Poland Repels Major Cyberattack on Power Grid Targeting Renewable Energy Communication Links
By Axel Miller | 13 Jan 2026
Poland repelled what officials described as the strongest cyberattack on its energy infrastructure in years in the final week of December 2025, after an attempted breach targeted the digital communication layer between renewable energy installations and the country’s power distribution operators.
Energy Minister Miłosz Motyka told reporters on January 13, 2026 that the attack failed and did not disrupt electricity supply, but highlighted the rising cyber risks facing modern power systems as grids become more decentralised and data-driven.
Officials said the attempted intrusion focused on the infrastructure connecting wind and solar assets to operational control and communication systems — a shift from earlier attacks that often targeted large conventional power plants or high-voltage transmission networks.
Shift in tactics: renewable connectivity becomes a new target
Renewable-linked grid systems are increasingly seen as attractive targets because they rely on:
- real-time monitoring and control systems
- sensors and grid-connected devices
- distributed generation across multiple locations
- broader operator networks and data flows
As Poland expands wind and solar capacity, grid operators are handling more complex balancing requirements, which increases dependence on secure digital communication channels.
Russia-linked cyber activity under scrutiny
Motyka did not publicly identify the perpetrators in this case. However, Poland has repeatedly warned that its critical infrastructure faces persistent cyber pressure linked to Russia.
The Ministry of Digital Affairs has also said Russia’s military intelligence increased cyber resources targeting Poland during 2025. Authorities reported around 170,000 cyber incidents recorded in the first three quarters of 2025, with a significant portion attributed to Russian state-backed actors.
Government response: “anti-blackout package” under preparation
Poland is preparing an “anti-blackout package” of policy measures aimed at strengthening grid resilience and reducing vulnerabilities in the energy ecosystem.
Officials said proposed steps include:
- cybersecurity certification requirements for devices connected to the grid
- stricter oversight and compliance rules for large renewable operators
- new monitoring expectations for energy entities handling critical services
The government has positioned the reforms as essential as Poland increases reliance on decentralised renewable generation and upgrades grid infrastructure.
Summary
Poland repelled a major cyberattack in late December 2025 targeting communication systems linking renewable energy installations with power grid distribution operators, Energy Minister Miłosz Motyka said on January 13. Officials said the incident, described as the strongest in years, reflects a shift toward targeting decentralised renewable energy infrastructure. Poland is responding with a fast-tracked “anti-blackout package” aimed at tightening cybersecurity standards and boosting grid resilience.
Frequently asked questions (FAQs)
Q1: Was there any blackout or physical damage?
No. Officials said the attack was digital and did not disrupt electricity distribution, as it was detected and stopped before operational impact.
Q2: Why would attackers target renewable energy links?
Renewables rely heavily on real-time data systems and grid-connected devices, which can create more cyber entry points compared with older, isolated plants.
Q3: Did Poland blame Russia officially?
The energy minister did not name the perpetrators in this case. However, Poland’s digital authorities have said a significant share of cyber incidents targeting the country are linked to Russian state-backed actors.
Q4: What is the “anti-blackout package”?
It refers to a set of planned legal and regulatory measures intended to increase grid resilience, including device certification, stronger oversight, and continuous monitoring requirements.