Russia’s Sandworm hackers lurking
Energy ministers met to discuss the Commission’s proposed grids package on Monday, which will also seek to address security risks to energy infrastructure.
European countries, especially those on the front line, are pushing to include measures to patch up critical vulnerabilities in grids and networks as part of the package, according to three diplomats briefed on ongoing discussions.
The threats to energy grids are coming from all sides, new research this week showed.
In a report by Amazon’s cloud division out on Monday, the tech giant gave new details of a “years-long Russian state-sponsored campaign” against critical infrastructure, focused especially on the energy sector in the United States, Europe and the Middle East. Hackers targeted electric utility organizations, energy providers, energy cybersecurity companies, cloud platforms and telecom providers, it said.
Amazon linked the campaign to Russia’s notorious threat group Sandworm, which Western security services have linked to Moscow’s military intelligence service, or GRU. Sandworm is one of the Kremlin’s most stealthy cyberthreat groups, and is believed to be behind a 2015 attack that took down Ukraine’s power grid, and to another disruption of the Ukrainian power grid in 2023.
Europe’s energy infrastructure has also suffered a rise in “hybrid” attacks as well as outright sabotage in recent years, including attacks on the Balticconnector gas pipeline in 2023 and the subsea power cable EstLink in 2024.