Robert Lipovský

Robert Lipovsky is a Principal Threat Intelligence Researcher for ESET, with over 15 years' experience in cybersecurity and a broad spectrum of expertise covering both targeted APTs and crimeware. He is responsible for threat intelligence and malware analysis and leads the Malware Research Team at ESET headquarters in Bratislava.

He is a regular speaker at security conferences, including Black Hat USA, RSA Conference, Virus Bulletin, BlueHat, MITRE ATT&CKcon, Gartner Security & Risk Management Summit, and various NATO-organized conferences. He also teaches reverse engineering at the Slovak University of Technology – his alma mater – and at Comenius University.

When not bound to a keyboard, he enjoys traveling, playing guitar and flying single-engine airplanes.

‍

Talk: Cybersabotage against Poland’s Energy Sector – The DynoWiper Attack

On 29 December 2025, a coordinated destructive cyberattack targeted more than thirty renewable energy plants and a combined heat and power plant in Poland – the most significant, albeit unsuccessful, attempt at cybersabotage against NATO territory to date.

The talk goes over technical details of the attack, from initial access through vulnerable FortiGate perimeter devices, credential harvesting, and months long reconnaissance, ultimately culminating in the deployment of the destructive payload: DynoWiper.

We also tackle the question of attribution: our analysis points to Sandworm, primarily based on TTPs revolving around the way DynoWiper was deployed, while CERT Polska links the activity based on network infrastructure to a different Russia-aligned APT group: Berserk Bear.

Combining insights from ESET’s first hand telemetry as well as from CERT Polska’s incident response, participants will gain a comprehensive understanding of Russia’s most escalatory cybersabotage operation outside Ukraine.