Ampyx Cyber Blog
The Intersection of Regulation & Resilience
![Poland's Energy Sector Attack: When Cyber Sabotage Targets OT [Updated]](https://images.squarespace-cdn.com/content/v1/5f80bdfaeeac37068ed8c60e/1750463988120-77LW8AOEP96E0SZ38CV2/Deep+Dive.png)
Poland's Energy Sector Attack: When Cyber Sabotage Targets OT [Updated]
On December 29, 2025, Poland experienced coordinated destructive cyberattacks across 30+ wind/solar farms, a CHP plant, and manufacturing. Attackers exploited FortiGate devices without MFA, used default credentials on OT equipment, and deployed custom wiper malware designed to damage industrial controls. Every failure was preventable.
Cyber Stress Testing: Strengthening Cyber Resilience in the EU Energy Sector
As cyber threats grow more complex, the EU energy sector is turning to stress testing to bolster its resilience. This post explores ENISA’s 2025 Cyber Stress Test Handbook and how it helps energy providers simulate real-world attacks, uncover vulnerabilities, and strengthen defenses in alignment with NIS2, CER, and the Cyber Solidarity Act.
The European Union's Upgraded NIS2 Cybersecurity Framework
The European Union, with its commitment to digital governance and cyber protection, has recently updated its foundational cybersecurity framework, repealing the previous Network and Information Systems Directive (“NIS”) with the NIS2 Directive. Take a dive into the notable changes, implications, and suggested actions for businesses that fall under its scope.