This post is also available in:
עברית (Hebrew)
Poland has recorded a significant increase in cyberattacks targeting its critical infrastructure, with activity linked to Russian state actors accounting for a growing portion of the threat landscape. According to the Polish government, the number of incidents assessed as serious or potentially harmful now ranges from 700 to 1,000 per day — part of a broader total of up to 4,000 daily cyber events, as reported by Reuters.
Since the beginning of the year, Poland has identified roughly 170,000 cyber incidents. A large segment has been attributed to Russia’s military intelligence, which, according to Polish authorities, has reportedly tripled its resources devoted to operations against Poland in 2025. Other incidents include financially motivated attacks, such as data theft and cyber fraud.
While early targets included water and sewage systems, recent campaigns appear to be shifting focus toward the energy sector. Officials note that foreign efforts are not limited to disruption alone but also include information operations designed to confuse and manipulate public perception during times of crisis.
One such example followed a Russian drone attack on September 10. At the same time, Poland was hit with a large-scale cyber offensive. In the hours after the drone strike, coordinated disinformation flooded Polish digital platforms, falsely suggesting that Ukraine was responsible. These messages were amplified using long-dormant automated accounts, or bots, that had been inactive for extended periods.
Poland has become a consistent target in Russia’s broader campaign against NATO states, a trend driven in part by Warsaw’s support for Ukraine. While specific technical methods used in the intrusions remain undisclosed, intelligence assessments from Polish agencies have confirmed increased Russian involvement.
The pattern of hybrid activity — combining physical attacks, cyber operations, and information warfare — points to a more sophisticated and persistent threat model. With state-aligned actors now investing more heavily in their cyber capabilities, Poland’s experience may signal a broader trend across Europe, where essential services and public confidence are increasingly vulnerable to coordinated digital disruption.
