{"id":208409,"date":"2026-01-31T02:05:00","date_gmt":"2026-01-31T07:05:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/01\/31\/cert-polska-details-coordinated-cyber-attacks-on-30-wind-and-solar-farms\/"},"modified":"2026-01-31T05:00:09","modified_gmt":"2026-01-31T10:00:09","slug":"cert-polska-details-coordinated-cyber-attacks-on-30-wind-and-solar-farms","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/01\/31\/cert-polska-details-coordinated-cyber-attacks-on-30-wind-and-solar-farms\/","title":{"rendered":"CERT Polska Details Coordinated Cyber Attacks on 30+ Wind and Solar Farms"},"content":{"rendered":"

CERT Polska Details Coordinated Cyber Attacks on 30+ Wind and Solar Farms<\/a><\/p>\n

https:\/\/thehackernews.com\/2026\/01\/poland-attributes-december-cyber.html<\/a><\/p>\n

Publish Date: 2026-01-31 02:05:00<\/a><\/p>\n

Source Domain: thehackernews.com<\/a><\/p>\n

\ue804Ravie Lakshmanan<\/span>\ue802Jan 31, 2026<\/span><\/span>Network Security \/ SCADA<\/span><\/p>\n

CERT Polska, the Polish computer emergency response team, revealed that coordinated cyber attacks targeted more than 30 wind and photovoltaic farms, a private company from the manufacturing sector, and a large combined heat and power plant (CHP) supplying heat to almost half a million customers in the country.<\/p>\n

The incident took place on December 29, 2025. The agency has attributed the attacks to a threat cluster dubbed Static Tundra, which is also tracked as Berserk Bear, Blue Kraken, Crouching Yeti, Dragonfly, Energetic Bear, Ghost Blizzard (formerly Bromine), and Havex. Static Tundra is assessed to be linked to Russia’s Federal Security Service’s (FSB) Center 16 unit.<\/p>\n

It’s worth noting that recent reports from ESET and Dragos attributed the activity with moderate confidence to a different Russian state-sponsored hacking group known as Sandworm.<\/p>\n

\"Cybersecurity\"<\/p>\n

“All attacks had a purely destructive objective,” CERT Polska said in a report published Friday. “Although attacks on renewable energy farms disrupted communication between these facilities and the distribution system operator, they did not affect the ongoing production of electricity. Similarly, the attack on the combined heat and power plant did not achieve the attacker’s intended effect of disrupting heat supply to end users.”<\/p>\n

The attackers are said to have gained access to the internal network of power substations associated with a renewable energy facility to carry out reconnaissance and disruptive activities, including damaging the firmware of controllers, deleting system files, or launching custom-built wiper malware codenamed DynoWiper by ESET.<\/p>\n

In the intrusion aimed at the CHP, the adversary engaged in long-term data theft dating all the way back to March 2025 that enabled them to escalate privileges and move laterally across the network. The attackers’ attempts to detonate the wiper malware were unsuccessful, CERT Polska noted.<\/p>\n

On the other hand,…<\/p>\n

Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

CERT Polska Details Coordinated Cyber Attacks on 30+ Wind and Solar Farms https:\/\/thehackernews.com\/2026\/01\/poland-attributes-december-cyber.html Publish Date:…<\/p>\n","protected":false},"author":1,"featured_media":208410,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg5cwnqWO_vrn1IMT0UVtME4aucCsS_J5p48slMlc8jBUgNPFLBUdakBPEj38y6dnkUlrnRMdSA3IB7Jc5hVxU227Jl7T6641Py08_lld2UzvG8YoKmJYr07piXYUzyMFW4HwBDuxUgzu2R-j3pcGZ_2yJIZOKlQPvoMIKXtaj2HXUuJJXsUaf8lqvoD5qm\/s1700-e365\/energy.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,32,29],"class_list":["post-208409","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-malware","tag-network-security"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/208409"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=208409"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/208409\/revisions"}],"predecessor-version":[{"id":208411,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/208409\/revisions\/208411"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/208410"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=208409"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=208409"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=208409"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}