POLAND’S electric grid was targeted by a wiper malware, described as a never-before-seen threat, in an attack likely carried out by a Russia state hacker group. According to Reuters, the cyberattack occurred during the last week of December and aimed to disrupt communications between renewable installations and power distribution operators but failed for reasons not explained.
On Friday, security firm ESET said the malware, dubbed DynoWiper, was a wiper designed to permanently erase data and hinder operations, with the attack attributed to the Russia-aligned Sandworm APT with medium confidence due to overlaps with past activity. There is no indication how or why DynoWiper failed to take out power, though theories include miscalculation by the attackers or effective cyber defenses.
The event coincides with the 10th anniversary of a Ukraine grid attack, which saw a NotPetya-like malware outbreak affecting power supply, illustrating the long history of wiper use by Russian hackers.