Sweden says pro-Russian group attempted cyberattackpro-Russian group attempted cyberattack on thermal power plant
A pro-Russian cyber group linked to Russian intelligence targeted a Swedish thermal power plant in spring 2025 in an attempt to disrupt operations, Swedish Civil Defence Minister Carl-Oskar Bohlin announced on Wednesday. The attack failed due to built-in security protections and caused no serious damage, though authorities identified the group responsible.
Sweden's disclosure reflects a broader pattern of escalating Russian cyber operations against European critical infrastructure since the 2022 invasion of Ukraine. Officials warn that attackers have shifted from simple denial-of-service attacks to more destructive methods targeting operational technology that controls physical infrastructure, comparing the incident to similar attacks on Polish energy systems and describing the behavior as increasingly reckless.
Swedish Government
Swedish authorities characterize the attack as part of a deliberate escalation by Russia, with Minister Bohlin stating that pro-Russian groups are moving beyond basic disruption tactics to conduct destructive cyberattacks designed to cause physical harm. Sweden views this as evidence of changed Russian behavior since the Ukraine invasion and emphasizes that its support for Ukraine remains unwavering despite the cyber threats.
Russian Position
Russia has not commented on the specific incident. Moscow regularly denies responsibility for malicious cyber activity in Europe, and the Russian embassy in Stockholm did not respond to requests for comment on the Swedish government's allegations.
- Säpo, Sweden's security service, evolved from a 1930s police unit focused on counter-espionage.
- Western Sweden's thermal plants provide district heating to over 1 million households annually.
- SVR and FSB trace roots to the KGB, dissolved after the Soviet Union's 1991 collapse.
