Science & Technology

Russia's cyberwar hits Polish hospitals, water systems and cities

As Russian hackers escalate strikes on hospitals, water networks and critical infrastructure, Poland scrambles to fortify its defenses against a new front in hybrid warfare.

Chief of the General Staff of the Polish Armed Forces, General Wieslaw Kukula, and the Division General of the Polish Cyberspace Defence Forces, Karol Molenda, take part in a press conference at the General Staff of the Polish Army in Warsaw, Poland, on November 6, 2025. [Aleksander Kalka/NurPhoto/AFP]
Chief of the General Staff of the Polish Armed Forces, General Wieslaw Kukula, and the Division General of the Polish Cyberspace Defence Forces, Karol Molenda, take part in a press conference at the General Staff of the Polish Army in Warsaw, Poland, on November 6, 2025. [Aleksander Kalka/NurPhoto/AFP]

By Olha Hembik |

WARSAW -- Russian hackers are hammering Poland's critical infrastructure with a near-constant stream of cyberattacks, probing hospitals, water systems and city networks in a campaign officials say is meant to frighten civilians and test the country's defenses.

Poland now faces 20 to 50 attempted intrusions every day, according to Deputy Digital Affairs Minister Dariusz Standerski, a drumbeat of strikes that rarely make headlines but reveal how hybrid warfare is unfolding in real time.

According to September reporting by the Financial Times, the attacks aim to steal sensitive data, sow fear among the population and pressure the government.

Key systems -- from major-city water supplies to hospital networks and navigation technologies -- are hit daily. While most intrusions are detected and blocked, officials say the sheer volume underscores the scale of Russia's digital offensive.

On Poland's Independence Day, medics demonstrated how to provide first aid in a simulator at the Polish Army Museum. Warsaw, November 11. [Olha Hembik/Kontur]
On Poland's Independence Day, medics demonstrated how to provide first aid in a simulator at the Polish Army Museum. Warsaw, November 11. [Olha Hembik/Kontur]

New aggression

In August, one of Poland's ten largest cities nearly lost its water supply in an attack orchestrated by Russia.

For security reasons, Standerski has not named the location, but he described the incident as one of the most serious hacking operations since Russia's full-scale invasion of Ukraine began in February 2022.

The hackers breached the facility's computer network but were detected and stopped "before they could turn off the taps for the city's residents," according to Standerski.

However, several Russian cyberattacks, mostly targeting hospitals, did succeed. This included two or three breaches that forced healthcare facilities to halt operations for several hours.

Standerski added that the hackers also gained access to sensitive medical data.

Piotr Kaszuwara, a war correspondent and founder of Fundacja Przyszłość dla Ukrainy (UA Future), views these attacks on Poland's critical infrastructure as part of the Kremlin's hybrid war against Ukraine's allies.

Such tactics align with broader efforts, including cyberwarfare used by Russia and Belarus to destabilize the European Union, as noted by officials in Poland and the Czech Republic.

Above all, Russian intelligence aims to intimidate, expose vulnerabilities in state institutions and show that Poland cannot fully protect its citizens even in peaceful Europe.

"There is an intense digital and information war going on. Thus, not only is Ukraine's strength being tested on the battlefield, but also that of its allies," Kaszuwara told Kontur.

Cybersecurity courses

Amid growing military threats from Russia, Poles are preparing by stockpiling first aid kits, establishing underground operating rooms and thinking how to safeguard medical workers in case of aggression.

The Ministry of Digital Affairs and the Ministry of Health are collaborating to bolster cybersecurity in the healthcare system. Their CyberC4HE initiative aims to train 20,000 healthcare workers by 2025.

Launched in 2024, the program focuses on enhancing security at hospitals, laboratories and other medical institutions.

Irina, a rehabilitation therapist from Kherson and a war refugee from Ukraine, has undergone similar training. This summer, she attended corporate cybersecurity lectures at a medical center in the Warsaw hotel where she works.

"In addition to reviewing the corporate security policy, the staff also completed anti-hacking training, which covered everything in detail -- how to create a secure password, how often to update it, and how to store patient data," Irina told Kontur.

She committed to using only secure internal systems for work correspondence and avoiding sending medical histories, exam results, or other personal data via regular email, instant messengers or phone.

AI for hackers

Artificial intelligence (AI) expert Nikita Gladkikh noted that Russia is actively incorporating AI into its strategies.

Despite international sanctions, the country is advancing its own AI technologies, with a focus on domestic large language models (LLMs), information operations and cyberattacks.

"For now, the AI usage looks like simple, basic tools, but it is already reducing costs and increasing the efficiency of these operations," Gladkikh told Kontur.

He explained that Kremlin hackers' AI tools mainly assist in scaling and automating content distribution, as well as launching botnets -- networks of malware-infected devices controlled remotely by cybercriminals.

While these tools do not yet enable entirely new complex attacks that could shift as technology evolves.

In an October TVN24 broadcast, General Jarosław Stróżyk, head of Poland's Military Counterintelligence Service, discussed worst-case scenarios for Russian sabotage.

He warned that intelligence services might target water supplies and power grids. Similar concerns arise in nearby regions, such as Russian GPS jamming seen as an element of hybrid warfare affecting NATO allies.

"Of course, such scenarios, the most pessimistic ones, include... poisoning water supply systems, attacking our energy system, paralyzing the state,... power outages," he said.

Standerski said in September, the government allocated €80 million to enhance cybersecurity for water management. This is part of a larger initiative to safeguard public infrastructure, including systems serving 2,400 local governments.

Russian ties

Poland is enduring between 2,000 and 4,000 cyberattacks each day, Reuters reported in October citing Minister of Digital Affairs Krzysztof Gawkowski. Of these, 700 to 1,000 "posed a real threat or had the potential to cause serious problems."

In the first three quarters of 2025, authorities detected 170,000 cyber incidents, with a significant number linked to Russia.

To better shield citizens and institutions from escalating digital threats and to fortify the National Cybersecurity System (KSC), the Polish Council of Ministers approved a draft law on October 22 to implement the EU's NIS2 Directive, per a statement from the Ministry of Digital Affairs.

The directive seeks to improve overall cybersecurity protections.

It will broaden the KSC to cover additional sectors, such as wastewater treatment, postal services, the space industry and the production and distribution of chemicals and food products.

The Polish government plans to boost its cybersecurity budget to a record €1 billion in 2025.

Earlier, Jacek Dobrzyński, press secretary for Poland's intelligence agencies, announced that the Internal Security Service had detained 55 individuals in recent months for acting as agents of Russian intelligence.

Do you like this article?

Captcha *