Poland to probe Russia-linked cyberattack on state news agency

Polish prosecutors are investigating a suspected Russian cyberattack on the country’s state news agency.

The likely goal of the May attack on the Polish Press Agency, or PAP, was disinformation “aimed at causing serious disturbances in the system or economy of the Republic of Poland by an undetermined person or persons involved in or acting on behalf of foreign intelligence,” a spokesperson for the Warsaw District Prosecutor’s Office told the state outlet.

This offense is punishable by no fewer than eight years in prison under local law. The probe has been assigned to the Internal Security Agency.

During the attack, hackers published fake news on the PAP website claiming the country’s authorities had announced a partial mobilization of 200,000 men who were to be sent to fight in a war in Ukraine.

After the article was deleted by PAP, the hackers reposted it. Polish authorities blamed the attack on Russia. 

“Everything indicates that we are dealing with a cyberattack that was directed from the Russian side,” Poland’s Digital Affairs Minister Krzysztof Gawkowski said following the incident.

According to him, the hackers got into the news agency’s system by infecting the device of one of PAP’s employees with malware. Gawkowski said that the attack was “targeted” and intended to cause panic and “shake up the system.” 

Poland is “on the frontline of the cyber fight against Russia,” he added. 

PAP chief executive officer Marek Błoński condemned the attack, saying it was likely designed to interfere with the European Parliament election in June, echoing the statement of Prime Minister Donald Tusk, who called the incident “another very dangerous hacker attack” that “illustrates Russia’s destabilization strategy on the eve of the European elections.”

The Russian embassy in Warsaw told Reuters that it was not aware of the incident and declined to comment.

Poland has experienced an increase in Russian cyberattacks over the past few months, leading it to announce a $760 million investment in cyber defenses. 

In June, it also signed a deal with the U.S. to strengthen their cooperation against “foreign information manipulation,” including from Russia.

Suspected Russian hackers have previously used legitimate news websites to spread propaganda. In February, they attacked several popular Ukrainian media outlets, posting fake news related to the war.

Russian hacker groups targeting Ukrainian media include notorious state-controlled threat actors like Sandworm, according to Ukraine’s Computer Emergency Response Team (CERT-UA).