CP
cyberpings

Pro-Russian Hackers Target Sweden's Thermal Power Plant

A pro-Russian hacker group attempted to disrupt operations at a thermal power plant in Sweden, highlighting an alarming trend in cyberattacks targeting critical infrastructure.

Threat IntelHIGHUpdated: Published: 📰 2 sources
Featured image for Pro-Russian Hackers Target Sweden's Thermal Power Plant

Original Reporting

TRThe Record

AI Summary

CyberPings AI·Reviewed by Rohit Rana

🎯Hackers linked to Russia tried to break into a power plant in Sweden, but they failed because the plant had strong security. This shows that hackers are now trying to cause real damage instead of just making websites go offline.

What Happened

In early 2025, a suspected pro-Russian hacker group attempted to breach the Öresundsverket thermal power plant in Malmö, operated by Uniper. The intrusion was thwarted due to the facility’s robust security measures, as confirmed by Carl-Oskar Bohlin, Sweden’s minister for civil defense, during a recent press conference. This incident is part of a broader pattern of cyber threats against critical infrastructure in Europe, particularly against nations supporting Ukraine.

Who's Affected

While the specific power plant targeted has not been publicly named, the incident underscores the risks faced by energy facilities across Europe. Sweden's security service has identified the suspected hackers as having connections to Russian intelligence, indicating a coordinated effort to undermine critical services.

What's at Risk

The attack targeted operational technology (OT) systems, which are essential for controlling physical infrastructure such as power plants and water facilities. Bohlin warned that successful disruptions could have severe societal consequences, echoing previous attacks on similar infrastructures in Poland and Ukraine. Notably, Poland's power grid was recently targeted by the Russian-linked group Sandworm, which employed data-wiping malware to potentially incapacitate power services for hundreds of thousands.

Patch Status

Currently, there are no specific patches or updates required for the incident itself, as the attack was unsuccessful. However, the ongoing threat emphasizes the need for robust cybersecurity measures across all critical infrastructure sectors.

Immediate Actions

Organizations operating critical infrastructure should review and strengthen their cybersecurity protocols, particularly focusing on OT systems. Regular training and awareness programs for staff can also help mitigate risks associated with such cyber threats.

Emerging Trends

Bohlin remarked that the tactics employed by pro-Russian hacker groups are evolving from denial-of-service attacks to more destructive cyber operations aimed at causing real-world disruptions. This shift indicates a more aggressive posture by these groups, reflecting a broader trend of hybrid attacks that extend beyond traditional cyberspace.

Conclusion

As cyber threats continue to escalate, particularly from Russian-linked groups, it is imperative for nations and organizations to bolster their defenses against potential intrusions targeting critical infrastructure. The Swedish incident serves as a stark reminder of the vulnerabilities that exist within essential services and the need for vigilance in cybersecurity practices.

🔒 Pro Insight

The attempted attack on Sweden's thermal power plant underscores the growing sophistication and boldness of cyber threats against critical infrastructure, particularly from state-linked actors.

Share

Related Pings

Preview image for Industrial Automation Threat Landscape - Q4 2025 Insights
Threat Intel
HIGH

Industrial Automation Threat Landscape - Q4 2025 Insights

In Q4 2025, industrial automation systems faced increased malware threats, particularly from Backdoor.MSIL.XWorm. This rise in attacks highlights vulnerabilities in critical sectors. Organizations must enhance cybersecurity measures to protect against these evolving threats.

KAKaspersky Securelist
Read PingRead Source
Threat Intel
HIGH

Guidance Released on Mitigating Bulletproof Hosting Risks

A new guidance document has been released to help ISPs and network defenders mitigate risks from bulletproof hosting providers. These services pose a significant threat to critical systems. By following the recommendations, organizations can enhance their cybersecurity posture and reduce the effectiveness of cybercriminal activities.

CCCanadian Cyber Centre News
Read PingRead Source
Threat Intel
HIGH

Cyber Threat to Canada’s Water Systems - Assessment & Mitigation

Canada’s water systems are under increasing cyber threat from criminals and state-sponsored actors. This report highlights vulnerabilities and essential mitigation strategies to protect clean water infrastructure.

CCCanadian Cyber Centre News
Read PingRead Source
Preview image for German Cybercrime Operator Arrested in Thailand
Threat Intel
HIGH

German Cybercrime Operator Arrested in Thailand

Noah Christopher, a German cybercrime operator, was arrested in Thailand for running DDoS attack services. He faces 74 warrants in Germany. His platforms may still be active, posing ongoing risks.

SCSC Media
Read PingRead Source
Preview image for Black Basta Affiliates Launch Fast-Scale Intrusion Campaign
Threat Intel
HIGH

Black Basta Affiliates Launch Fast-Scale Intrusion Campaign

Former Black Basta affiliates are ramping up social engineering attacks targeting senior executives, with a focus on remote access tools and automated phishing tactics.

CSCyberScoop+1 more
Read PingRead Source
Threat Intel
HIGH

Brute-Force Cyberattacks Surge in Middle East - Q1 Report

A significant rise in brute-force cyberattacks targeting SonicWall and Fortinet devices has been reported in the Middle East, coinciding with geopolitical tensions. Organizations are urged to enhance their security measures.

CSCybersecurity Dive+1 more
Read PingRead Source