Poland dismantles cyber sabotage group linked to Russia, Belarus

Avatar

Poland’s security services said they have broken up an alleged cyber sabotage group linked to Russia and Belarus that attempted to “paralyze” the country with cyberattacks.

The group, whose members were not publicly identified, extorted information from Polish local government agencies and state companies related to military and security matters, Poland’s Minister of Digital Affairs, Krzysztof Gawkowski, said during a press briefing on Monday. He referred to the group’s activities, which included blackmail, as “de facto cyberwar.”

The group was allegedly responsible for the attack on Poland’s anti-doping agency, POLADA. Earlier in August, the agency reported that hackers “supported by the services of a hostile state” were suspected of leaking over 50,000 confidential files, including medical records and testing histories of Polish athletes, from POLADA.

At that time, the group Beregini, which describes itself on Telegram as a “Ukrainian hacker group,” claimed responsibility for the attack, stating that it was a response to the Olympic Games being “turned into a political oppression instrument.”

Beregini has previously been observed working in coordination with other pro-Russian groups to share fake documents and spread false information about Ukraine’s war plans. Russia is known for using hacktivist groups to disguise the work of its intelligence services and complicate attribution.

Gawkowski said that the attack on POLADA was part of “a broader operational game” conducted by the dismantled group and was likely aimed to later gain access to other Polish institutions.

The goal of the sabotage group’s attacks, according to Gawkowski, was “to paralyze the country in the political, military, and economic spheres.”

He added that all institutions affected by these malicious activities have been informed by the security services and that the data extortion and blackmail carried out by the group’s members “have been stopped.”

According to Gawkowski, cyberattacks on Poland have doubled since last year, amounting to more than 400,000 in the first half of the year. The country is an attractive target for pro-Russian hackers since it supplies military aid to Ukraine and hosts Ukrainian refugees.

Poland’s Minister of Internal Affairs, Tomasz Siemoniak, said during the press briefing that the country’s government “draws conclusions from all threats and such situations.”

“The sphere of cyberspace is becoming increasingly important,” he said. “It is also becoming a tool for coordinating and organizing various activities of foreign services in Poland.”

CybercrimeGovernmentNews
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Daryna Antoniuk

is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.

 

Total
0
Shares
Previous Post

One More Tool Will Do It? Reflecting on the CrowdStrike Fallout

Next Post

Ransomware attack forces high school in London to close and send students home

Related Posts

New GootLoader Campaign Targets Users Searching for Bengal Cat Laws in Australia

In an unusually specific campaign, users searching about the legality of Bengal Cats in Australia are being targeted with the GootLoader malware. "In this case, we found the GootLoader actors using search results for information about a particular cat and a particular geography being used to deliver the payload: 'Are Bengal Cats legal in Australia?,'" Sophos researchers Trang Tang, Hikaru Koike,
Avatar
Read More