Russian Hackers Blamed for Poland Energy Cyberattack

Russian government hackers are behind a failed December cyberattack targeting Poland's energy infrastructure, according to a security research firm that investigated the incident. The attempted disruption, which Polish Energy Minister Milosz Motyka described as the "strongest attack" in years, involved sophisticated efforts to compromise two heat and power plants and sever communication links for renewable energy installations, such as wind turbines and power distribution operators.

Minister Motyka highlighted the severity of the December 29-30 incident, with the Polish government swiftly blaming Moscow for the attempt. Local media reported that the sophisticated cyberattack could have deprived over half a million homes nationwide of heat and power.

Cybersecurity firm ESET confirmed on Friday that it had obtained a copy of the destructive malware used in the attack, which they named DynoWiper. This specialized "wiper" malware is engineered to irreversibly corrupt data on targeted computer systems, rendering them inoperable.

ESET attributed the DynoWiper malware with "medium confidence" to the hacking group known as Sandworm, a notorious unit believed to be part of Russia's GRU military intelligence agency. This attribution stems from a "strong overlap" with Sandworm's previous malware campaigns, particularly their history of deploying destructive wipers against Ukraine's energy sector. Independent journalist Kim Zetter first reported the news.

The timing of the Polish cyberattack is notable, occurring almost exactly a decade after Sandworm's first documented attack on Ukraine's energy infrastructure in 2015. That incident caused widespread power outages for more than 230,000 homes in and around Kyiv, the country's capital. A similar cyberattack further targeted Ukraine's energy systems just a year later, demonstrating a consistent pattern of aggression.

Despite the severity of the attempt, Polish Prime Minister Donald Tusk affirmed that the country's cybersecurity defenses proved effective. He stated that "at no point was critical infrastructure threatened," underscoring the resilience of Poland's systems against state-sponsored cyber aggression.