"Russia was probably behind the failed attempts to compromise the systems of Poland's power companies in December, cybersecurity researchers claim. ESET attributed the attack with "medium" confidence to Russia's GRU-run Sandworm unit, after it investigated the attack and its use of wiper malware. The attackers, believed to be state-backed, deployed DynoWiper malware on Poland's national energy systems. Energy minister Milosz Motyka said they attempted to disrupt communication between renewable hardware and power distribution operators, but were unsuccessful."
"The use of wiper malware is one of the telltale signs of Sandworm's likely involvement - the group has an extensive history of using wiper strains against the critical infrastructure of adversarial countries. Mandiant previously linked blackouts in Ukraine to Sandworm's deployment of CaddyWiper in 2023, and the same group is thought to have executed WhisperGate wiper malware to coincide with its on-the-ground invasion of Ukraine in 2022."
Cybersecurity researchers attribute failed December attempts to compromise Poland's power systems to Russia's GRU-run Sandworm unit with medium confidence. Attackers deployed DynoWiper wiper malware on national energy systems and attempted to disrupt communication between renewable hardware and power distribution operators, but those attempts were unsuccessful. The use of wiper malware and Sandworm's history of targeting critical infrastructure inform the attribution. Mandiant previously linked CaddyWiper and WhisperGate to blackouts in Ukraine in 2023 and 2022, respectively. ESET believes the attack was timed to mark the ten-year anniversary of a 2015 energy-sector attack and continues to investigate.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]