Alleged Russian-Linked Hackers Targeted Swedish Thermal Power Plant In Foiled 2025 Attack

The Swedish government has confirmed that hackers tied to the Russian administration attempted to disrupt operations at one of the Nordic nation’s thermal power facilities last year. Swedish officials noted that while the cyber operation ultimately failed, hybrid threats that extend beyond digital space into the physical world are growing increasingly dangerous for critical national infrastructure.

Speaking at a Wednesday press briefing, Sweden’s Civil Defense Minister Carl-Oskar Bohlin confirmed the attempted breach took place in early 2025, and directly tied the incident to actors “with links to Russian intelligence and security agencies.”

“Pro-Russian groups that once only carried out basic denial-of-service disruptions are now launching destructive cyberattacks against organizations across Europe,” Bohlin stated, per reporting from Bloomberg.

Though Bohlin declined to publicly name the specific plant targeted, he explained the attack was blocked “thanks to a built-in defensive protection mechanism.” The minister added that the foiled attempt highlights a shift toward “riskier and more reckless conduct” from these state-aligned hacking groups.

A spokesperson for the Russian government did not respond to TechCrunch’s request for comment on the allegations.

This incident is the latest known example of Russian-linked hackers targeting critical global infrastructure in recent years, as state-affiliated Russian actors increasingly focus on energy and water systems with the goal of causing real-world disruption to essential public services.

Before the attempted attack in Sweden, Russia was accused of targeting sections of Poland’s power grid in December 2025. Earlier that same year, Russian hackers briefly seized control of a dam in Norway, manipulating its controls to open floodgates that released millions of gallons of water before security teams could remove the actors from the facility’s computer network.

In early January 2024, a cyberattack on a municipal energy company in Lviv, a major city in western Ukraine, left hundreds of apartments without heat for two days amid freezing winter temperatures. Cybersecurity researchers noted that some evidence points to Russia-based actors carrying out the strike, though formal attribution has never been confirmed.

Decades before these recent high-profile incidents, Russian state actors were blamed for a series of cyberattacks on Ukraine’s power grid in 2015 that caused widespread, mass disruption to electric service across the country.