CERT Polska Discovers Coordinated Cyber Attacks on Multiple Energy Facilities
On December 29, 2025, CERT Polska, Poland's computer emergency response team, disclosed that coordinated cyber attacks targeted over 30 wind and solar farms, a private manufacturing company, and a significant combined heat and power plant (CHP) supplying heating to nearly half a million citizens in the country.
Incident Overview
The attacks, which were conducted on December 29, 2025, aimed at disrupting operations, stealing sensitive data, and potentially causing physical damage to the targeted facilities. CERT Polska has not yet provided details on the specific methods used or the extent of the damage caused.
Targets
- Wind and Solar Farms: Multiple installations have been compromised, affecting renewable energy production.
- Manufacturing Company: Operations in this sector may be impacted, potentially disrupting supply chains.
- Combined Heat and Power Plant (CHP): Essential heating infrastructure for a large portion of the population could be affected.
Attribution
CERT Polska attributes these coordinated attacks to an unknown actor or group, highlighting the growing threat landscape in the energy sector. The agency has expressed concern over the potential for widespread disruption and economic impact if left unaddressed.
Impact and Concerns
The attacks on multiple critical infrastructure facilities pose significant risks. Compromised wind and solar farms could lead to a reduction in renewable energy production, potentially causing supply shortages. The manufacturing company targeted may face operational disruptions, impacting its ability to produce essential goods. The CHP supplying heat to half a million citizens could be severely affected, leading to serious humanitarian concerns.
Response and Recommendations
CERT Polska has urged affected organizations to implement immediate security measures, including updating cybersecurity protocols, patching vulnerabilities, and monitoring for any unusual activity. The agency also recommends conducting a thorough review of current security practices and considering additional layers of protection.
Conclusion
The coordinated cyber attacks on multiple energy facilities in Poland serve as a stark reminder of the vulnerability of critical infrastructure to digital threats. It underscores the need for robust cybersecurity measures and continuous vigilance to protect against sophisticated hacking attempts.