500,000 Homes Spared: Russian Sandworm Hackers Target Poland’s Energy Grid
Russian Sandworm hackers attempted a major cyberattack on Poland's energy grid in late 2025 using DynoWiper malware. Discover how the nation's defenses prevented a blackout for 500,000 homes.
Half a million homes nearly went dark during the peak of winter. A failed cyberattack attempt on December 29 and 30 targeted Poland's national energy grid, marking what officials call the most aggressive assault on the country's infrastructure in years. The Polish government hasn't hesitated to point the finger directly at Moscow.
Russian Sandworm Cyberattack Poland Energy 2025: The DynoWiper Threat
According to reports from TechCrunch, Polish Energy Minister Milosz Motyka revealed that hackers aimed to disrupt heat and power plants, as well as communication links for renewable energy sources like wind turbines. Cybersecurity firm ESET identified the weapon as DynoWiper, a destructive malware designed to wipe data irreversibly and paralyze computer systems.
ESET attributed the attack with medium confidence to Sandworm, an elite hacking unit within Russia's military intelligence agency (GRU). The researchers found a "strong overlap" between this incident and previous campaigns where Sandworm used similar wiper malware to cripple Ukraine's energy sector. This suggests a persistent strategy by Russia to weaponize energy infrastructure against neighboring states.
A Decade After the Kyiv Blackout
The timing is chillingly symbolic. This attack comes almost exactly 10 years after Sandworm's first major hit on Ukraine in 2015, which left 230,000 homes in Kyiv without power. Fortunately, Poland's defenses held firm. Prime Minister Donald Tusk confirmed that "at no point was critical infrastructure threatened," thanks to the country's robust cybersecurity measures.
Authors
Related Articles
Waymo suspended its robotaxi service in San Francisco during a city-wide blackout after vehicles were seen blocking traffic. The incident highlights the vulnerability of autonomous tech to infrastructure failures.
Analysis of Russia's multi-year cyberattack on AWS. The true threat isn't a flaw in the cloud, but the weaponization of customer misconfigurations.
AI sustainability researcher Sasha Luccioni is launching a new venture to push for energy transparency in AI. Here's why Big Tech keeps the numbers hidden—and what's starting to change.
Josh D'Amaro took over Disney with a bold Disney Plus vision. Days later, he's in a First Amendment fight with the Trump administration over The View. What does this mean for media freedom?
Waymo suspended its robotaxi service in San Francisco during a city-wide blackout after vehicles were seen blocking traffic. The incident highlights the vulnerability of autonomous tech to infrastructure failures.
Analysis of Russia's multi-year cyberattack on AWS. The true threat isn't a flaw in the cloud, but the weaponization of customer misconfigurations.
AI sustainability researcher Sasha Luccioni is launching a new venture to push for energy transparency in AI. Here's why Big Tech keeps the numbers hidden—and what's starting to change.
Josh D'Amaro took over Disney with a bold Disney Plus vision. Days later, he's in a First Amendment fight with the Trump administration over The View. What does this mean for media freedom?
Thoughts
Share your thoughts on this article
Sign in to join the conversation