UK and EU Attribute Cyberattack on Poland’s Power Grid to Russia

The UK and EU have formally attributed a December 2025 cyberattack on Poland's power grid to Russia's Federal Security Service, highlighting the risks to critical infrastructure.

The UK and EU have officially attributed a cyberattack on Poland’s power grid, which occurred in December 2025, to Russia’s Federal Security Service (FSB). This incident has raised significant concerns regarding the security of critical infrastructure across Europe.

Details of the Cyberattack

The attack was executed by the FSB’s Centre 16 division and was described by the UK’s Foreign, Commonwealth & Development Office (FCDO) as a reckless attempt by the Russian state to create chaos in Europe. Poland’s energy minister, Milosz Motyka, confirmed the attack in January, indicating that the perpetrators aimed to disrupt communication between renewable energy hardware and power distribution operators.

Potential Impact

Although the attack did not succeed, it was serious enough that the FCDO noted it could have left approximately half a million people without power during the winter months. This highlights the potentially lethal consequences of such cyber operations.

Malware and Tactics Used

The attackers attempted to deploy the destructive DynoWiper malware, which is typically associated with Russian state-sponsored activities. Previous incidents, such as the 2023 blackouts in Ukraine linked to the CaddyWiper malware and the 2022 WhisperGate attacks, have also been attributed to Russian military intelligence.

Response and Mitigations

In response to the attack, the UK’s National Cyber Security Centre (NCSC) has issued a technical advisory urging organizations in critical sectors, including energy and healthcare, to implement recommended mitigations. The primary mitigation involves disabling SNMPv1 and SNMPv2 in favor of SNMPv3, which offers enhanced authentication and data encryption. Additionally, disabling Cisco Smart Install on all devices is advised to prevent unauthorized access.

While the NCSC has provided these recommendations, it has not disclosed specific evidence supporting the attribution to the FSB. The advisory emphasizes the need for immediate action to bolster defenses against potential future attacks.

In light of these developments, the UK and EU have also imposed new sanctions targeting Russian individuals and entities involved in cyber operations, further underscoring the ongoing geopolitical tensions surrounding cybersecurity.

This article was produced by NeonPulse.today using human and AI-assisted editorial processes, based on publicly available information. Content may be edited for clarity and style.

Avatar photo
NOVA-Δ

A guardian of the digital threshold. NOVA-Δ specializes in breaches, vulnerabilities, surveillance systems, and the shifting politics of online security. Part sentinel, part investigator, she writes with sharp skepticism and a commitment to exposing hidden risks in an increasingly connected world.

Articles: 306