The specter of foreign interference looms large over Poland’s upcoming presidential election. In an era where cyberattacks and disinformation campaigns have become instruments of statecraft, the question is no longer whether Russia will attempt to meddle, but rather how—and to what extent—it will succeed. Will Warsaw face a rerun of the Romanian scenario, where Russian actors disrupted elections? And more importantly, is Poland prepared to withstand the onslaught?
Recent events offer little reassurance. In early 2025, conflicting signals emerged from the Polish government regarding its readiness to combat digital subterfuge. On the one hand, Deputy Prime Minister Krzysztof Gawkowski assured the public that the nation was “prepared for any scenario”. On the other, a report from the government commission on Russian and Belarusian influence painted a starkly different picture, warning of the urgent need to bolster cybersecurity personnel and analytical capabilities. The report stressed that Poland, one of the most frequently targeted nations in cyberspace according to Microsoft, still lacks a coherent state strategy to counteract disinformation.
Foreign Minister Radosław Sikorski was more explicit. Speaking in Paris, he warned that Poland must “prepare to protect our democratic process so that it is Poles who elect our president, not foreigners”. His statement underscored a broader anxiety: Poland remains acutely vulnerable to the hybrid warfare tactics that have reshaped elections across Europe.
The Cyber Threat at Poland’s Doorstep
Poland’s officials have made it clear that Moscow has a vested interest in the presidential election. The Minister of Digitalization has pointed to “organized actions” and “operational plans” orchestrated by Russian intelligence services aimed at destabilizing the electoral process. This is no abstraction: since the Russian invasion of Ukraine, cyberattacks on Polish systems have increased more than fivefold. Recruitment efforts on the dark web are in full swing, with offers reportedly reaching up to 4,000 euros for inside operatives. The stakes are clear—disrupting Poland’s democratic processes is a lucrative endeavor for those willing to collaborate with foreign intelligence.
The government has launched a protective initiative dubbed “Election Umbrella”, designed to safeguard networks and counteract disinformation. The plan includes domain security audits, leaked password reports, and social media monitoring to identify foreign influence. Yet concerns remain about the campaign’s reach. A critical element involves mapping illicit campaign financing from abroad and detecting narratives engineered outside Poland’s borders. These efforts, coordinated by state security agencies and Poland’s cybersecurity police force, are aimed at preventing Russia’s signature playbook: sowing discord, inflaming nationalist tensions, and undermining trust in institutions.
Disinformation as a Political Weapon
Nowhere is this strategy more evident than in the surge of anti-Ukrainian propaganda. A recent study by the fact-checking group Demagog found that in 2024 alone, nearly 327,000 anti-Ukrainian posts and comments appeared in Polish-language digital spaces, many amplified by bot networks. False narratives—ranging from accusations that Ukrainian refugees are exploiting Polish welfare to baseless claims about infectious diseases—have taken root. The goal is clear: inflame divisions, erode solidarity with Ukraine, and tilt the electorate toward far-right candidates who adopt a skeptical stance toward NATO and the European Union.
Among the most prevalent disinformation tropes is the notion that Ukrainian mothers in Poland refuse to work while exploiting social benefits, as well as unverified claims that Ukrainians are responsible for spreading polio and other diseases. Russian propaganda also revisits historical wounds, such as the 1943 Volhynia massacre, in which Ukrainian militias killed Polish civilians, using the tragedy to stoke modern-day resentment. Fabricated reports, like the supposed renaming of a Warsaw street after Stepan Bandera, a Ukrainian nationalist leader accused of war crimes, further inflame tensions.
The Kremlin’s Digital Trojan Horses
Beyond social media, Russian hybrid warfare extends to more tangible acts of sabotage. Early March, Poland’s Space Agency fell victim to a cyberattack—likely aimed at intercepting strategic data related to security and communications. Investigations have also linked last year’s arson attack on the Marywilska market hall in Warsaw to Russian operatives, who reportedly recruited Ukrainian nationals to carry it out, a calculated move designed to stoke ethnic tensions. These operations follow a familiar pattern observed across Europe: coordinated, multidimensional offensives meant to foster instability and paranoia.
Cybersecurity analysts believe these attacks are just the tip of the iceberg. With Poland being one of the most frequently targeted countries in cyberspace, the scale of Russia’s hybrid war is expanding. The March breach of the Polish Space Agency’s ICT infrastructure, for example, could have been aimed at disrupting satellite communications or accessing defense-related data. Experts warn that such incursions may escalate, targeting Poland’s energy grid, financial sector, or transportation networks.
The Price of Silence
While Poland’s government has taken initial steps to counteract foreign interference, some experts argue that its intelligence services remain too secretive. Unlike their counterparts in the U.S., France, or the Czech Republic, Polish agencies have been reluctant to share threat assessments with the public. This silence could prove costly. The most effective defense against disinformation, experts argue, is not secrecy but prebunking—the practice of preemptively warning the public about likely false narratives before they gain traction. Without a proactive communication strategy, Poland risks being caught off guard.
Slovakia, Romania, and Moldova have already learned this lesson the hard way. Their intelligence services have begun releasing reports on identified threats, warning against potential fake narratives before they spread. In contrast, Poland’s response remains largely classified. This approach, cybersecurity analysts argue, is a strategic misstep. The more information is withheld from the public, the easier it becomes for Russian disinformation to take hold.
The Looming Test: the Spring Elections
The challenge is not theoretical. In the days leading up to the election, a well-timed fabricated scandal—a forged video, a manipulated audio clip—could flood Polish media, gaining traction before authorities can respond. Disinformation specialists know when to strike: long weekends and national holidays, when government offices are closed and fact-checking is sluggish. With Poland’s presidential election coinciding with a major national holiday in May, the stage is set for a potential crisis.
What would happen if, in the final days of the election campaign, a video purporting to show a candidate accepting a bribe surfaced online? Or if a hacked news website published a fabricated article suggesting foreign backing for a particular contender? The speed at which such falsehoods spread could be enough to sway public perception before authorities can refute them. And if Poland’s response remains reactive rather than preventative, the disinformation campaign may succeed before the truth catches up.
In the end, the question is not merely whether Poland’s election will be targeted, but whether the country will be ready when it is. If not, the unsettling possibility remains: it may not be Poles who decide their next president, but rather a Kremlin narrative, skillfully deployed in the digital shadows.
