The Polish government says Russian government hackers have broken into parts of the country’s energy grid infrastructure, taking advantage of its poor security.

Last Friday, Poland’s Computer Emergency Response Team (CERT), part of the Ministry of Digital Affairs, issued a technical report about an incident late last year, in which suspected Russian government hackers hacked into wind and solar farms and a heat-and-power plant. According to the report, the hackers did not face much resistance. The targeted systems used default usernames and passwords and did not have multi-factor authentication enabled, both of which are rare fundamental mistakes.

Hackers try to infect the systems they break into with wiper malware designed to wipe out and effectively destroy systems, perhaps trying to shut down the power, though it’s unclear if that’s their goal. Either way, the attacks were stopped at the heat-and-electricity plant, but not at the wind and solar farms, whose monitoring and control systems of the grid were made inoperable by the malware.

“All attacks are purely destructive in nature – by comparison in the physical world, they can be compared to deliberate acts of arson,” read the report.

The hackers failed to knock out power at any of the facilities they targeted. And even if they succeeded, the report says that the hack “did not affect the stability of the Polish power system at the time in question.”

Cybersecurity companies ESET and Dragos Previously released reports about the attacks, which took place on December 29 last year, accused the notorious Russian government hacking group Sandworm of being behind the intrusions. Sandworm has a documented history of targeting Ukraine’s energy infrastructure and turning out the country’s lights on 2015, 2016and 2022.

Poland’s CERT, however, accused a different group of hacking the Russian government, known as Berserk Bear or Dragonflywhich is not known for malicious attacks, but more traditional cyberespionage.