Russian Hackers Attack Polish Power Grid Because of Weak Security

Warsaw: Russian hackers sneaked into parts of Poland’s power grid using simple passwords and left doors wide open. Poland’s Computer Emergency Response Team (CERT) shared details of a big attack last year by suspected Russian hackers. The hackers did not face much trouble when trying to get into the systems used at wind and solar farms and a heat-and-power plant.

The systems used default usernames and passwords, which is a very basic mistake for companies that want to be safe. CERT also noticed that these systems did not have extra security steps like multi-factor authentication. Because of these big oversights, the hackers were able to enter easily.

The hackers wanted to infect these systems with destructive malware, which is software designed to erase data and stop systems from working. However, the malware did not completely shut down the power at any place. Instead, it made parts of the control systems for the power grid useless. CERT said the malware caused trouble, but not powerful enough to cut off electricity in Poland or make the whole system unsafe.

An official report said the attack was “purely destructive,” like setting a building on fire on purpose. Cybersecurity experts previously reported on December 29, accusing a Russian hacking group called Sandworm of being behind the intrusions. Sandworm has created chaos in Ukraine by stopping its electricity before. Poland’s CERT, though, believes a different Russian group, known as Berserk Bear or Dragonfly, was responsible. Berserk Bear is usually more interested in collecting information rather than causing permanent damage.

The Polish government says these kinds of attacks highlight the importance of improving cybersecurity for important infrastructure. Experts think changing outdated passwords and adding better security steps can stop similar problems from happening again.