Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Poland. Show all posts

Polish State Media Targeted in Alleged Russian-Backed Cyberattack

 

In a concerning development on May 31, the Polish Press Agency (PAP), a state-run media outlet, was targeted in a cyberattack that authorities have attributed to Russian-backed operatives. This incident adds to a growing list of cyber aggression linked to Russian intelligence services, which have previously been accused of targeting Ukraine and various Western nations. 

The European Union (EU) and NATO recently condemned Russia's "malicious cyber campaign" against Germany and Czechia earlier in May, highlighting the persistent threat posed by such activities. On the morning of the attack, PAP's website displayed false messages claiming that Polish Prime Minister Donald Tusk had ordered a "partial mobilization" to begin on July 1. The swift identification of this disinformation was crucial. Deputy Prime Minister Krzysztof Gawkowski promptly declared the message as "false" and confirmed that an investigation was underway. 

He noted, "Everything points to a cyberattack and planned disinformation!" This immediate response was vital in preventing the spread of the false information. Jacek Dobrzynski, spokesperson for the Polish security service, also indicated that the attack was a "probable Russian cyberattack." Gawkowski elaborated on the intent behind the cyber operation, suggesting that it aimed to spread "disinformation before the upcoming EU parliamentary elections" and to "paralyze society." 

The false message was detected within two minutes, and Gawkowski commended the media for accurately labeling it as disinformation, thus preventing further dissemination. Gawkowski's remarks reflect a broader sentiment of heightened vigilance in Poland and across the EU regarding cyber threats. He emphasized that Poland is in a "cold war" with Russia, a stance that underscores the pervasive impact of Russian cyber activities on EU countries. 

This sentiment has been echoed by other European leaders who have called for stronger cyber defenses and increased international cooperation to counter such threats. The incident underscores the ongoing cyber conflict between Russia and Western nations, highlighting the need for robust cybersecurity measures. The EU and NATO's condemnation of Russia's cyber activities against Germany and Czechia earlier in May further illustrates the widespread nature of these threats. Poland's response to the cyberattack on PAP demonstrates the importance of rapid identification and response to disinformation campaigns. 

Gawkowski assured that Prime Minister Tusk was informed of the incident immediately, showcasing the high level of alertness among Polish authorities. As cyber threats continue to evolve, the international community must remain vigilant and proactive in defending against such attacks. This incident serves as a reminder of the critical importance of cybersecurity in safeguarding national security and public trust.

The United States and the West are Afraid of Possible Cyber Attacks by Russian Hackers

 

According to CNN, the FBI has warned American businessmen about the growth of possible cyberattacks using ransomware by Russian hackers against the background of sanctions that US President Joe Biden imposed against Russia in connection with the situation around Ukraine. 

Earlier, Jen Easterly, head of the U.S. Agency for Cybersecurity and Infrastructure Protection, said that Russia might consider taking measures that could affect critical U.S. infrastructure in response to U.S. sanctions. She urged all organizations to familiarize themselves with the steps the agency has developed to mitigate cybersecurity risks. In addition, David Ring, head of cybersecurity at the FBI, said that Russia is allegedly a favorable environment for cybercriminals, which will not become less against the background of the confrontation between Russia and the West over the situation around Ukraine. According to CNN, briefings on such topics have been held by the FBI and the Department of Homeland Security for the past two months. 

It is important to note that Polish Prime Minister Mateusz Morawiecki decided to introduce a special high-level security regime for telecommunications and information technology in the country. 

On February 21, he signed a decree introducing the third level of the Charlie– CRP warning throughout the country. This level is introduced if there is an event confirming the probable purpose of a terrorist attack in cyberspace or if there is reliable information about a planned event. 

The Polish Law on Anti-terrorist actions provides that in the event of a terrorist attack or its threat, the head of government may introduce one of four threat levels: Alfa, Bravo, Charlie, and Delta. The highest level, Delta, can be announced if a terrorist attack occurs or incoming information indicates its high probability in Poland. 

Similar levels marked with CRP relate to threats in cyberspace. They are introduced to strengthen the control of the security level of information systems in order to monitor the possible occurrence of violations in their work. 

The Russian Federation has repeatedly rejected the accusations of Western countries in cyberattacks, calling them unfounded, and also stated that it is ready to cooperate on cybersecurity. 

Earlier, CySecurity News reported that CNN reported citing US administration sources that representatives of the White House, US intelligence, the US Department of Homeland Security (DHS), and other agencies have discussed preparations to repel cyber attacks that could be carried out in the United States and Ukraine.

Polish Authorities Says Recent Hacker Attacks Connected with Special Services of The Russian Federation

On Tuesday, a spokesman for the minister coordinating Poland's intelligence services said the hacking attacks in the republic two weeks ago could allegedly be linked to Russian intelligence services.

According to the report, "the list of targets of the social engineering attack conducted by the hacker group UNC1151 included at least 4,350 email addresses belonging to Polish citizens or operating on Polish email services. The intelligence services have information indicating links between the aggressors with the activities of the Russian special services".

Moreover, the list of 4,350 hacked addresses includes more than 100 accounts used by persons performing state functions, such as members of the former and current government, deputies, senators, and local authorities.

"The list also included an email used by Minister Michal Dworczyk. The services responsible for cyber security recorded several unauthorized accesses to the mailbox used by Minister Dworczyk," the press service said in a statement.

Western countries have repeatedly made claims that Russia is involved in various cyber attacks, including against US government agencies and companies. The Russian side has consistently denied these accusations. In particular, Russian presidential spokesman Dmitry Peskov said earlier that Moscow is not involved in these hacker attacks. According to him, "any accusations of Russia's involvement are absolutely unfounded and are rather a continuation of Russophobia."

On June 9, the head of the office of the head of the Polish government, responsible for the implementation of the National Vaccination Program, Michal Dworczyk, said that he was attacked by hackers. E-mail and social media pages belonging to him and his wife were hacked. 

The Polish Prime Minister asked the Sejm to hold a closed meeting on cyber attacks

 The lower house of the bicameral parliament of Poland (Sejm) will hold a closed session on hacking attacks against representatives of the country's authorities on Wednesday. This was announced on Tuesday at a briefing by the official representative of the Government of the republic, Peter Muller.

"The Prime Minister [Mateusz Morawiecki] asked the Speaker of the Sejm, Elzbieta Witek, to organize a meeting of the chamber in closed mode, so that the government could inform about the cyber attacks that were aimed at Poland," he informed, stressing that during the meeting, the deputies will be acquainted with the classified data.

"Recently, we have been the target of an unprecedented cyber attack aimed at Poland, at Polish institutions, at individual email users," said Muller.

Witek has already confirmed that a closed meeting on the topic of cyber attacks will be held on Wednesday. "We will listen to the Prime Minister's explanations and information," she informed journalists.

On June 9, the head of the office of the head of the Polish government, responsible for the implementation of the National Vaccination Program, Michal Dvorczyk, said that he was attacked by hackers. E-mail and social media pages belonging to him and his wife were hacked. In a statement, the politician suggested that Russian-speaking hackers were involved in the attack, as the information was published in the Russian social network Telegram. The incident is being investigated by the Polish special services and the prosecutor's office.

On Tuesday, Radoslaw Vogel, deputy press secretary of the Poland's ruling conservative Law and Justice (PiS), said that"today someone made an attempt to get data from parliamentary emails." "Anyone can be under threat, there is a constant arms race in matters of online security," he wrote on Twitter.

In addition, on June 11, the UK accused Russia of aiding cyberattacks and called on the G7 to unanimously oppose such acts.

Polish authorities got hacked for the sake of a fake allegation of nuclear waste leakage from Lithuania

Two Polish government websites were hacked to spread false information about a nuclear waste "leak" in neighboring Lithuania.

The incident took place on Wednesday. False information about a non-existent radioactive threat was published on the websites of the Polish National Atomic Energy Agency and the Polish Ministry of Health. In addition, the Twitter account of a journalist who "often writes about Russia and Eastern European countries" was hacked. His page was used to further spread misinformation.

The false statement said that the health and lives of Poles living near the Lithuanian border were in danger. However, the reports did not seem to get much attention.

Polish Security Service spokesman Stanislav Zarin said that "the whole story looked like a typical Russian attempt" to sow suspicion and discord among Western allies.

Zarin said he remembered a similar hacking attempt in 2020 that spread false information about a nonexistent radioactive cloud headed for Poland from Chernobyl in Ukraine.

In February, the Lithuanian Foreign Ministry drew attention to the recent intensification of information and cyber attacks aimed at damaging friendly Lithuanian-Polish relations and "blackmailing the Lithuanian and Polish peoples.

Official Vilnius and other Western countries regularly accuse the Russian side of "cyber attacks" without any evidence or concrete facts. Often Lithuanian politicians hint at the involvement of "Russian hackers" or that they were carried out by "unfriendly countries," although no evidence has been found.

As Russian authorities and experts have repeatedly noted, Moscow has no reason to attack Lithuania or other NATO countries, either real or virtual. Russia rejects all the accusations, noting that they are completely unfounded.

Russian explained why hackers steal personal data of CD Projekt RED employees

 Hackers have broken into the Polish development studio CD Projekt RED, the authors of the sensational game Cyberpunk 2077, and threaten to publish the source codes of the video games, as well as the personal data of the company's employees. Moreover, the attackers have already fulfilled the first part of the promise: the source code of several games of the Polish studio has appeared in the public domain. It is likely that cybercriminals will also reveal the personal data of employees. Alexey Kubarev, Head of the Solar Dozor Business Development Group at Rostelecom-Solar, spoke about why hackers hunt for such information and how they use it.

"The main goal of hackers is to profit from the spread of malicious attacks and fraud. Personal data can be both an end goal - it can be sold, and an intermediate goal - it can be used for the implementation of attacks," explained Kubarev.

According to the specialist, the most demanded information in the cybercriminal world is personal data related to the financial sector, for example, the bank's customer base.

The expert claims that fraudsters buy personal data on the Darknet. "There, the databases are placed by hackers, either who hacked the resource with the database, or received it from insiders."

Attackers figure out the employees they are interested in and, in various ways, make them provide either data or technical access to it.

According to Kubarev, a person cannot influence the protection of personal data that he provides to companies, since the companies that process them are responsible for the security of data.

"So, you should be careful about any letters and websites that require you to enter data about yourself and check whether they really belong to the official domain of the company. In addition, attackers can use social media to collect information, so it would be better to minimize the information with personal data in your accounts or restrict public access to them, if possible," concluded he.