CySecurity News - Latest Information Security and Hacking Incidents, EN

Dragos Links Coordinated Polish Power Grid Cyberattack to Russia-Backed ELECTRUM Group

A wave of connected cyber intrusions struck multiple points in Poland’s electricity infrastructure near the end of 2025. Dragos, an industrial control system security firm, assessed with limited certainty that the activity aligns with a Russia-linked group known as ELECTRUM. While attribution is not definitive, the techniques and patterns resemble previous operations tied to the cluster. Investigators also flagged unusual entry routes through third-party maintenance channels, with disruptions occurring amid heightened geopolitical tensions. No major blackouts followed, but systems recorded repeated probing attempts. Response teams moved quickly to isolate affected segments, and attribution was supported by forensic traces left during the breaches. Officials emphasized continued vigilance despite containment. 

At one site, critical hardware was destroyed and left unusable, marking what Dragos described as the first large-scale cyberattack focused on decentralized energy systems such as wind turbines and solar generation connected to the grid. Operational technology used in electricity distribution was accessed without authorization, and systems managing renewable output faced interference even though overall service stayed online. Communication failures also affected combined heat and power facilities. Entry was gained through systems tied to grid stability, with damage remaining localized but irreversible at one location. 
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents

Read the original article: