"the attack was the work of Sandworm, which deployed a previously undocumented wiper malware codenamed DynoWiper. The links to Sandworm are based on overlaps with prior wiper activity associated with the adversary, particularly in the aftermath of Russia's military invasion of Ukraine in February 2022. The Slovakian cybersecurity company, which identified the use of the wiper as part of the attempted disruptive attack aimed at the Polish energy sector on December 29, 2025, said there is no evidence of successful disruption."
"as well as a system enabling the management of electricity generated from renewable energy sources such as wind turbines and photovoltaic farms, the Polish government said. "Everything indicates that these attacks were prepared by groups directly linked to the Russian services," Prime Minister Donald Tusk said, adding the government is readying extra safeguards, including a key cybersecurity legislation that will impose strict requirements on risk management, protection of information technology (IT) and operational technology (OT) systems, and incident response."
Sandworm deployed a previously undocumented wiper malware codenamed DynoWiper in an attempted disruptive attack on Poland’s energy sector on December 29–30, 2025. The attacks targeted two combined heat and power plants and a system managing electricity from renewables including wind turbines and photovoltaic farms. Slovakian cybersecurity company ESET linked the activity to Sandworm based on overlaps with prior wiper operations and reported no evidence of successful disruption. Poland’s energy command and Minister Milosz Motyka diagnosed the attack as the strongest on energy infrastructure in years. Prime Minister Donald Tusk attributed preparation to groups linked to Russian services and announced enhanced safeguards and new cybersecurity legislation for IT and OT systems.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]