Signs Point to Long-Active ‘Sandworm’ Military Intelligence Hackers at WorkRussian cyberattacks in late December 2025 that attempted to disrupt Poland’s power grid have been attributed to “Sandworm,” the codename for an advanced persistent threat group tied to a Moscow military intelligence unit that repeatedly uses wiper malware, including in these attacks.
Russia? To the complete surprise of one, maybe two people on the face of the planet.
cybersecurity for both their IT and operational technology systems[…]
remote access credentials and used them to remotely trigger circuit breakers, “using either existing remote administration tools at the operating system level or remote industrial control system (ICS) client software via virtual private network (VPN) connections.”Why are your critical infrastructure on the internet, Donald Tusk?
