"At least 4,350 email accounts belonging to Polish citizens have been targeted by the (hacker) attack" - the spokesman for the special services minister-coordinator Stanisław Żaryn said on Tuesday. He added that the services have information linking the attackers to Russian special services.
In the first half of June, minister Michał Dworczyk, Chief of Prime Minister's Chancellery, informed that his email account had been attacked. On Friday, Deputy Prime Minister and Poland's de facto leader Jarosław Kaczyński informed that top Polish government officials have been hit by a far-reaching cyber attack conducted from Russian territory. "The analysis of our services and the secret services of our allies allows us to clearly state that the cyber attack was carried out from the territory of the Russian Federation. Its scale and range are wide," he said on the government website.
On Tuesday, the spokesman for the special services minister-coordinator Stanisław Żaryn said that "according to Internal Security Agency and the Military Counterintelligence Service, the target list of the social engineering attack carried out by the UNC1151 group included at least 4,350 email accounts belonging to Polish citizens or appearing in Polish email services".
"At least 500 users replied to the information sent out by the attack orchestrators, which largely increased the likelihood of the attackers' success. Polish services possess reliable information linking operations of the UNC1151 group to those carried out by Russian special services" - we read in a statement.
Żaryn informed that among the 4,350 attacked accounts, 100 belonged to state officials - members of the previous and current governments, deputies, senators, local governors.
"The attack affected persons of various political affiliations, as well media and NGO representatives. On the list there was also account used by minister Michał Dworczyk. Services responsible for cybersecurity have analysed a few messages sent to the minister's account, which could have been used to potential phishing - their content and structure were designed to compromise login password. A few foreign log-ins to minister Dworczyk's email account were also detected" - he said in a statement.
According to Żaryn, "all information gathered so far suggest that the UNC1151 group's operations which have recently affected Poland, were part of a 'Ghostwriter' operation, which goal is to destabilise political situation in Central-European countries".
"Last week, the Internal Security Agency notified the special services of NATO member states about the recent cyberattacks against Poland" - he informed.
Źródło: TVN24 News in English, tvn24.pl, PAP