{"id":165139,"date":"2024-07-03T07:45:00","date_gmt":"2024-07-03T07:45:00","guid":{"rendered":"https:\/\/securityaffairs.com\/?p=165139"},"modified":"2024-07-03T07:46:46","modified_gmt":"2024-07-03T07:46:46","slug":"polish-government-investigating-russia-attack","status":"publish","type":"post","link":"https:\/\/securityaffairs.com\/165139\/intelligence\/polish-government-investigating-russia-attack.html","title":{"rendered":"Polish government investigates Russia-linked cyberattack on state news agency"},"content":{"rendered":"
<\/div>\n

The Polish government is investigating a potential connection between Russia and a cyberattack on the country\u2019s state news agency.<\/h2>\n\n\n\n

The Polish government is investigating a suspected link between Russia and the cyberattack on the country\u2019s state news agency Polish Press Agency (PAP).<\/gwmw><\/p>\n\n\n\n

“The Polish Press Agency (PAP) has been hit by a cyberattack; all pertinent information regarding this critical incident is currently being provided to the relevant authorities,” PAP’s liquidator Marek Blonski and PAP’s editor-in-chief Wojciech Tumidalski wrote in a joint statement<\/a>. <\/gwmw>“We are working to strengthen the security of all our systems and services,” Blonski and Tumidalski added.\u00a0<\/em><\/p>\n\n\n\n

The attack on the Polish Press Agency (PAP) occurred in May and aimed at spreading disinformation and destabilizing the country. <\/gwmw><\/p>\n\n\n\n

Authorities believe that a fake news report on Poland\u2019s national news agency, claiming that Prime Minister Donald Tusk was mobilizing 200,000 men starting on July 1, was likely created by Russia-sponsored hackers. The attack appeared to be an attempt to interfere with the upcoming European Parliament election.<\/p>\n\n\n\n

\u201cEverything indicates that we are dealing with a cyberattack directed from the Russian side,\u201d said Krzysztof Gawkowski<\/strong><\/a>, a deputy prime minister who also holds the digital affairs portfolio. \u201cThe goal is disinformation ahead of (European Parliament) elections and a paralysis of the society.\u201d<\/gwmw><\/gwmw><\/gwmw><\/gwmw><\/p>\n\n\n\n

Two fabricated reports about a partial mobilization in Poland starting on July 1, 2024, were released on the PAP service on a Friday afternoon. PAP clarified that they were not the source of these reports, and promptly annulled and withdrawn them. <\/p>\n\n\n\n

Polish authorities suspect that Russia carried out the attack.\u00a0<\/p>\n\n\n\n

PAP CEO Marek B\u0142o\u0144ski condemned the attack.<\/p>\n\n\n\n

\u201cWe are committed to clarifying the issue in collaboration with the appropriate state services\u201d, B\u0142o\u0144ski said.<\/p>\n\n\n\n

Polish media outlets, including Polskie Radio, have reported frequent targeting by Russian hackers, with Polish companies experiencing over 1,400 attacks weekly.<\/p>\n\n\n\n

The Russian embassy in Warsaw told Reuters<\/a> it had no knowledge of the incident and declined further comment.<\/p>\n\n\n\n

In May, CERT Polska and CSIRT MON teams issued a warning<\/a> about a large-scale malware campaign targeting Polish government institutions, allegedly orchestrated by the Russia-linked\u00a0APT28<\/a>\u00a0group.<\/p>\n\n\n\n

The attribution of the attacks to the Russian APT is based on similarities with TTPs employed by APT28 in attacks against Ukrainian entities<\/a>.<\/p>\n\n\n\n

\u201cthe CERT Polska (CSIRT NASK) and CSIRT MON teams observed a large-scale malware campaign targeting Polish government institutions.\u201d\u00a0reads the alert<\/a>. \u201cBased on technical indicators and similarity to attacks described in the past\u00a0(e.g. on Ukrainian entities)<\/a>, the campaign can be associated with the APT28 activity set, which is associated with Main Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU).\u201d<\/em><\/gwmw><\/gwmw><\/p>\n\n\n\n

Pierluigi\u00a0Paganini<\/strong><\/a><\/p>\n\n\n\n

Follow me on Twitter: @securityaffairs<\/strong><\/a> and Facebook<\/strong><\/a> and Mastodon<\/a><\/p>\n\n\n\n

(<\/strong>SecurityAffairs<\/strong><\/a>\u00a0\u2013<\/strong>\u00a0hacking, Polish government)<\/strong><\/gwmw><\/p>\n\n\n\n

<\/gwmw><\/p>\n","protected":false},"excerpt":{"rendered":"

The Polish government is investigating a potential connection between Russia and a cyberattack on the country\u2019s state news agency. The Polish government is investigating a suspected link between Russia and the cyberattack on the country\u2019s state news agency Polish Press Agency (PAP). “The Polish Press Agency (PAP) has been hit by a cyberattack; all pertinent […]<\/p>\n","protected":false},"author":1,"featured_media":54348,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[3323,6],"tags":[4112,9508,9506,10918,687,15196,45,841,1533],"class_list":["post-165139","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-breaking-news","category-intelligence","tag-hacking","tag-hacking-news","tag-information-security-news","tag-it-information-security","tag-pierluigi-paganini","tag-polish-government","tag-russia","tag-security-affairs","tag-security-news"],"yoast_head":"\n杭州江阴科强工业胶带有限公司