Sweden Thwarts Russian Intelligence-Linked Cyberattack on Power Plant

Sweden successfully thwarted a pro-Russian cyberattack aimed at a thermal power plant in mid-2025, with the group behind the attempt linked to Russian intelligence. Civil Defence Minister Carl-Oskar Bohlin stated that security systems in place effectively neutralized the threat, preventing serious consequences.

The targeted facility, located in western Sweden, was intended to have its heating supply disrupted. Bohlin emphasized that this incident illustrates an adversary willing to cause physical disruptions and sabotage critical infrastructure.

Bohlin noted an increase in cyber threats against Swedish interests since Russia's 2022 invasion of Ukraine. He described Russia's current behavior as more reckless, potentially leading to severe societal impacts.

Attacks are evolving beyond simple denial-of-service (DDoS) to targeting operational technology (OT) that controls physical infrastructure. Professor Pontus Johnson of KTH Royal Institute of Technology explained that compromising OT systems requires greater sophistication and is more dangerous than attacking websites, as it can affect the physical world, including power grids and railways. The rise of AI is also facilitating such attacks.

Sweden is publicizing these threats to signal to adversaries that their actions are detected and to raise public awareness, enhance cybersecurity, and foster collective resilience.