500,000 Homes Spared: Russian Sandworm Hackers Target Poland’s Energy Grid
Russian Sandworm hackers attempted a major cyberattack on Poland's energy grid in late 2025 using DynoWiper malware. Discover how the nation's defenses prevented a blackout for 500,000 homes.
Half a million homes nearly went dark during the peak of winter. A failed cyberattack attempt on December 29 and 30 targeted Poland's national energy grid, marking what officials call the most aggressive assault on the country's infrastructure in years. The Polish government hasn't hesitated to point the finger directly at Moscow.
Russian Sandworm Cyberattack Poland Energy 2025: The DynoWiper Threat
According to reports from TechCrunch, Polish Energy Minister Milosz Motyka revealed that hackers aimed to disrupt heat and power plants, as well as communication links for renewable energy sources like wind turbines. Cybersecurity firm ESET identified the weapon as DynoWiper, a destructive malware designed to wipe data irreversibly and paralyze computer systems.
ESET attributed the attack with medium confidence to Sandworm, an elite hacking unit within Russia's military intelligence agency (GRU). The researchers found a "strong overlap" between this incident and previous campaigns where Sandworm used similar wiper malware to cripple Ukraine's energy sector. This suggests a persistent strategy by Russia to weaponize energy infrastructure against neighboring states.
A Decade After the Kyiv Blackout
The timing is chillingly symbolic. This attack comes almost exactly 10 years after Sandworm's first major hit on Ukraine in 2015, which left 230,000 homes in Kyiv without power. Fortunately, Poland's defenses held firm. Prime Minister Donald Tusk confirmed that "at no point was critical infrastructure threatened," thanks to the country's robust cybersecurity measures.
This content is AI-generated based on source articles. While we strive for accuracy, errors may occur. We recommend verifying with the original source.
Related Articles
Waymo suspended its robotaxi service in San Francisco during a city-wide blackout after vehicles were seen blocking traffic. The incident highlights the vulnerability of autonomous tech to infrastructure failures.
Analysis of Russia's multi-year cyberattack on AWS. The true threat isn't a flaw in the cloud, but the weaponization of customer misconfigurations.
US Immigration and Customs Enforcement seeks commercial advertising technology and location data to support investigations, blurring lines between marketing and government surveillance.
Microsoft complied with FBI warrant to provide encryption keys, contrasting with Apple's 2016 refusal. What does this shift mean for tech industry unity on privacy?
Waymo suspended its robotaxi service in San Francisco during a city-wide blackout after vehicles were seen blocking traffic. The incident highlights the vulnerability of autonomous tech to infrastructure failures.
Analysis of Russia's multi-year cyberattack on AWS. The true threat isn't a flaw in the cloud, but the weaponization of customer misconfigurations.
US Immigration and Customs Enforcement seeks commercial advertising technology and location data to support investigations, blurring lines between marketing and government surveillance.
Microsoft complied with FBI warrant to provide encryption keys, contrasting with Apple's 2016 refusal. What does this shift mean for tech industry unity on privacy?