The Polish government rushing to finalize a National Cybersecurity System Act for earlier this month / current legislative push
Public Sector Action
Summary
Hide ▲
Show ▼
Poland's government is rushing to finalize a National Cybersecurity System Act implementing NIS2, which would impose stricter risk management, IT and OT security, and incident response requirements. The push matters because it would raise the cybersecurity baseline for Polish institutions and the broader market. The move comes amid heightened concern over foreign-state interference and resilience of critical systems.
Related Happenings
ELECTRUM and KAMACITE split OT access-and-execution operating model
Threat Actor Meta
First: 28.01.2026 18:06
Last: 28.01.2026 18:06
Sources 1
About this happening:
**ELECTRUM** and **KAMACITE** are operating as a split **OT intrusion** ecosystem, with one cluster focused on access and the other on execution, which increases flexibility and e...
ELECTRUM and KAMACITE split OT access-and-execution operating model
Threat Actor MetaAbout this happening: **ELECTRUM** and **KAMACITE** are operating as a split **OT intrusion** ecosystem, with one cluster focused on access and the other on execution, which increases flexibility and e...
Polish power grid hit by network compromise
Incident
First: 28.01.2026 18:06
Last: 28.01.2026 18:06
Sources 1
About this happening:
Dragos disclosed a late-December cyberattack on the Polish power grid that disrupted OT communication and control at distributed generation sites. The intrusion affected combined...
Polish power grid hit by network compromise
IncidentAbout this happening: Dragos disclosed a late-December cyberattack on the Polish power grid that disrupted OT communication and control at distributed generation sites. The intrusion affected combined...
Latest development: 29.01.2026 00:14
Dragos says a coordinated cyberattack on Poland's power grid in late December targeted multiple distributed energy resource (DER) sites across the country, including combined heat and power (CHP) facilities and wind and solar dispatch systems. The activity compromised OT systems, damaged key equipment beyond repair, disabled communications equipment at multiple sites, wiped Windows systems, and left power generation uninterrupted while affecting at least 12 confirmed sites, with Dragos estimating about 30. Dragos attributes the activity with moderate confidence to the Russian threat actor Electrum and describes it as distinct from Sandworm (APT44).
Sandworm destructive campaign against Poland’s power grid
Campaign
First: 26.01.2026 12:55
Last: 26.01.2026 12:55
Sources 1
How related:
ESET claimed in a brief statement on Friday that the group was responsible for a series of attacks on Poland’s power grid in late December.
About this happening:
**Sandworm** ran a **coordinated campaign** against **Poland’s power grid** in late December 2025, using a destructive wiper named **DynoWiper**. The activity targeted **two CHP p...
Sandworm destructive campaign against Poland’s power grid
CampaignHow related: ESET claimed in a brief statement on Friday that the group was responsible for a series of attacks on Poland’s power grid in late December.
About this happening: **Sandworm** ran a **coordinated campaign** against **Poland’s power grid** in late December 2025, using a destructive wiper named **DynoWiper**. The activity targeted **two CHP p...
Sandworm DynoWiper wiper attack on Polish energy infrastructure
Malware Activity
First: 24.01.2026 10:21
Last: 24.01.2026 10:21
Sources 1
How related:
“The attackers deployed a wiper, which we analyzed and named DynoWiper. We’re not aware that any successful disruption occurred as a result of this attack,” explained ESET principal threat intelligence researcher, Robert Lipovsky.
About this happening:
**Sandworm** used **DynoWiper**, a previously undocumented **wiper malware**, in a failed attack against **Poland's energy sector**. The activity targeted **two combined heat and...
Sandworm DynoWiper wiper attack on Polish energy infrastructure
Malware ActivityHow related: “The attackers deployed a wiper, which we analyzed and named DynoWiper. We’re not aware that any successful disruption occurred as a result of this attack,” explained ESET principal threat intelligence researcher, Robert Lipovsky.
About this happening: **Sandworm** used **DynoWiper**, a previously undocumented **wiper malware**, in a failed attack against **Poland's energy sector**. The activity targeted **two combined heat and...
Latest development: 29.01.2026 00:14
Dragos says the late-December attack on Poland's power grid was carried out by the Russian activity cluster Electrum with moderate confidence, noting overlap with Sandworm (APT44) but treating Electrum as a distinct cluster. The group targeted exposed and vulnerable RTUs, network edge devices, monitoring and control systems, and Windows-based machines at DER sites, disabled communications equipment at multiple sites, and wiped some Windows systems.
Jaguar Land Rover (JLR) hit by cyberattack
Incident
First: 06.01.2026 13:15
Last: 06.01.2026 13:15
Sources 1
About this happening:
**Jaguar Land Rover (JLR)** said a **September ransomware attack** knocked out production for **several weeks** and caused **£196m ($258m)** in cyber-related costs, adding to **£4...
Jaguar Land Rover (JLR) hit by cyberattack
IncidentAbout this happening: **Jaguar Land Rover (JLR)** said a **September ransomware attack** knocked out production for **several weeks** and caused **£196m ($258m)** in cyber-related costs, adding to **£4...
Timeline
-
26.01.2026 12:55 2 articles · 4mo ago
Poland rushes to finalize NIS2 cybersecurity act
Legal Policy Action UpdatePoland’s government is rushing to finalize a National Cybersecurity System Act implementing NIS2, aiming to impose stricter requirements for risk management, IT and OT security, and incident response on Polish institutions and market participants.
Show sources
- Wiper Attack on Polish Power Grid Linked to Russia’s Sandworm — www.infosecurity-magazine.com — 26.01.2026 12:55
- Wiper Attack on Polish Power Grid Linked to Russia’s Sandworm — www.infosecurity-magazine.com — 26.01.2026 12:55