Poland says hackers have infiltrated its water treatment plants, and the United States faces the same threat

Polish intelligence said it had detected attacks on five water treatment plants, where hackers could have taken control of industrial equipment inside, including, in the worst cases, tampering with the integrity of the water supply.

The story is relevant beyond Poland’s borders: water infrastructure in the United States has faced similar threats in recent years. In 2021, a hacker briefly gained access to a water treatment plant in Oldsmar, Florida and attempted to increase the level of sodium hydroxide — a caustic chemical — to dangerous levels. The FBI and the US Cybersecurity and Infrastructure Security Agency have since warned that water utilities remain an easy target for foreign hackers.

Poland’s Internal Security Agency, the country’s top intelligence agency, on Friday published a report covering the last two years of the agency’s operations and the threats the country has faced. The report said that Polish intelligence thwarted several acts of sabotage carried out by Russian government spies and hackers, who targeted military installations and critical infrastructure (essential systems such as power grids, water supplies and transportation networks), as well as civilian targets. According to the report, these attacks may lead to deaths.

“The most serious challenge remains subversive activity against Poland, inspired and organized by Russian intelligence services. This threat was (and remains) real and immediate. It requires full mobilization,” the report stated.

The report did not specify whether the hackers behind the attacks on water treatment facilities were Russian government spies. But Poland has recently been the target of several attempts by Russian government hackers to attack its infrastructure, including a failed attempt to bring down the country’s power grid. This violation was later attributed to weak security controls in the targeted facilities.

Poland’s experience forms part of a growing global pattern of attacks on water and energy infrastructure. Last month, a joint advisory from the Cybersecurity and Infrastructure Security Agency, the FBI, the National Security Agency, and several other federal agencies warned that Iranian-backed hackers were actively targeting programmable logic controllers — the industrial computers that run water and power facilities — at U.S. utilities. The same Iranian hacking group, CyberAv3ngers, had previously breached digital control panels at several US water treatment plants in Pennsylvania in 2023, in attacks that federal agencies linked to escalating hostilities in the Middle East.

In other words, the attacks against Poland are not unique, and they follow a strategy applied by the Russian government in war zones such as Ukraine, as well as against Western countries that it considers long-time enemies. The plan, according to Polish intelligence, aims to destabilize and weaken the West, and cyberattacks and cyberespionage are just tools within a larger toolkit of the Putin regime.