Poland’s intelligence service has detected cyberattacks on five water treatment plants where hackers could have seized control of industrial equipment and potentially compromised water safety. The revelations highlight a growing global threat to critical infrastructure that extends far beyond Poland’s borders.
This isn’t just a European problem. U.S. water systems face the same vulnerabilities. In 2021, a hacker briefly accessed a Florida water treatment plant and attempted to increase sodium hydroxide levels to dangerous amounts. Federal agencies have since warned that American water utilities remain prime targets for foreign hackers.
Poland’s Internal Security Agency published a report Friday covering two years of operations and threats the country faced. The intelligence agency says it stopped multiple sabotage attempts by Russian government spies and hackers who targeted military facilities, critical infrastructure, and civilian locations. Some attacks may have caused deaths, according to the report.
“The most serious challenge remains the sabotage activity against Poland, inspired and organized by Russian intelligence services. This threat was (and is) real and immediate. It requires full mobilization,” the report states.
While the report doesn’t explicitly blame Russian hackers for the water plant attacks, Poland has recently suffered several attempts by Russian government hackers to disrupt its infrastructure. This includes a failed attack on the country’s energy grid, which investigators later attributed to weak security controls at the targeted facilities.
The attacks represent part of a broader pattern targeting water and energy systems worldwide. Last month, U.S. federal agencies issued a joint warning that Iranian-backed hackers are actively targeting programmable logic controllers – the industrial computers that operate water and energy facilities. The same Iranian group, CyberAv3ngers, broke into digital control panels at multiple Pennsylvania water treatment plants in 2023, in attacks federal agencies linked to Middle East tensions.
These incidents follow a clear strategy that Russia applies both in war zones like Ukraine and against Western countries it considers enemies. Polish intelligence believes the goal is to weaken and destabilize the West through cyberattacks and espionage as part of a larger campaign by Putin’s regime.
The water infrastructure attacks are particularly concerning because they directly threaten public safety. Unlike data breaches that compromise personal information, successful attacks on water treatment systems could poison drinking water supplies for entire communities. This makes water facilities attractive targets for nation-state hackers seeking maximum impact with relatively simple attacks.
Security experts have long warned that critical infrastructure systems often use outdated technology with poor cybersecurity protections. Many industrial control systems were designed decades ago when cybersecurity wasn’t a primary concern. They frequently run on legacy software with known vulnerabilities and lack proper network segmentation from internet-connected systems.
The coordination between Russian and Iranian hacking groups also suggests state-sponsored cyber operations are becoming more sophisticated and targeted. Both countries appear to be sharing tactics and focusing on similar infrastructure targets across multiple Western nations simultaneously.