English Section
Polskie Radio English Section Business

Poland saw 30% rise in cyberattacks in 2025, officials say

12.01.2026 14:30
Poland recorded a 30-percent increase in cyberattacks in 2025 compared with the previous year, with more than 1,300 suspects charged and tens of millions in assets seized, officials said on Monday.
Photo:
Photo:Marcin Dlawichowski/Polish Radio

The Central Cybercrime Bureau (CBZC) said it brought criminal charges against 1,374 suspects last year and arrested 1,177 people.

Courts ordered temporary detention for 417 of those arrested, the police agency said.

Its spokesman Marcin Zagórski told a news conference that investigators secured more than PLN 80 million (EUR 19 million) in assets from suspects and recovered an additional PLN 25 million (EUR 5.9 million).

'Sharp rise in ransomware attacks, data leaks'

"Last year saw a sharp rise in ransomware attacks, data leaks and attacks on critical infrastructure," Zagórski said.

He warned that the trend is likely to continue in 2026, driven by rapid technological development and the growing use of artificial intelligence.

'AI tools increasingly used by criminals'

"AI tools are increasingly being used by criminals, creating content that is ever more difficult to recognise," he said.

The figures mark a sharp increase from 2024, when authorities charged 1,073 suspects, arrested 848 people and placed 312 in temporary detention, according to CBZC data.

Among the most high-profile cases in 2025 was the arrest of seven men suspected of triggering false bomb and security alarms at more than 1,500 sites, including public institutions and hospitals, forcing the evacuation of nearly 12,000 people.

In a separate case, CBZC officers in the southwestern city of Opole arrested a 50-year-old man suspected of making false alarms and attempting extortion.

Investigators say he demanded millions of zlotys in bitcoin from companies employing hundreds of people and disrupted operations at an airport and a large leisure park by threatening to detonate explosives.

He faces up to 15 years in prison.

Attacks 'ordered from China, Russia and North Korea'

As part of an international operation known as PowerOFF, CBZC detained seven people in connection with distributed denial-of-service (DDoS) attacks, including six domain administrators.

Investigators said those administrators testified that the attacks were "largely ordered from China, Russia and North Korea."

Polish cybercrime officers also dismantled an investment scam that authorities say defrauded more than 1,500 victims of about PLN 75 million (EUR 17.8 million).

In addition, CBZC carried out two operations, code-named Fever and Game Over, targeting sexual offences involving minors.

Those raids led to the arrest of 266 people, including 198 in Poland, with courts ordering temporary detention in 85 cases.

Polish authorities also joined their German counterparts in an international operation dubbed Kidflix to shut down one of the world’s largest child sexual abuse streaming platforms.

Investigators said the site had about 2 million registered users and hosted roughly 72,000 videos.

Alongside enforcement efforts, CBZC officers held more than 2,000 educational meetings last year with about 470,000 people, mainly teenagers and seniors, to raise awareness of cybercrime threats and fraud prevention, Polish state news agency PAP reported.

(pm/gs)

Source: PAP