Poland’s critical infrastructure has once again been targeted by Russian hacktivists. This time, the focus was on a small hydroelectric power plant located in the Pomeranian Voivodeship, near Gdansk. The attack took place in August and highlighted how vulnerable essential systems can be to digital sabotage.
Series of Attacks on Hydroelectric and Critical Infrastructure
The incident was not the first of its kind. In recent months, similar cyber intrusions have been reported across the country. In May 2025, a water treatment plant in Szczytno came under attack. Earlier, in April 2025, treatment plants in Maldyty, Tolkmiczko, and SierakĂłw faced disruptions. That same month, wastewater facilities in WitkĂłw were also targeted. The pattern goes back even further, with a wastewater treatment plant in KuĹĽnica attacked in October 2024.
The most unusual disruptions occurred in August 2025, when public pools and fountains were manipulated through hacking attempts. In May 2025, another attack on the very same hydroelectric plant in Pomerania had already been documented. This proves that the facility has been targeted more than once, showing that attackers return to previously exploited sites.
Japan Approves New Active Cyber Defense System to Combat Cyberattacks
How Hackers Disrupted the Hydroelectric Plant
On August 12, pro-Russian hacktivists published a video recording showing their actions against the hydroelectric power station. The footage revealed how the attackers manipulated operational parameters of the plant. These changes pushed equipment to extreme levels by setting values to either the maximum or minimum allowed.
This manipulation forced the generator and rotor inside the plant to shut down. For a hydroelectric facility, which depends on precise regulation of water flow and machinery, such interference is extremely dangerous. Even small changes in settings can lead to machinery failure, energy stoppages, or costly repairs.
China Behind 210 Cyberattacks: Japan Faces Serious Security Breach
The recording confirmed that this was not a symbolic act but a real interference with the functioning of the power station. Cyber experts noted that the attack on an operating power plant posed a serious risk to energy stability in the region. Unlike minor disruptions at pools or fountains, stopping a power generator directly affects electricity availability.
Authorities also revealed that in August a large-scale cyberattack attempt was made on the water supply system in a major Polish city. Had it been successful, residents would have faced water shortages. Thankfully, this attempt was detected in its early stage and blocked before it could cause damage.
Broader Cyber Threats from Russian Hacktivists
The attacks on Polish infrastructure are part of a much wider digital campaign linked to Russian hacker groups. These groups do not only target water and energy systems but also go after highly sensitive organizations abroad.
One such campaign, ongoing since 2024, has focused on foreign embassies and diplomatic institutions inside Russia. A spyware program known as ApolloShadow has been used to infect devices connected to Russian Internet providers. This software disguises itself as antivirus protection, making it difficult for users to recognize the threat.
ApolloShadow works by forging root certificates. This trick allows it to intercept and even alter data traffic that would normally be encrypted. By doing so, hackers can secretly read private communications. In addition, the spyware collects login credentials, passwords, and authentication tokens. Once inside a system, it can create administrator accounts, ensuring long-term access for the attackers.
🔓 Massive cyberattack rocks French defense giant—hackers claim 1TB breach
These abilities give hackers complete control over infected devices. They can monitor activity, steal sensitive files, and remain undetected for long periods. Reports have confirmed that such campaigns are not isolated incidents but rather part of a coordinated effort to expand digital espionage.
The repeated strikes against Poland’s hydroelectric power plant, water treatment facilities, and city utilities show how cyberattacks are increasingly aimed at essential services. Whether it is cutting electricity, halting water supply, or disrupting sanitation systems, these actions demonstrate that digital warfare directly impacts daily life.