Poland to probe Russia-linked cyberattack on state news agency


Polish prosecutors are investigating a suspected Russian cyberattack on the country’s state news agency.

The likely goal of the May attack on the Polish Press Agency, or PAP, was disinformation “aimed at causing serious disturbances in the system or economy of the Republic of Poland by an undetermined person or persons involved in or acting on behalf of foreign intelligence,” a spokesperson for the Warsaw District Prosecutor’s Office told the state outlet.

This offense is punishable by no fewer than eight years in prison under local law. The probe has been assigned to the Internal Security Agency.

During the attack, hackers published fake news on the PAP website claiming the country’s authorities had announced a partial mobilization of 200,000 men who were to be sent to fight in a war in Ukraine.

After the article was deleted by PAP, the hackers reposted it. Polish authorities blamed the attack on Russia. 

“Everything indicates that we are dealing with a cyberattack that was directed from the Russian side,” Poland’s Digital Affairs Minister Krzysztof Gawkowski said following the incident.

According to him, the hackers got into the news agency’s system by infecting the device of one of PAP’s employees with malware. Gawkowski said that the attack was “targeted” and intended to cause panic and “shake up the system.” 

Poland is “on the frontline of the cyber fight against Russia,” he added. 

PAP chief executive officer Marek Błoński condemned the attack, saying it was likely designed to interfere with the European Parliament election in June, echoing the statement of Prime Minister Donald Tusk, who called the incident “another very dangerous hacker attack” that “illustrates Russia’s destabilization strategy on the eve of the European elections.”

The Russian embassy in Warsaw told Reuters that it was not aware of the incident and declined to comment.

Poland has experienced an increase in Russian cyberattacks over the past few months, leading it to announce a $760 million investment in cyber defenses. 

In June, it also signed a deal with the U.S. to strengthen their cooperation against “foreign information manipulation,” including from Russia.

Suspected Russian hackers have previously used legitimate news websites to spread propaganda. In February, they attacked several popular Ukrainian media outlets, posting fake news related to the war.

Russian hacker groups targeting Ukrainian media include notorious state-controlled threat actors like Sandworm, according to Ukraine’s Computer Emergency Response Team (CERT-UA).

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Daryna Antoniuk

is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.


Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Indonesia’s communications minister faces pressure to resign following cyberattack

Next Post

Prudential revises breach notice to say 2.5 million affected by February incident

Related Posts

Critical GitHub Enterprise Server Flaw Allows Authentication Bypass

GitHub has rolled out fixes to address a maximum severity flaw in the GitHub Enterprise Server (GHES) that could allow an attacker to bypass authentication protections. Tracked as CVE-2024-4985 (CVSS score: 10.0), the issue could permit unauthorized access to an instance without requiring prior authentication. "On instances that use SAML single sign-on (SSO) authentication with the
Read More