A coordinated cyberattack in late December targeted Poland’s distributed energy generation systems, compromising control and communications at about 30 facilities but stopping short of disrupting the national transmission backbone or causing widespread outages. Cybersecurity firm Dragos attributed the intrusion to the Russian-linked group Sandworm and reported the use of data-wiping malware DynoWiper, which disabled equipment and prevented remote monitoring. #Sandworm #DynoWiper
Keypoints
- About 30 distributed energy facilities in Poland had their control and communications systems compromised.
- Poland’s transmission backbone was not affected and there were no large-scale power outages.
- Attackers gained access to operational technology and disabled key equipment beyond repair, hindering remote control and monitoring.
- Dragos attributed the attack to Sandworm and linked it to the DynoWiper data-wiping malware with moderate confidence.
- Distributed energy systems’ heavy remote connectivity and lower cybersecurity investment make them attractive targets for sophisticated adversaries.
Read More: https://therecord.media/poland-electrical-grid-cyberattack-30-facilities-affected