Episode 399

Sabotage on the Grid: The 2025 Polish Energy Attacks

February 7, 202634m 55s

Audio is streamed directly from the publisher (mcdn.podbean.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.

Original episode page

Show Notes

This episode uncovers the details behind the coordinated cyber sabotage that struck Polish wind farms, a combined heat and power plant, and a manufacturing firm on December 29, 2025. We explore how attackers exploited vulnerable FortiGate VPNs and default credentials to deploy destructive "DynoWiper" malware and corrupt critical industrial firmware, aiming to permanently disable physical equipment. Finally, we examine the forensic evidence linking these attacks to the "Static Tundra" activity cluster and discuss the broader risks facing critical infrastructure today.

www.breached.company/polands-winter-power-grid-attack-sandworms-dynowiper-targets-30-facilities-in-coordinated-critical-infrastructure-assault

Sponsor:

www.cisomarketplace.com

← All episodes of CISO Insights: Voices in Cybersecurity