Poland’s Inside Safety Company (ABW) has documented a big escalation in cyberattacks focusing on industrial management techniques (ICS) and different operational expertise (OT) infrastructure throughout 2024 and 2025, with state-sponsored menace actors more and more shifting focus towards the bodily disruption of important providers.
A Polish official revealed in August 2025 {that a} cyberattack may have brought about a metropolis to lose its water provide, however the assault was thwarted. No technical data was shared on the time.
The federal government company’s new report [written in Polish] supplies extra details about most of these assaults on the nation’s water sector.
[ Read: Claude AI Guided Hackers Toward OT Assets During Water Utility Intrusion ]
In line with ABW, essentially the most important incidents concerned direct intrusions into ICS at water remedy services throughout a number of Polish municipalities. In 2025, the company recorded safety breaches at water remedy stations in Jabłonna Lacka, Szczytno, Małdyty, Tolkmicko, and Sierakowo.
In some circumstances the attackers gained entry to ICS and obtained the power to switch the operational parameters of kit, making a direct danger to operational continuity and the general public water provide.
The company recognized two major assault vectors enabling these ICS intrusions: weak password insurance policies and techniques uncovered on to the web. These are longstanding OT safety hygiene failures, and so they have been additionally lately leveraged in a Russia-linked assault on Polish vitality services.
Past water techniques, ABW documented a rise in assaults focusing on provide chains, important infrastructure, and ICS at different kinds of municipal utilities, together with wastewater remedy crops and waste incineration services.
Investigators decided that attackers focusing on provide chains particularly sought contract information, challenge documentation, and authentication credentials that allow downstream entry to techniques.
ABW attributed major accountability to hacktivist teams, although these are sometimes personas utilized by overseas governments, significantly Russian intelligence providers.
The report particularly names Russian APT teams akin to APT28 and APT29, and Belarusian-linked UNC1151 as working towards Polish targets.
Associated: Polish House Company Hit by Cyberattack
Associated: Poland Confronted a Surge in Cyberattacks in 2025, Together with a Main Assault on the Vitality Sector
Associated: Man Linked to Phobos Ransomware Arrested in Poland
Associated: Hacking Try Reported at Poland’s Nuclear Analysis Heart
![How creators and entrepreneurs are utilizing AI to hurry up & succeed [data]](https://blog.aimactgrow.com/wp-content/uploads/2025/06/Untitled20design-Apr-07-2023-08-24-35-4586-PM-120x86.png)
