Russian hackers breached Polish power grid thanks to bad security, report says

A recent report from Poland’s Computer Emergency Response Team (CERT) revealed that Russian government hackers breached parts of Poland’s energy grid infrastructure, specifically targeting wind and solar farms as well as a heat-and-power plant. The attackers exploited poor security practices, including the use of default usernames and passwords and the absence of multi-factor authentication, which allowed them relatively easy access. Once inside, the hackers attempted to deploy wiper malware aimed at destroying system data and potentially disrupting power supply, though their exact intent remains unclear. While the malware attacks were halted at the heat-and-power plant, the wind and solar farms suffered operational disruptions due to the malware rendering their monitoring and control systems inoperable. Despite these intrusions, no actual power outages occurred, and the report emphasized that even a successful attack would not have compromised the overall stability of Poland’s power grid. Additionally, Poland’s CERT attributed the incident to a known Russian hacking group typically associated with cyberespionage rather than destructive cyberattacks, highlighting a concerning