The Swedish government said Russian government-linked hackers attempted to disrupt the operations at one of the country’s thermal power plants last year. Sweden said that, while the hackers were unsuccessful, hybrid attacks that extend beyond cyberspace are becoming more dangerous.

Sweden’s minister of civil defense, Carl-Oskar Bohlin, said during a press conference on Wednesday that the attempted attack happened in early 2025 and attributed the incident to hackers with “connections to Russian intelligence and security services.”

“Pro-Russian groups that once carried out denial-of-service attacks are now attempting destructive cyber attacks against organizations in Europe,” said Bohlin, as quoted by Bloomberg.

Bohlin did not name the plant, but said the attack was blocked “due to a built-in protection mechanism.” The minister said the cyberattack points to “riskier and more reckless behavior” on the part of the hackers.

A spokesperson for the Russian government did not respond to TechCrunch’s request for comment.

This is the latest known attack on critical infrastructure linked to Russian hackers in recent years, as government hackers increasingly target energy and water systems with the aim of causing real-world disruption to public services.

Before the attack on Sweden, Russia was accused of attempting to bring down parts of Poland’s power grid in December 2025. Earlier in the year, Russian hackers briefly hijacked a dam in Norway and opened floodgates that spilled millions of gallons of water before the hackers were expelled from its computer systems.

A cyberattack on a municipal energy company in the western Ukrainian city of Lviv in early January 2024 resulted in hundreds of apartments losing heat for two days amid freezing temperatures. Researchers said some evidence pointed to the hackers operating from Russia, but that the attribution could not be confirmed.

Prior to the most recent hacks, Russia was blamed for cyberattacks that caused widespread disruption to Ukraine’s power grid in 2015.

Topics

critical infrastructure, cyberattack, cybersecurity, russia, Security, Sweden

Zack Whittaker

Security Editor

Zack Whittaker is the security editor at TechCrunch. He also authors the weekly cybersecurity newsletter, this week in security.

He can be reached via encrypted message at zackwhittaker.1337 on Signal. You can also contact him by email, or to verify outreach, at zack.whittaker@techcrunch.com.

View Bio

April 30

San Francisco, CA

StrictlyVC kicks off the year in SF. Get in the room for unfiltered fireside chats with industry leaders, insider VC insights, and high-value connections that actually move the needle. Tickets are limited.

Sweden blames Russian hackers for attempting 'destructive' cyberattack on thermal plant