Russia is actively interfering in Hungary’s domestic politics to keep Viktor Orbán in power. According to experts, the Kremlin seeks to strengthen its influence in the country ahead of the April 2026 elections by weakening the opposition and creating a model in Hungary similar to the Russian regime, with restricted freedom of speech, political rights, and civil liberties. Moscow involves Orbán and his inner circle in corrupt schemes, increasing their dependence on Russia and expanding Budapest’s ability to conduct subversive activities within the EU and NATO, according to the Robert Lansing Institute.
Peter Magyar, leader of Hungary’s opposition party Tisza, told The Financial Times that his party’s servers had been subjected to a cyberattack suspected to involve Russian hackers. According to him, Russia’s foreign intelligence service had previously accused the EU, Ukraine, and the Tisza movement of attempting to overthrow Orbán. Magyar called these claims “blatant disinformation” and stated that “Putin has started interfering in the election campaign.” In early November, personal data of 200,000 Tisza supporters, including phone numbers, email addresses, and physical addresses, was leaked online and displayed on an interactive map, enabling voter intimidation and the use of bot networks against the opposition.
Recent Závecz Research polls show that the Tisza party has the support of 48 percent of Hungarians, while Orbán’s Fidesz party received 37 percent. Magyar emphasized that Orbán is Putin’s closest ally in the EU, and the Kremlin is keen to ensure he remains in power. The Russian cyberattack targets the only Hungarian political force capable of challenging Orbán and fits a long-standing SVR practice of interfering in EU electoral processes.
For Moscow, the Tisza party represents a strategic threat: it could disrupt Orbán’s partnership with the Kremlin, shift Hungary’s foreign policy toward the EU, the U.S., and Ukraine, and weaken Hungary’s energy and financial dependence on Russia. Consequently, in 2024–2025, the party became a target of cyberattacks aimed at collecting internal documents, donor maps, identifying vulnerabilities, and generating kompromat for pre-election leaks.
Russian intelligence services, primarily the SVR, use characteristic methods such as phishing, credential harvesting, covert infiltration of communication platforms, and donor databases. The goal is to manipulate public trust in the party, portraying it as incompetent, corrupt, and controlled by the West. Simultaneously, the Kremlin pressures Orbán to tighten control over the opposition and reinforce the Hungarian government’s pro-Russian stance.
The cyberattack on Tisza is seen in Washington as part of a broader Moscow campaign against democratic processes in the West. Orbán is now viewed as a Kremlin agent within NATO, increasing pressure on the U.S. and Brussels regarding Hungary. Russian interference threatens the unity of NATO’s eastern flank and undermines the credibility of democratic institutions.
RLI notes that the attack on the Tisza party is not an isolated event but signals the start of a large-scale campaign aimed at maintaining a pro-Russian government in Hungary and preventing the country from shifting toward the EU and supporting Ukraine. Russia’s strategy combines cyber operations, kompromat collection, and pre-election messaging to ensure Orbán’s continued rule and Moscow’s control over the Hungarian political landscape.
