Cyberattack On Poland's Power Grid Could Have Turned Deadly In Winter Cold - RedPacket Security

Cybersecurity firm Dragos has released a report detailing a coordinated cyberattack on Poland's power grid, attributed to the Russian-linked threat group Electrum (also known as Sandworm). The attack targeted approximately 30 facilities, specifically focusing on Distributed Energy Resources (DERs)—smaller renewable and localized generation sites connected to the central grid. Attackers utilized 'DynoWiper' malware and successfully compromised Remote Terminal Units (RTUs) and communication infrastructure. While the sabotage did not result in widespread power outages, Dragos noted that equipment at some sites was damaged beyond repair. The timing of the attack during the depths of winter was described as 'potentially lethal' due to the civilian population's dependence on the grid for heating. This incident represents an evolution in Sandworm's tradecraft, shifting focus from centralized facilities to more vulnerable distributed assets.