A hacking group tied to Russian intelligence was allegedly behind a large-scale attempted cyberattack in December on the Polish power grid, cybersecurity company ESET concluded in a report published Friday.
The incident — which according to Polish authorities was unsuccessful and did not disrupt energy access in the country — was one of the largest cyberattacks on the nation’s critical infrastructure in years, and would mark a major instance of Russia targeting a NATO state.
According to the report from ESET, Russian hacking group Sandworm — which is connected to the Russian GRU intelligence agency — was responsible for the cyberattack. ESET researchers found that the attack occurred around the 10th anniversary of a similar, but successful, cyberattack by Sandworm in 2015 on the Ukrainian power grid, which left hundreds of thousands of Ukrainians in the dark for hours.
The researchers noted that attackers used a type of malware designed for destructive purposes, but stressed that “we’re not aware of any successful disruption occurring as a result of this attack.”
