type': 'Thermal power plant'}],
 'date_detected': '2025-01',
 'date_publicly_disclosed': '2025',
 'description': 'In early 2025, Russian government-affiliated hackers '
                'attempted to disrupt operations at a Swedish thermal power '
                'plant. The attack was attributed to groups with ties to '
                'Russian intelligence and security services. The hackers '
                'failed to breach the plant due to built-in security measures, '
                'but the incident highlights growing aggression in cyber '
                'threats against critical infrastructure.',
 'impact': {'operational_impact': 'Attempted disruption (failed)',
            'systems_affected': 'Thermal power plant operations'},
 'lessons_learned': 'Pro-Russian groups are shifting from denial-of-service '
                    'attacks to destructive cyber operations targeting '
                    'critical infrastructure. Built-in security measures can '
                    'mitigate such threats.',
 'motivation': 'Disruption of critical infrastructure, hybrid warfare',
 'recommendations': 'Enhance monitoring and security protocols for critical '
                    'infrastructure to counter evolving cyber threats.',
 'references': [{'source': 'Sweden’s Minister of Civil Defense (Carl-Oskar '
                           'Bohlin)'}],
 'response': {'communication_strategy': 'Public disclosure by Sweden’s '
                                        'Minister of Civil Defense'},
 'threat_actor': 'Russian government-affiliated hackers',
 'title': 'Russian-Linked Hackers Target Swedish Power Plant in Failed '
          'Cyberattack',
 'type': 'Cyberattack'}