Russia launched a massive cyberattack to leave the country without electricity or heat on New Year’s Eve

At a press conference in Warsaw, after meeting with the energy security services, Tusk revealed that the attack, which caused power outages in several Polish cities for several hours last New Year’s Eve, “came close to leaving 500,000 people without heat in the middle of winter.”

The attack, detected on December 31“targeted substations, transmission lines and renewable energy operators, potentially affecting wind farms and two cogeneration plants“said Tusk, who added that despite everything “the critical system as a whole was not at risk.”

“State systems worked correctly to locate the threat,” he stressed.

This confirmation comes after last Tuesday, the Minister of Digital Affairs, Krzysztof Gawkowski, formally accuse Russia of orchestrating this sabotage to destabilize the country due to the “strategic support to Ukraine” that Poland provides to that country.

Given this scenario of vulnerability, the prime minister emphasized the need to implement the new Law of the National Cybersecurity System, a project that seeks to transpose the European NIS-2 directive to raise protection standards in critical sectors such as energy, transportation and health of the States that adopt it, with the obligation to adopt risk management, authentication and encryption measures.

According to the Polish Prime Minister, this rule would give institutions “powerful tools” to control foreign interference and protect the Polish market.

“I make a fervent appeal to the president (Karol Nawrock) not to delay the signing of this law once its parliamentary process is completed. There should be no political disputes in this regard,” declared Tusk.

The Polish Government plans to send this project to the Senate in the coming days to respond to the growing incidents related to cyber attacks, which in the first nine months of 2025 alone exceeded 170,000 cases.