GBAF Logo
Finance

Russian military intelligence hackers likely behind December cyberattacks on Polish energy targets, researchers say

Published by Global Banking & Finance Review

Posted on January 23, 2026

2 min read

· Last updated: January 23, 2026

Add as preferred source on Google
Russian military intelligence hackers likely behind December cyberattacks on Polish energy targets, researchers say
cybersecurity Digital transformation financial services
Global Banking & Finance Awards 2026 — Call for Entries

By AJ Vicens Jan 23 (Reuters) - A notorious Russian military intelligence hacking unit with a track record of destructive cyber operations was likely behind the large cyberattacks that targeted

Russian Hackers Likely Behind December Cyberattacks on Polish Energy

Overview of the Cyberattacks

By AJ Vicens

Details of the Attack

Jan 23 (Reuters) - A notorious Russian military intelligence hacking unit with a track record of destructive cyber operations was likely behind the large cyberattacks that targeted Poland’s power system in late December, researchers said Friday.

Response from Polish Officials

Researchers with Slovakia-based ESET analyzed malware used during the attack and determined that it was the work of the hacking unit, tracked widely as Sandworm, based on how the group has operated in the past and code overlaps with other destructive cyberattacks carried out by the group over the years, the researchers said in a blog post.

Background on Sandworm

The Russian Embassy in Washington did not immediately respond to a request for comment.

The hackers attempted to deploy a piece of malware dubbed DynoWiper that would have destroyed files on targeted computer systems and rendered them inoperable, according to the researchers.

“We’re not aware of any successful disruption occurring as a result of this attack,” the researchers said, echoing Polish Prime Minister Donald Tusk’s January 15 claim that the attacks were unsuccessful.

Milosz Motyka, Poland’s energy minister, told reporters January 13 that the cyberattack on the country’s power system in the final week of December was the strongest attack on the energy infrastructure in years.

Sandworm, which has been attributed to Russian military intelligence by the U.S. and British governments, has been linked to a string of high-profile and destructive cyber attacks dating back more than a decade. The December attack on Poland occurred on the tenth anniversary of the Sandworm-linked destructive malware attack on the Ukrainian power grid, “which resulted in the first-ever malware-facilitated blackout,” the ESET researchers said Friday.

(Reporting by AJ Vicens in Detroit; Editing by Alistair Bell)

Key Takeaways

  • Russian hackers likely targeted Polish energy systems in December.
  • The Sandworm group is suspected to be behind the attacks.
  • ESET researchers identified the use of DynoWiper malware.
  • Polish officials reported no successful disruptions.
  • The attack coincided with the anniversary of a similar Ukraine incident.

Frequently Asked Questions

What is malware?
Malware is malicious software designed to harm, exploit, or otherwise compromise computer systems. It includes viruses, worms, trojans, and ransomware.
What is cybersecurity?
Cybersecurity refers to the practice of protecting systems, networks, and programs from digital attacks. It involves implementing measures to safeguard data integrity and confidentiality.
What is energy infrastructure?
Energy infrastructure includes the facilities and systems that generate, transmit, and distribute energy, such as power plants, electrical grids, and pipelines.
What is digital transformation?
Digital transformation is the process of using digital technologies to fundamentally change how organizations operate and deliver value to customers.
What is a cyberattack?
A cyberattack is an attempt to damage, disrupt, or gain unauthorized access to computer systems or networks, often with malicious intent.

Tags

Related Articles

Image for Australia's Wong to visit Japan, China, South Korea to discuss energy security

Australia's Wong to visit Japan, China, South Korea to discuss energy security

Image for Hungary's Magyar to meet EU's von der ​Leyen for talks on EU funds this week

Hungary's Magyar to meet EU's von der ​Leyen for talks on EU funds this week

Image for Switzerland angers Italy by claiming costs of treating Crans-Montana fire victims

Switzerland angers Italy by claiming costs of treating Crans-Montana fire victims

Image for Russian defence minister visits North Korea

Russian defence minister visits North Korea

Image for Fertiliser plant in Russia's Vologda region damaged in Ukrainian drone attack, governor says

Fertiliser plant in Russia's Vologda region damaged in Ukrainian drone attack, governor says

Image for Close Brothers will not take legal action against Britain's car finance redress scheme, Sky News reports

Close Brothers will not take legal action against Britain's car finance redress scheme, Sky News reports

More from Finance

Explore more articles in the Finance category

Image for Germany's far-right AfD rises to record 28%, INSA poll shows
Germany's far-right AfD rises to record 28%, INSA poll shows
Image for German government suspects Russia of Signal attack targeting politicians, sources say
German government suspects Russia of Signal attack targeting politicians, sources say
Image for Romania finds parts of second drone after overnight Russian attack on Ukraine
Romania finds parts of second drone after overnight Russian attack on Ukraine
Image for China condemns EU's inclusion of Chinese entities in sanctions package against Russia
China condemns EU's inclusion of Chinese entities in sanctions package against Russia
Image for Russian parliament speaker in North Korea to mark Pyongyang's troop deployment in Ukraine war
Russian parliament speaker in North Korea to mark Pyongyang's troop deployment in Ukraine war
Image for Macron reaffirms efforts to reopen Strait of Hormuz, as TotalEnergies warns of energy shortages
Macron reaffirms efforts to reopen Strait of Hormuz, as TotalEnergies warns of energy shortages
Image for France's Macron says EU mutual assistance clause is unambiguous
France's Macron says EU mutual assistance clause is unambiguous
Image for US to let Venezuela pay Maduro's lawyer in drug trafficking case
US to let Venezuela pay Maduro's lawyer in drug trafficking case
Image for Italy votes down equal parental leave while fathers redefine their role online
Italy votes down equal parental leave while fathers redefine their role online
Image for German auto industry faces even tougher competition as China economy slows
German auto industry faces even tougher competition as China economy slows
Image for Romania says drone fragments damage property during overnight Russian attack on Ukraine
Romania says drone fragments damage property during overnight Russian attack on Ukraine
Image for Engine maker Horse plans India move to supply growing small car market, CEO says
Engine maker Horse plans India move to supply growing small car market, CEO says
View All Finance Posts