The UK and European Union this week imposed sanctions on a unit of Russia’s Federal Security Service (FSB) after a cyberattack against the Polish electric grid came dangerously close to causing widespread outages. The attack, attributed to Center 16 of the FSB, was a rare example of the Kremlin agency directly targeting critical infrastructure, threatening not only electricity but also water utilities.
A joint advisory from the US Cybersecurity and Infrastructure Security Agency, the FBI, and the NSA confirmed the attribution, underscoring the growing shift by Russian state-backed hackers from espionage to disruptive operations. The near-miss in Poland has heightened concerns across Europe about the vulnerability of energy networks to cyber sabotage.
“UK and EU sanction FSB unit after cyberattack nearly caused Polish power and water outages.”
The sanctions mark a coordinated response from Western allies, with the UK and EU acting in lockstep. While specific individuals or entities targeted by the measures were not named in the advisory, the action signals a tougher stance against cyber aggression targeting civilian infrastructure.
Separately, the security landscape this week also saw warnings over data privacy. Researchers highlighted that period-tracking apps are likely collecting and sharing user data, raising alarms about reproductive health surveillance. In the US, the Department of Homeland Security acknowledged it had been hacked multiple times without detecting the intrusions, while a breach exposed how an AI music generator scraped data without permission.
On artificial intelligence regulation, Anthropic’s head of US state and local government relations, Cesar Fernandez, told WIRED that transparency-focused safety bills passed in California and New York last year were “a really important start,” but added that as AI capabilities advance quickly, “the policy responses need to match.”
The convergence of infrastructure hacking, data exploitation, and rapid AI development is forcing governments to accelerate their defensive and legislative efforts. With Russian cyberspies now turning to operational attacks that can shut down power and water, the question is not whether another grid will be targeted, but when.