**NCBJ**, Poland's primary nuclear research institute, announced this week that its security systems and internal procedures effectively identified and neutralized a cyberattack. The quick response of the IT staff ensured the integrity of the systems was maintained. ### Rapid Response Prevents Compromise "Thanks to the rapid and effective actions of security systems and procedures in the event of such an incident, as well as the quick response of our teams, the attack was thwarted, and the integrity of the systems was not compromised," the **NCBJ** stated in a press release. **NCBJ** plays a crucial role in Poland, specializing in nuclear physics, reactor technology, particle physics, and radiation applications. It provides critical technical and scientific support for the country's nuclear power program. The institute also operates the MARIA reactor, Poland's sole nuclear reactor, which is dedicated to scientific experiments, neutron research, and the production of medical isotopes. Importantly, the MARIA reactor is not used for electricity generation. ### Reactor Operations Unaffected Professor Jakub Kupecki, Director of **NCBJ**, confirmed that the cybersecurity incident did not impact the operation of the MARIA reactor. The reactor continues to function safely at full power. The institute has notified relevant national authorities and initiated a thorough investigation. Internal security teams are on high alert to address any potential new threats. ### Potential Iranian Involvement While the **NCBJ** has not attributed the attack to any specific group or nation, **Reuters** has reported that Polish authorities are investigating indicators suggesting possible Iranian involvement. However, investigators are proceeding cautiously, acknowledging the possibility of false flags. This incident comes after Poland's Defense Minister, Wladyslaw Kosiniak-Kamysz, stated earlier this month that Poland is not participating in the conflict in the Middle East. ### Recent Cyber Activity Targeting Poland Earlier this year, in January, Poland's power grid, specifically distributed energy resource (DER) sites, heat and power (CHP) facilities, wind, and solar dispatch systems, were targeted by the Russian threat group **APT44** (also known as "Sandworm"). In late February, an **ICCT** report highlighted Poland as a frequent target of Russian cyber actors, citing 31 confirmed incidents attributed to them between mid-2025 and early-2026.  ## Red Report 2026: Why Ransomware Encryption Dropped 38% Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight. Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded.