A massive cyberattack on Poland's power grid in December was an attempt by Russian government hackers, according to a security research firm. The attack, which targeted two heat and power plants and communication links between renewable installations, was the strongest attack on Poland's energy infrastructure in years, with the Polish government blaming Moscow. The incident could have knocked out heat and power for at least half a million homes across the country. Cybersecurity firm ESET obtained a copy of the destructive malware, DynoWiper, which is designed to irreversibly destroy data on computers to prevent them from working. ESET attributed the malware to the hacking group Sandworm, a unit within Russia's military intelligence agency GRU, based on a strong overlap with its previous research into Sandworm's past malware, including the group's use of destructive malware to target Ukraine's energy sector. This attack comes almost exactly a decade after Sandworm's first-known cyberattack on Ukraine's energy infrastructure in 2015, which caused power outages for more than 230,000 homes around Kyiv, the country's capital. Despite the attempted hack, Poland's prime minister, Donald Tusk, said that the country's cybersecurity defenses worked, and "at no point was critical infrastructure threatened." But here's where it gets controversial... Is this a one-off attack or a sign of a growing threat to global energy infrastructure? And this is the part most people miss... What does this mean for the future of cybersecurity and the stability of our energy systems?
