Sweden said Wednesday that a pro-Russian group with links to Russia’s security and intelligence services was behind a cyberattack on a heating plant in western Sweden — the government’s first public disclosure of the incident. The attack failed, Sweden’s minister for civil defense, Carl-Oskar Bohlin, said, offering no further details about its timing.
The disclosure adds Sweden to a list of European nations reporting infrastructure attacks attributed to Russian-linked actors. The Associated Press has tracked more than 150 incidents of sabotage and malign activity across Europe linked to Russia by Western officials since Moscow’s full-scale invasion of Ukraine in February 2022. Officials say the attacks aim to undermine support for Ukraine, spread fear and discord in European societies, and drain investigative resources.
Bohlin compared the Swedish attack to coordinated cyberattacks in Poland in December that hit combined heat and power plants supplying heat to almost 500,000 customers, as well as wind and solar farms. Poland later said evidence indicated the hackers were “directly linked to the Russian services.”
Bohlin said the attacks in both countries targeted systems controlling critical infrastructure with potentially serious consequences for society. The attacks show “Russia is engaging in risky and careless behavior,” he said.
Other European neighbors have reported similar incidents in recent months. Danish officials said in December that Russia-attributed cyberattacks on a water utility in 2024 left some houses without water. Norwegian police said in August that pro-Russian hackers remotely opened a valve in a dam, allowing water to pour out. Latvia’s State Security Service said in March that a train and railway infrastructure were set on fire by people acting in Russia’s interests.
The Kremlin has previously denied carrying out any kind of sabotage campaign across Europe.