.svg){kind=spacer}
June 10, 2026
In brief
Poland’s Internal Security Agency reported a rise in cyberattacks against industrial control systems and other operational technology infrastructure during 2024 and 2025, with particular concern around attempts to disrupt critical public services. The most serious cases involved breaches at water treatment facilities in Jabłonna Lacka, Szczytno, Małdyty, Tolkmicko, and Sierakowo. In some incidents, attackers gained access to ICS environments and obtained the ability to change equipment operating parameters, creating a direct risk to operational continuity and public water supply.
The agency identified weak password practices and internet-exposed systems as the main factors enabling these intrusions. It also warned that attacks are expanding beyond water treatment to supply chains and other municipal utilities, including wastewater treatment plants and waste incineration facilities. While ABW attributed much of the activity to hacktivist groups, the report notes that such personas are often used by foreign governments, especially Russian intelligence services, and names Russian APT28, APT29, and Belarusian-linked UNC1151 among groups operating against Polish targets.
Source: SecurityWeek
