The Polish authorities mentioned Russian authorities hackers broke into elements of the nation’s power grid infrastructure, benefiting from its poor safety.
On Friday, Poland’s Laptop Emergency Response Group (CERT), which is a part of the Ministry of Digital Affairs, released a technical report about an incident on the finish of final 12 months, the place suspected Russian authorities hackers hacked wind and photo voltaic farms and a heat-and-power plant. In accordance with the report, the hackers didn’t face lots of resistance. The focused techniques used default usernames and passwords and didn’t have multi-factor authentication enabled, each extremely primary errors.
The hackers tried to contaminate the techniques they broke into with wiper malware designed to erase and successfully destroy the techniques, maybe attempting to show off the ability, though it’s unclear if that was their objective. Both manner, the assaults have been stopped on the heat-and-power plant, however not on the wind and photo voltaic farms, whose techniques to watch and management grid techniques have been made inoperable by the malware.
“The entire assaults have been purely damaging in nature — by analogy to the bodily world, they are often in comparison with deliberate acts of arson,” learn the report.
The hackers didn’t disrupt energy at any of their focused amenities. And even when that they had succeeded, the report mentioned that the hack “wouldn’t have affected the steadiness of the Polish energy system throughout the interval in query.”
Cybersecurity companies ESET and Dragos beforehand launched studies in regards to the assaults, which occurred on December 29 of final 12 months, accusing the infamous Russian authorities hacking group Sandworm of being behind the intrusions. Sandworm has a documented historical past of concentrating on power infrastructure in Ukraine and turning off the lights within the nation in 2015, 2016, and 2022.
Poland’s CERT, nevertheless, accused a unique Russian authorities hacking group, generally known as Berserk Bear or Dragonfly, which isn’t recognized for damaging assaults, however somewhat extra conventional cyberespionage.
