A failed December effort to bring down parts of Poland’s energy grid was the work of Russian government hackers known for causing past energy disruptions, according to a security research firm that investigated the incident. Last week, Polish Energy Minister Milosz Motyka told reporters that the attempted cyberattack on December 29 and 30 involved hackers targeting two heat and power plants. They also tried to disrupt communication links between renewable installations, such as wind turbines and power distribution operators. Motyka described the incident as the “strongest attack” on Poland’s energy infrastructure in years. The Polish government attributed the attack to Moscow. Local media reported that the attacks had the potential to knock out heat and power for at least half a million homes across the country.

Lloji i sulmit dhe identiteti i autorëve

On Friday, cybersecurity firm ESET announced that it had obtained a copy of the destructive malware used in the attack, which it refers to as DynoWiper. This form of “wiper” malware is specifically designed to permanently destroy data on computers, rendering them inoperable. ESET attributed the malware with “medium confidence” to the hacking group called Sandworm—a unit within Russia’s military intelligence agency, GRU—based on a significant overlap with previous research into Sandworm’s past malware. The group’s earlier campaigns included the use of destructive malware aimed at Ukraine’s energy sector. Independent journalist Kim Zetter was the first to report on this development. According to Zetter, the cyberattacks on Poland’s power grid took place almost exactly a decade after Sandworm’s first known cyberattack against Ukraine’s energy infrastructure in 2015. That earlier attack led to power outages for more than 230,000 homes in Kyiv, Ukraine’s capital, while a similar attack struck Ukraine’s energy systems in the following year.

Reagimi i autoriteteve dhe rëndësia e sigurisë kibernetike

After the recent attempted hack, Poland’s prime minister, Donald Tusk, stated that the country’s cybersecurity defenses were effective. He emphasized that “at no point was critical infrastructure threatened.” This incident demonstrates not only the persistent threats to national energy infrastructure but also underscores the importance of strong cybersecurity measures. Although the attack failed, it highlights ongoing risks posed by hostile state-sponsored hacking groups. Transitioning from traditional attacks to more sophisticated cyber operations, these threats require continued vigilance and coordination among national security institutions. Poland’s prompt response and transparent communication reflect a commitment to maintaining the security of its critical infrastructure in an increasingly digital world.

Tags: hakerët rusë, sulme kibernetike, infrastruktura energjetike, siguria kombëtare, Polonia, malware wiper