Russia expands its campaign of sabotage attacks in Poland
Poland has announced a dramatic expansion of its cybersecurity budget after a relentless wave of Russian cyber sabotage targeted hospitals, water networks, and other critical infrastructure. Officials in Warsaw confirmed that the country now faces up to 50 Russian hacking attempts every single day, making it one of Moscow’s primary targets inside NATO.
Deputy Minister for Digital Affairs Dariusz Standerski told reporters that most of the attacks are blocked, but a handful have succeeded in breaching hospital systems, forcing temporary shutdowns of medical services and compromising sensitive patient data.
He described these as “mostly” hospital-focused intrusions, with two or three operations in recent months suspended for hours due to Russian interference.
The most alarming case came last month, when Russian-backed hackers infiltrated the water supply system of a major Polish city. Authorities confirmed the attackers managed to break into the IT network controlling water flow before being stopped, preventing what could have been a public health disaster. Standerski would not identify the city, but said it was among Poland’s ten largest urban centers.
In response, Warsaw has earmarked an immediate €80 million to strengthen the cyber defenses of water management systems, while committing a record €1 billion overall this year to shield hospitals, utilities, and the country’s 2,400 local administrations from further Russian sabotage. The figure marks a sharp rise from €600 million in 2024, reflecting the urgency of the threat.
Officials stress that Poland successfully blocks about 99% of Moscow’s daily attacks, but even one breakthrough can have dangerous consequences. Deputy Prime Minister Krzysztof Gawkowski described Poland as Russia’s “main target” within NATO, warning that cyber operations are now firmly part of the Kremlin’s hybrid war strategy alongside missile strikes, disinformation, and sabotage abroad.
This hybrid campaign has already crossed multiple lines. In May, Poland shut down the Russian consulate in Kraków after investigators linked Moscow to a 2024 arson attack in a Warsaw shopping center. Last week, about 19 Russian drones crossed into Polish airspace in what NATO denounced as “reckless aggression.”
Some were shot down by Polish and NATO aircraft—marking the first direct engagement between allied forces and Russian drones since the full-scale invasion of Ukraine in 2022.
The threat is not confined to cyberspace. Prime Minister Donald Tusk revealed that a drone had recently been “neutralized” over the presidential residence in Warsaw, with two Belarusians arrested. Meanwhile, the Russian exclave of Kaliningrad has become a hub for GPS jamming against planes flying over Poland and Lithuania, compounding the security risks on NATO’s eastern flank.
Moscow’s denials have been predictable. Kremlin spokesman Dmitry Peskov dismissed the accusations as “Russophobia,” while Foreign Ministry official Maria Zakharova promised retaliation. Yet a March 2025 report by the Center for Strategic and International Studies (CSIS) confirmed what Warsaw has long argued: Russian cyberattacks on NATO’s eastern frontier nearly tripled between 2023 and 2024.
For Poland, which has become the principal logistics hub for Western aid to Ukraine, the message is clear.
Moscow is deliberately targeting civilian infrastructure—hospitals, water supplies, and basic services—in an effort to intimidate, destabilize, and punish a frontline NATO state.
Far from weakening Polish resolve, the Kremlin’s escalation has galvanized cross-party unity and driven unprecedented investment in national cyber defense.
Russia has chosen to weaponize code and circuits instead of diplomacy. In doing so, it has only confirmed that its war on Ukraine is also a war on Europe’s security. Poland’s €1 billion cybersecurity push is not merely a domestic measure—it is the frontline of NATO’s digital defense against Moscow’s shadow war.
