ICS Devices Bricked Following Russia-Linked Intrusion Into Polish Power Grid

The recent attack on Poland’s power grid, believed to have been conducted by Russian threat actors, targeted communication and control systems across roughly 30 sites and in some cases resulted in permanent industrial control system (ICS) damage, according to industrial cybersecurity firm Dragos.

In a report published this week, the security firm, which has been involved in responding to the incident, described it as the first major operation specifically targeting distributed energy resources (DER).

The attackers gained access to operational technology (OT) systems at combined heat and power (CHP) plants and renewable energy dispatch centers for wind and solar facilities, primarily targeting grid safety and stability monitoring systems rather than active power generation.

Unlike the attacks targeting Ukraine’s grid in 2015 and 2016, the incident did not result in electrical outages. However, the attackers’ activities resulted in some equipment at the affected sites being bricked.

ESET last week ...