GBAF Logo
Finance

Swedish power plant targeted by pro-Russian group in 2025, government says

Published by Global Banking & Finance Review

Posted on April 15, 2026

2 min read

· Last updated: April 16, 2026

Add as preferred source on Google
Italian consortium acquiring Esso fuel stations in strategic financial deal - Global Banking & Finance Review
The image depicts the acquisition of Esso's 1,200 fuel stations by an Italian consortium, highlighting the strategic impact on Italy's fuel distribution network.
Finance cybersecurity Sweden Energy
Global Banking & Finance Awards 2026 — Call for Entries

STOCKHOLM, April 15 (Reuters) - A pro-Russian cyber group tried to disrupt operations at a Swedish thermal power plant last year, the Swedish government said on Wednesday, adding that Russian hybrid

Swedish power plant targeted by pro-Russian group in 2025, government says

Details of the Cyberattack and Government Response

Incident Overview

STOCKHOLM, April 15 (Reuters) - A pro-Russian cyber group tried to disrupt operations at a Swedish thermal power plant last year, the Swedish government said on Wednesday, adding that Russian hybrid attacks had become more frequent and serious.

Carl-Oskar Bohlin, minister for civil defence, said the group had targeted a power plant in western Sweden during the spring of 2025, but that the attack had been unsuccessful. Bohlin did not name the plant.       

Investigation and Attribution

"The Security Police handled the case and were able to identify the actor behind it, who had connections to Russian intelligence and security services," Bohlin told a news conference.

"Fortunately, no serious consequences occurred due to a built-in protection mechanism," the minister said.

Russian Embassy Response

The Russian embassy in Stockholm rejected the accusations as unfounded.

"The allegations of the alleged involvement of certain Russian hackers in such illegal activity remain at the level of the 'highly likely' principle favoured by Western countries, that is, unfounded suspicions," Russian ambassador to Stockholm Sergey Belyaev was quoted by Russian state news agency RIA Novosti as saying.

Security Police and Comparative Incidents

A Swedish Security Police spokesperson said the agency no longer had an open investigation into the matter.

Bohlin compared the incident with similar attacks in Poland on energy infrastructure, which Polish officials have blamed on Russian spy agencies.

Increasing Threats and Broader Context

He said Russian hybrid attacks had become more frequent since Russia's invasion of Ukraine and recently also more dangerous. 

"We have seen for some time now that pro-Russian individuals and groups that have previously carried out denial-of-service attacks are attempting to carry out destructive cyberattacks against businesses in Europe, also against Swedish targets," he said.

Reporting Credits

(Reporting by Johan Ahlander, additional reporting by Dmitry Antonov in Moscow; editing by Terje Solsvik and Toby Chopra)

Key Takeaways

  • The attempted cyberattack targeted a Swedish thermal power plant in western Sweden during spring 2025 but was unsuccessful due to built‑in protections, according to Civil Defence Minister Carl‑Oskar Bohlin (news.cgtn.com).
  • Swedish Security Police identified the actor behind the attack as having ties to Russian intelligence and security services; no serious consequences occurred (news.cgtn.com).
  • The incident forms part of a broader pattern of increasingly frequent and dangerous Russian hybrid attacks on European energy infrastructure, with similar destructive cyber operations in Poland attributed to Russian-linked groups such as Sandworm and Dragonfly (apnews.com).

References

Frequently Asked Questions

What happened at the Swedish power plant in 2025?
A pro-Russian cyber group tried to disrupt operations at a Swedish thermal power plant, but the attack was unsuccessful due to security measures.
Who was behind the attempted cyberattack?
The Swedish Security Police identified a pro-Russian group with links to Russian intelligence and security services.
Did the cyberattack cause any damage?
No serious consequences occurred as the plant had built-in protection mechanisms that prevented disruption.
How has the frequency of Russian hybrid attacks changed?
Russian hybrid attacks have become more frequent and dangerous since Russia's invasion of Ukraine.
Has similar infrastructure in other countries been targeted?
Yes, comparable attacks have occurred in Poland, targeting energy infrastructure and blamed on Russian agencies.

Tags

Related Articles

Image for Australia's Wong to visit Japan, China, South Korea to discuss energy security

Australia's Wong to visit Japan, China, South Korea to discuss energy security

Image for Hungary's Magyar to meet EU's von der ​Leyen for talks on EU funds this week

Hungary's Magyar to meet EU's von der ​Leyen for talks on EU funds this week

Image for Switzerland angers Italy by claiming costs of treating Crans-Montana fire victims

Switzerland angers Italy by claiming costs of treating Crans-Montana fire victims

Image for Russian defence minister visits North Korea

Russian defence minister visits North Korea

Image for Fertiliser plant in Russia's Vologda region damaged in Ukrainian drone attack, governor says

Fertiliser plant in Russia's Vologda region damaged in Ukrainian drone attack, governor says

Image for Close Brothers will not take legal action against Britain's car finance redress scheme, Sky News reports

Close Brothers will not take legal action against Britain's car finance redress scheme, Sky News reports

More from Finance

Explore more articles in the Finance category

Image for Germany's far-right AfD rises to record 28%, INSA poll shows
Germany's far-right AfD rises to record 28%, INSA poll shows
Image for German government suspects Russia of Signal attack targeting politicians, sources say
German government suspects Russia of Signal attack targeting politicians, sources say
Image for Romania finds parts of second drone after overnight Russian attack on Ukraine
Romania finds parts of second drone after overnight Russian attack on Ukraine
Image for China condemns EU's inclusion of Chinese entities in sanctions package against Russia
China condemns EU's inclusion of Chinese entities in sanctions package against Russia
Image for Russian parliament speaker in North Korea to mark Pyongyang's troop deployment in Ukraine war
Russian parliament speaker in North Korea to mark Pyongyang's troop deployment in Ukraine war
Image for Macron reaffirms efforts to reopen Strait of Hormuz, as TotalEnergies warns of energy shortages
Macron reaffirms efforts to reopen Strait of Hormuz, as TotalEnergies warns of energy shortages
Image for France's Macron says EU mutual assistance clause is unambiguous
France's Macron says EU mutual assistance clause is unambiguous
Image for US to let Venezuela pay Maduro's lawyer in drug trafficking case
US to let Venezuela pay Maduro's lawyer in drug trafficking case
Image for Italy votes down equal parental leave while fathers redefine their role online
Italy votes down equal parental leave while fathers redefine their role online
Image for German auto industry faces even tougher competition as China economy slows
German auto industry faces even tougher competition as China economy slows
Image for Romania says drone fragments damage property during overnight Russian attack on Ukraine
Romania says drone fragments damage property during overnight Russian attack on Ukraine
Image for Engine maker Horse plans India move to supply growing small car market, CEO says
Engine maker Horse plans India move to supply growing small car market, CEO says
View All Finance Posts