According to a report by the Internal Security Agency (ABW), Vladimir Putin’s hacker elite has attacked Polish institutions. „It is unclear to what extent they were successful”, reports the Rzeczpospolita daily.
The newspaper recalls that “at the turn of 2015 and 2016, two groups of cyber spies broke into the servers of the Democratic Party in the US and the staff of the party’s candidate Hillary Clinton, causing a high-profile leak of emails. It was only in May 2016 when the intruders were removed from the systems.”
Subsequent findings indicated that groups known as APT28 and APT29 were behind the attack. “Rzeczpospolita” reports that they are likely to be linked to Russia’s Main Intelligence Directorate (GRU) and the Federal Security Service (FSB). They also have conducted other high-profile hacks and last year this elite of Russian cyber spies took on Poland, according to an ABW report.
“The report on the state of Poland’s cybersecurity in 2022” was prepared by the CSIRT GOV Computer Security Incident Response Team led by the Head of the ABW.
One of its main tasks is to identify, prevent and detect threats to the security of ICT systems of public administration bodies, which are important from the point of view of the continuity of the functioning of the state.
The report shows that since the beginning of the Russian aggression against Ukraine, the number of website swapping, DDoS attacks, i.e. from many computers at the same time, and campaigns aimed at phishing have increased significantly. Reports of attacks by groups, known as APTs, are particularly threatening.
The CSIRT GOV report enumerates the activities of five such groups in Poland in 2022. In addition to APT28 and APT29, they included Turla, UAC-0056 and Mustang Panda. The latter is a Chinese group known for its attacks on US think tanks and NGOs. UAC-0056 and Turla are most associated with Russia. The latter group is said to be made up of agents of the Federal Security Service from Ryazan.
Adrian Andrzejewski