Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime

Polish Government Disrupts Russian and Belarusian Hacks

Polish Deputy Prime Minister Says Russia Is Waging 'De Facto Cyberwar'
Polish Government Disrupts Russian and Belarusian Hacks
Polish Deputy Prime Minister Krzysztof Gawkowski, left, speaks during a Sept. 9, 2024, press conference. (Image: Government of Poland)

The Polish government said it faces an onslaught of cyberattacks from Russian and Belarusian security agencies intent on cyberespionage and blackmail.

See Also: OnDemand | 2024 Phishing Insights: What 11.9 Million User Behaviors Reveal About Your Risk

Poland Deputy Prime Minister Krzysztof Gawkowski said Monday that civilian and military cyber defenders in August stymied an attempted attack meant to paralyze the government, Polish public media reported Monday.

Poland is in the midst of a "de facto cyberwar," Gawkowski said during a press conference, stating that Russian and Belarusian security agencies are attempting to exfiltrate sensitive data with which they can coerce individuals and institutions.

Gawkowski said the attacks began with the threat actors compromising the Polish Anti-Doping Agency to gain access to the country's federal and local networks. Previous targets have included the Polish Press Agency.

"Poland's willingness to speak out against Russian activities is likely driven by heightened security concerns, rooted in both historical and geopolitical factors, especially the current conflict in Ukraine," said Eugenio Benincasa, a senior cybersecurity researcher at ETH Zurich.

Russia's cyberattacks against Poland are intended to undermine the country's ability to support Ukraine's defense and resource access, he added.

Poland has emerged as a leading provider of military assistance to Ukraine following Russia's February 2022 invasion of Ukraine, delivering weapons and ammunition worth over 4 billion euros, the Ukrainian government said earlier this year. The country also serves as a key logistics hub for international assistance flowing into Ukraine.

The Russian attack against the Polish Press Agency "appears to be part of a broader Russian disinformation campaign. By employing these low-cost, high-impact methods, Russia aims to exert influence, shape public opinion, and destabilize key NATO and EU member states supporting Ukraine," Benincasa said.

The Polish government did not disclose any additional details regarding the Belarusian and Russian actors on Monday, although, in a press statement in May, the Computer Emergency Response Team of Poland attributed a malware campaign targeting its government to Unit 26165 of the Russian Main Intelligence Directorate, commonly tracked as APT28 or Fancy Bear.

Hackers from another unit of the Russian GRU commonly tracked as Sandworm have also been active in Poland (see: Belarus Hackers Targeting Poland, Ukraine With RAT, Phishing).


About the Author

Akshaya Asokan

Akshaya Asokan

Senior Correspondent, ISMG

Asokan is a U.K.-based senior correspondent for Information Security Media Group's global news desk. She previously worked with IDG and other publications, reporting on developments in technology, minority rights and education.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.