**Russian Government Hackers Behind Attempted Poland Power Outage**

In a concerning development, researchers have confirmed that Russian government hackers were behind an attempted power outage in Poland last December. The incident, which targeted two heat and power plants and renewable energy installations, has been described as the "strongest attack" on Poland's energy infrastructure in years.

According to Polish Energy Minister Milosz Motyka, the cyberattack occurred on December 29 and 30, with hackers targeting the communication links between wind turbines and power distribution operators. The potential impact of the attack was significant, with local media reporting that it could have knocked out heat and power for at least half a million homes across the country.

Investigations by cybersecurity firm ESET revealed that the destructive malware used in the attack is known as DynoWiper. This type of "wiper" malware is designed to irreversibly destroy data on computers, preventing them from functioning. ESET attributed the malware with "medium confidence" to the hacking group known as Sandworm, a unit within Russia's military intelligence agency GRU.

The connection between Sandworm and the attack was established based on a "strong overlap" with the group's previous research into their past malware, including their use of destructive malware to target Ukraine's energy sector. The cyberattacks targeting Poland come almost exactly a decade after Sandworm's first-known cyberattack on Ukraine's energy infrastructure in 2015, which caused power outages for over 230,000 homes around Kyiv.

Following the attempted hack, Poland's prime minister, Donald Tusk, stated that the country's cybersecurity defenses worked effectively, and "at no point was critical infrastructure threatened." While the attack may have been unsuccessful in its goals, it serves as a stark reminder of the ongoing threat posed by state-sponsored hackers.

**The Attackers: Sandworm**

Sandworm is a unit within Russia's military intelligence agency GRU, responsible for conducting cyberattacks on behalf of the Russian government. The group has been linked to several high-profile attacks in recent years, including the 2015 cyberattack on Ukraine's energy infrastructure.

Notably, the attack on Poland's energy sector comes at a time when tensions between Russia and the West are running high. The incident highlights the need for continued vigilance and investment in cybersecurity measures to protect against state-sponsored hackers.

**The Aftermath**

While the attempted power outage was unsuccessful, it serves as a warning to countries around the world of the ongoing threat posed by state-sponsored hackers. As governments and organizations continue to grapple with the challenge of cyber attacks, it is clear that the stakes have never been higher.

As researchers continue to investigate the attack and its perpetrators, one thing is certain: the threat of state-sponsored hacking will only continue to evolve in the years ahead.

**Related Stories**

* [TikTok users freak out over app's 'immigration status' collection](#) * [Microsoft gave FBI a set of BitLocker encryption keys to unlock suspects' laptops](#) * [Capital One acquires Brex for a steep discount to its peak valuation, but early believers are laughing all the way to the bank](#) * [Anthropic's CEO stuns Davos with Nvidia criticism](#) * [Humans&, a 'human-centric' AI startup founded by Anthropic, xAI, Google alums, raised $480M seed round](#) * [SpaceX didn't properly inspect crane before collapse at Starbase, OSHA says](#)

**About the Author**

Zack Whittaker is the security editor at TechCrunch. He also authors the weekly cybersecurity newsletter, this week in security. You can contact him via encrypted message at zackwhittaker.1337 on Signal or by email at zack.whittaker@techcrunch.com.

HACKER_BLOG

RESEARCHERS SAY RUSSIAN GOVERNMENT HACKERS WERE BEHIND ATTEMPTED POLAND POWER OUTAGE | TECHCRUNCH