Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
The Polish government said Russian government hackers infiltrated parts of the country’s power grid infrastructure, taking advantage of weak security.
On Friday, the Polish Computer Emergency Response Team (CERT), part of the Ministry of Digital Affairs, Issued a technical report About an incident that occurred at the end of last year, in which suspected Russian government hackers hacked into wind and solar farms and a heat and electricity plant. According to the report, the hackers did not face much resistance. The targeted systems used default usernames and passwords and did not enable multi-factor authentication, both of which are incredibly basic errors.
The hackers attempted to infect the systems they broke into with malware designed to effectively wipe and destroy systems, and may attempt to cut off power, though it is unclear whether that was their goal. In both cases, the attacks were stopped at the heat and power plant, but not at the wind and solar farms, whose systems for monitoring and controlling grid systems were rendered inoperable by the malware.
“All of the attacks were destructive in nature – compared to the physical world, they are comparable to acts of arson,” the report said.
The hackers failed to disable power at any of their targeted facilities. Even if they had succeeded, the report said the hack “would not have affected the stability of the Polish energy system during the period in question.”
Cybersecurity companies ESET and Dragos Previous reports were issued about the attacks that occurred on December 29 of last year, accusing the notorious Russian government hacking group Sandworm of being behind the intrusions. Sand worm It has a documented history of targeting Ukraine’s energy infrastructure and turning off the lights in the country 2015, 2016and 2022.
However, the Polish CERT team has accused a different Russian government hacking group, known as Raging bear or dragonflyIt is not known for destructive attacks, but rather for traditional electronic espionage.