The Sandworm group is one of the Kremlin’s most notorious cyber threats, often operating in secret. Western intelligence agencies have previously linked the group to an attack that brought down Ukraine’s power grid in 2015 and another attack that brought down Ukraine’s power grid in 2023. According to the British government, the group is part of the Russian GRU military intelligence branch.
The warning comes as the latest incident of “hybrid” sabotage, disruption and digital attacks seen on Europe’s eastern border with Russia following Moscow’s 2022 invasion of neighboring Ukraine, with European governments seeking to protect two vital undersea communications cables linking EU countries. It came out while investigating the rupture of .
This compounds the industry’s difficulties following a sharp rise in gas prices this week after Russian giant Gazprom announced it would cut off supplies to Austria’s biggest importer OMV due to a contract dispute.
Sandra Joyce, head of threat intelligence for Google’s Mandiant cyber division, first raised concerns to top European officials at the Tallinn Digital Summit in Estonia on Tuesday.
“This is what they’re targeting as we sit here this morning,” Joyce said of Sandworm’s ongoing hacking attempts into Europe’s energy grid.
Google said in April that Sandworm, also known as APT44 or Seashell Blizzard, “remains a compelling threat to Ukraine” and that “to date, no other Russian government-backed cyber group has been more active in shaping and supporting Russia’s military campaigns.” “It has never played a central role,” he said. .”
