Sandworm is an advanced persistent threat operated by Military Unit 74455, a cyberwarfare unit of the GRU, Russia's military intelligence service. From Wikipedia
The cyberattack by Russia's GRU-affiliated Sandworm team used an evolved 'living off the land' approach, exploited legitimate network tools, and was potentially coordinated with physical missile strikes; the attack intensified concerns around the targeted specific vulnerabilities of OT systems in critical infrastructure worldwide.
