Poland Power Grid Attack Targets Distributed Energy Facilities

Dragos and CERT Polska describe a coordinated December 29, 2025 cyber attack against distributed energy resources across Poland’s electrical grid that targeted RTUs, network devices, and communications infrastructure; the incident—attributed with moderate confidence to the APT ELECTRUM—was detected and thwarted without reported operational disruption, but demonstrates adversary capability to compromise OT at scale and highlights the need for enhanced OT-native visibility and defenses for distributed generation sites.