Light Dark
June 24, 2024 By Jennifer Gregory 3 min read
News

Visitors to the Polish Press Agency (PAP) website on May 31 at 2 p.m. Polish time were met with an unusual message. Instead of the typical daily news, the state-run newspaper had supposedly published a story announcing that a partial mobilization, which means calling up specific people to serve in the armed forces, was ordered by Polish Prime Minister Donald Tusk beginning on July 1, 2024.

Deputy Prime Minister Krzysztof Gawkowski refuted the claim on X (formerly Twitter). His post read: “The message [from] @PAPinformacje regarding partial mobilization is false. We have started urgently investigating the matter. Everything points to a cyberattack and planned disinformation! I will keep you updated on further arrangements.”

After this cyberattack, Poland announced that it is increasing its cybersecurity spending to almost $760 million to improve digital security.

Suspected Russian-directed malware attack spreading misinformation

In an interview, Gawkowski told Polsat News that the goal of the attack was to spread disinformation before the elections, to paralyze society. He also shared that the false posts were delivered through malware and were spotted within two minutes.

“Everything indicates that we are dealing with a cyberattack that was directed from the Russian side,” says Gawkowski. “And the goal: disinformation before the elections, paralyzing society, showing that Russia can interfere in the elections in Poland today,” he said.

While Gawkowski states that Russia allegedly conducted the attack, Russia has denied all claims.

Using funds to improve digital security

The Polish government wants to be prepared for future attacks. Gawkowski announced a plan for an increased cybersecurity budget on June 3, 2024.

“We want to allocate over 3 billion zlotys for a ‘Cyber Shield,’” said Gawkowski in a news conference. “Today, Poland is on the frontline of the cyber fight against Russia. Poland has the most attacks. (Russia) has one goal — to destabilize the situation and ensure that the forces supporting the breakup of the EU can benefit,” Gawkowski added.

Gawkowski said that the new funding plan will be a joint effort by the government, of the Ministries of Interior and Digitalization. The additional funds will be used to create a cyber shield that will carry out regular security reviews and build resilience at the critical infrastructure level. The goal of these efforts is to show the world that Poland is a leader in both digital security and digital change in Europe. He said that specific details regarding the steps the government is planning to take are being kept confidential to protect the country.

Protecting against disinformation attacks

Poland suffered a disinformation attack, which happens when cyber criminals mislead, cause harm or profit from spreading falsehoods. The goal of this type of attack is deception. Often, it’s multi-pronged, with the information being disseminated in different ways and locations.

Here are tips for reducing risk and preparing to manage a disinformation attack:

  1. Use social media monitoring tools. Because social media is often the channel used for disinformation attacks, organizations can reduce their risk by monitoring social media platforms for potential attacks.
  2. Provide training. Often, training for this type of attack is overlooked, both in how to spot it and how to respond. Because there is a public relations component, be sure to include your communications team in the preparation.
  3. Include disinformation attacks in your crisis response plan. Because the response to this attack is usually a bit different, be sure to include a section in your plan detailing how to respond.

By focusing on this type of attack as well as creating a cyber shield, businesses and nation-states can reduce the risk of a disinformation attack and recover more quickly when it happens.

To learn how IBM X-Force can help you with anything regarding cybersecurity including incident response, threat intelligence, or offensive security services schedule a meeting here.

If you are experiencing cybersecurity issues or an incident, contact X-Force to help: US hotline 1-888-241-9812 | Global hotline (+001) 312-212-8034.

 |  |  | 
Jennifer Gregory
Cybersecurity Writer

More from News
November 18, 2024

Research finds 56% increase in active ransomware groups

4 min read - Any good news is welcomed when evaluating cyber crime trends year-over-year. Over the last two years, IBM’s Threat Index Reports have provided some minor reprieve in this area by showing a gradual decline in the prevalence of ransomware attacks — now accounting for only 17% of all cybersecurity incidents compared to 21% in 2021. Unfortunately, it’s too early to know if this trendline will continue. A recent report released by Searchlight Cyber shows that there has been a 56% increase in…

November 4, 2024

Cyberattack on American Water: A warning to critical infrastructure

3 min read - American Water, the largest publicly traded United States water and wastewater utility, recently experienced a cybersecurity incident that forced the company to disconnect key systems, including its customer billing platform. As the company’s investigation continues, there are growing concerns about the vulnerabilities that persist in the water sector, which has increasingly become a target for cyberattacks. The breach is a stark reminder of the critical infrastructure risks that have long plagued the industry. While the water utility has confirmed that…

October 28, 2024

CISA and FBI release secure by design alert on cross-site scripting 

3 min read - CISA and the FBI are increasingly focusing on proactive cybersecurity and cyber resilience measures. Conjointly, the agencies recently released a new Secure by Design alert aimed at eliminating cross-site Scripting (XSS) vulnerabilities, which have long been exploited to compromise both data and user trust. Cross-site scripting vulnerabilities occur when a web application improperly handles user input, allowing attackers to inject malicious scripts into web pages that are then executed by unsuspecting users. These vulnerabilities are dangerous because they don't attack…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature