On Dec. 29 and 30, the Polish electricity grid was subjected to a cyberattack that nearly knocked out power to hundreds of thousands of households.
Security firm ESET has since conducted a closer examination of the attack and concluded that it was carried out by Sandworm, a group of hackers with strong ties to the Russian military intelligence service GRU.
The attack used Dynowiper, a powerful malware that deletes all data on vulnerable computers.
Sandworm is said to have carried out a long series of similar attacks against the Ukrainian power grid since 2014, heralding a new era of cyber warfare and ultimately resulting in US DOJ indictments against members of the group.
In 2022, Sandworm planted a new version of the Industroyer malware to disrupt industrial control systems at a Ukraine energy facility but was thwarted from doing serious damage — an incident that heightened risk awareness across the globe.