"Poland's Internal Security Agency (ABW) has documented a significant escalation in cyberattacks targeting industrial control systems (ICS) and other operational technology (OT) infrastructure during 2024 and 2025, with state-sponsored threat actors increasingly shifting focus toward the physical disruption of critical services."
"In 2025, the agency recorded security breaches at water treatment stations in Jabłonna Lacka, Szczytno, Małdyty, Tolkmicko, and Sierakowo. In some cases the attackers gained access to ICS and obtained the ability to modify the operational parameters of equipment, creating a direct risk to operational continuity and the public water supply."
"The agency identified two primary attack vectors enabling these ICS intrusions: weak password policies and systems exposed directly to the internet. These are longstanding OT security hygiene failures, and they were also recently leveraged in a Russia-linked attack on Polish energy facilities."
"Beyond water systems, ABW documented an increase in attacks targeting supply chains, critical infrastructure, and ICS at other types of municipal utilities, including wastewater treatment plants and waste incineration facilities. Investigators determined that attackers targeting supply chains specifically sought contract data, project documentation, and authentication credentials that enable downstream access to syste"
ABW documented a rise in cyberattacks against industrial control systems and other operational technology infrastructure in Poland during 2024 and 2025. State-linked threat actors increasingly aimed at physical disruption of critical services. An August 2025 disclosure said a cyberattack could have caused a city to lose its water supply, but it was stopped. ABW’s report describes major incidents involving direct intrusions into ICS at water treatment facilities in multiple municipalities, including Jabłonna Lacka, Szczytno, Małdyty, Tolkmicko, and Sierakowo. In some cases attackers accessed ICS and modified operational parameters, threatening continuity of water supply. ABW identified weak password policies and internet-exposed systems as key vectors. The agency also reported more attacks on municipal supply chains, wastewater treatment, and waste incineration facilities, with attackers seeking contract data, project documentation, and authentication credentials for downstream access.
#industrial-control-systems #operational-technology-security #water-sector-cybersecurity #supply-chain-attacks #critical-infrastructure-protection
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]