Yazılar

Poland warns of surge in Russian cyberattacks on critical infrastructure

/in /tarafından

Poland is facing an unprecedented wave of cyberattacks, much of it traced to Russian military intelligence, according to the country’s digital affairs minister, Krzysztof Gawkowski. He told Reuters that Russia has tripled its cyber resources directed at Poland this year, targeting sectors vital to national security.

Of the 170,000 cyber incidents recorded in the first nine months of 2025, a “significant portion” was attributed to Russian state-linked actors, while the rest involved financially motivated cybercrime. Poland now faces 2,000–4,000 attacks daily, of which 700–1,000 pose real threats to key infrastructure, Gawkowski said.

The minister noted that Russian groups are expanding their focus beyond water and sewage systems to include energy networks, and warned that the activity is becoming more coordinated and sophisticated. “Russian activity is the most severe because it targets infrastructure essential to maintaining normal life,” he said.

A major escalation occurred on September 10, when a cyberattack coincided with a Russian drone strike, marking Poland’s largest coordinated digital assault since the start of the Ukraine war in 2022. False claims spread online that Ukraine had launched the drones, amplified by bot networks that had been dormant for years before suddenly reactivating.

Warsaw officials say Poland has become Russia’s top cyber target within NATO, due to its support for Kyiv and its strategic role in supplying Ukraine. The Russian embassy in Warsaw did not respond to requests for comment but has consistently denied involvement in cyber operations.

Unexplained Electronic Components Found in Denmark’s Energy Equipment Imports, Investigation Underway

/in /tarafından

Unidentified electronic components have been discovered in imported energy infrastructure equipment in Denmark, raising concerns over potential security vulnerabilities in the country’s critical power systems, according to industry group Green Power Denmark.

The components were found during a routine inspection of printed circuit boards intended for use in Denmark’s energy supply network. The discovery has prompted an internal investigation to assess the nature and intent behind the components’ inclusion.

“We don’t know how critical it is or whether there are bad intentions behind it,” said Jorgen Christensen, technical director at Green Power Denmark, in a statement to Reuters. “But these components should not be present in infrastructure equipment.”

Christensen did not disclose the origin of the equipment, the specific technology it was intended for (such as solar power systems), or which parties are conducting the investigation.

The Danish Ministry for Preparedness and Resilience declined to comment on the situation, and no responses were received from the Justice Ministry, Energy Ministry, or national intelligence services regarding whether a formal government-led inquiry had been initiated.

The incident comes at a time of heightened international attention on supply chain risks and cybersecurity threats to critical infrastructure, including power grids and renewable energy assets.

“This is highly concerning. It is important that an investigation is underway,” said Walburga Hemetsberger, CEO of SolarPower Europe, who emphasized the broader implications for the continent’s energy security.

Christensen noted that while the components could have been included for benign reasons — such as being part of a multi-purpose circuit board design — their unexplained presence in systems designated for energy infrastructure is unacceptable.

“It’s possible the supplier had no malicious intent. We can’t say at this point, but that doesn’t change the fact that these components shouldn’t be there,” he said.

The development follows a separate report by Reuters last week, which revealed that U.S. energy officials had found unauthorized communication devices in Chinese-made solar inverters and batteries, capable of bypassing cybersecurity firewalls and threatening grid stability.

The Danish case, first reported by local media outlet Berlingske, adds to growing scrutiny of imported technologies used in national infrastructure projects, particularly from unknown or sensitive origin sources.

Biden to Order Tougher Cybersecurity Standards Amid Growing China Hacking Threat

/in /tarafından

President Joe Biden is preparing to issue an executive order aimed at enhancing cybersecurity standards for federal agencies and contractors, as part of efforts to combat the escalating threat of cyberattacks linked to China and cybercriminal organizations. The new executive order, expected to be published in the coming days, seeks to address several high-profile cyberattacks attributed to China, targeting critical infrastructure, government agencies, major telecom firms, and most recently, the U.S. Treasury Department. While the U.S. government has attributed these hacks to China, Beijing has consistently denied involvement.

The proposed order emphasizes stricter standards for secure software development, including the need for vendors to provide detailed documentation that verifies adherence to these standards. The Cybersecurity and Infrastructure Security Agency (CISA) will be tasked with evaluating and validating this documentation through its software attestation program. Vendors whose software fails validation may face further legal action, as per the draft.

Tom Kellermann, Senior Vice President of Cyber Strategy at Contrast Security, expressed support for the effort to push for more secure software development but warned that the proposed attestation process might not go far enough. Kellermann pointed out that the timeline outlined in the order appears arbitrary given the urgency of the threat posed by China, Russia, and cybercriminal syndicates. “They’re already here,” Kellermann said, stressing the ongoing cyberattacks against U.S. critical infrastructure and government agencies, which have been fueled by foreign state actors.

The executive order also includes guidelines for the secure management of access tokens and cryptographic keys used by cloud providers. In 2023, Chinese-linked hackers exploited vulnerabilities in this area to access email accounts belonging to senior U.S. government officials, an issue that was highlighted by Microsoft.

Brandon Wales, Vice President of Cybersecurity Strategy at SentinelOne, acknowledged that the order builds on efforts from the past five years to strengthen cybersecurity capabilities, and emphasized that the Chinese threat is a major focus. However, he also noted that the U.S. faces a broad range of cybersecurity challenges that require ongoing attention.

The White House has declined to comment on the forthcoming order, and CISA did not respond to requests for comment.