The Polish government is investigating a suspected link between Russia and the cyberattack on the country\u2019s state news agency Polish Press Agency (PAP).
“The Polish Press Agency (PAP) has been hit by a cyberattack; all pertinent information regarding this critical incident is currently being provided to the relevant authorities,” PAP’s liquidator Marek Blonski and PAP’s editor-in-chief Wojciech Tumidalski wrote in a joint statement<\/a>.
\u201cEverything indicates that we are dealing with a cyberattack directed from the Russian side,\u201d said Krzysztof Gawkowski<\/strong><\/a>, a deputy prime minister who also holds the digital affairs portfolio. \u201cThe goal is disinformation ahead of (European Parliament) elections and a paralysis of the society.\u201d
Polish authorities suspect that Russia carried out the attack.\u00a0<\/p>\n\n\n\n
PAP CEO Marek B\u0142o\u0144ski condemned the attack.<\/p>\n\n\n\n
The Russian embassy in Warsaw told Reuters<\/a> it had no knowledge of the incident and declined further comment.<\/p>\n\n\n\n
In May, CERT Polska and CSIRT MON teams issued a warning<\/a> about a large-scale malware campaign targeting Polish government institutions, allegedly orchestrated by the Russia-linked\u00a0APT28<\/a>\u00a0group.<\/p>\n\n\n\n
The attribution of the attacks to the Russian APT is based on similarities with TTPs employed by APT28 in attacks against Ukrainian entities<\/a>.<\/p>\n\n\n\n
\u201cthe CERT Polska (CSIRT NASK) and CSIRT MON teams observed a large-scale malware campaign targeting Polish government institutions.\u201d\u00a0reads the alert<\/a>. \u201cBased on technical indicators and similarity to attacks described in the past\u00a0(e.g. on Ukrainian entities)<\/a>, the campaign can be associated with the APT28 activity set, which is associated with Main Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU).\u201d<\/em>
Pierluigi\u00a0Paganini<\/strong><\/a><\/p>\n\n\n\n
Follow me on Twitter: @securityaffairs<\/strong><\/a> and Facebook<\/strong><\/a> and Mastodon<\/a><\/p>\n\n\n\n
(<\/strong>SecurityAffairs<\/strong><\/a>\u00a0\u2013<\/strong>\u00a0hacking, Polish government)<\/strong>