Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants
Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants
Publish Date: 2026-05-08 07:46:06
Source Domain: www.securityweek.com
Summary:
Poland’s Internal Security Agency (ABW) has recorded a significant rise in cyberattacks targeting industrial control systems (ICS) and other operational technology (OT) infrastructure from 2024 to 2025. The agency reported security breaches at water treatment stations in several municipalities in 2025, revealing that attackers attempted to disrupt the public water supply. These incidents were facilitated by weak password policies and systems exposed to the internet—longstanding issues in OT security management. In addition to water systems, there was an uptick in attacks against supply chains, critical infrastructure, and municipal utilities such as wastewater treatment plants. ABW mainly attributed these attacks to hacktivist groups acting on behalf of foreign governments, notably Russian intelligence services like APT28, APT29, and a Belarusian-linked group UNC1151. The agency stressed that attacks targeting supply chains aimed at specific contract data and authentication credentials to facilitate further system infiltration.
Key Points:
- Increased attacks on Polish water treatment facilities and other municipal utilities in 2025 involving industrial control systems.
- Two primary attack vectors: weak password policies and internet exposure of systems.
- Responsibility mainly attributed to hacktivist groups, often fronts for foreign governments, specifically Russian intelligence services.
- Named APT groups including APT28, APT29, and UNC1151 for targeting Polish infrastructure.
- Attacks often sought to obtain contract data, authentication credentials, and other sensitive project documents to further penetrate systems.
