"CERT Polska, the Polish computer emergency response team, revealed that coordinated cyber attacks targeted more than 30 wind and photovoltaic farms, a private company from the manufacturing sector, and a large combined heat and power plant (CHP) supplying heat to almost half a million customers in the country. The incident took place on December 29, 2025. The agency has attributed the attacks to a threat cluster dubbed Static Tundra, which is also tracked as Berserk Bear, Blue Kraken,"
""All attacks had a purely destructive objective," CERT Polska said in a report published Friday. "Although attacks on renewable energy farms disrupted communication between these facilities and the distribution system operator, they did not affect the ongoing production of electricity. Similarly, the attack on the combined heat and power plant did not achieve the attacker's intended effect of disrupting heat supply to end users.""
On December 29, 2025, coordinated destructive cyberattacks targeted more than 30 wind and photovoltaic farms, a manufacturing-sector company, and a large combined heat and power plant supplying heat to nearly half a million customers. CERT Polska attributed the activity to a threat cluster tracked as Static Tundra and assessed a link to Russia's FSB Center 16; ESET and Dragos attributed the activity with moderate confidence to Sandworm. Attackers gained access to substation networks to conduct reconnaissance, damage controller firmware, delete system files, and attempt deployment of DynoWiper. Long-term data theft at the CHP enabled privilege escalation and lateral movement, but attempts to detonate wiper malware failed and energy production and heat supply remained uninterrupted.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]