Russia-linked hackers are increasing cyberattacks targeted at Europe’s critical infrastructure, Sweden’s defense ministry said Wednesday.
“Over the past year, Russia’s methods have shifted,” Civil Defense Minister Carl-Oskar Bohlin said at a press conference in Stockholm. “Pro-Russian groups that once carried out denial-of-service attacks are now attempting destructive cyberattacks against organizations in Europe,” he added.
Bohlin warned of more aggressive tactics and said Swedish targets are increasingly in the crosshairs. He pointed to a foiled attempt on energy infrastructure last year as a sign of Russia’s increasingly aggressive playbook.
The minister said a group with links to Russian intelligence targeted a heating plant in western Sweden in spring 2025. The facility’s security systems stopped the attack, he added, declining to name the plant in question or give further details.
Norway and Denmark have faced similar challenges, Bohlin said. “Taken together, this points to a change toward riskier and more reckless behavior which could potentially lead to damaging effects for society.”
A group tied to Russian intelligence was blamed for a large-scale attempted attack on Poland’s power grid in December 2025 — one of the most significant strikes on the country’s energy infrastructure in years.
Western agencies this month also exposed a sweeping campaign by the GRU-linked hacking group Fancy Bear, which infiltrated poorly secured Wi-Fi routers to siphon off passwords, emails and sensitive data from governments and militaries across Europe and North America.