Polish intelligence agencies link cyberattack to Russia

WARSAW, Poland — Poland’s government said Tuesday it has evidence linking a recent cyber attack on thousands of email and social media accounts of politicians, public figures and other Poles to Russia’s secret services.

The spokesman for the minister who coordinates Poland’s intelligence agencies, Stanislaw Zaryn, claimed the attack was part of a campaign to destabilize politics in Central Europe. He said Poland’s Internal Security Agency and military intelligence established that the attacks were by the UNC1151 group.

“The services are in possession of information confirming the links of the aggressors with the activity of the Russian special services,” Zaryn said in a statement.

Some 100 of the more than 4,350 accounts hit in Poland belong to former and current government members, lawmakers and local administration officials, Zaryn said.

The hacks include one revealed earlier this month on the private email and social media accounts of Michal Dworczyk, the head of Prime Minister Mateusz Morawiecki’s office, and Dworczyk’s wife.

Dworczyk insists his account held no classified or sensitive information.

Content allegedly coming from Dworczyk’s account and relating to armaments purchases and Poland’s response to the coronavirus, along with Dworczyk’s ID and driving license, has appeared this month on the Telegram communicator that originated in Russia in 2013.

Prosecutors are investigating, and Zaryn said steps have been taken to increase cybersecurity. Last week, lawmakers met for a closed-doors session to analyze the attacks and draw lessons from them.

Polish security officials often say the hacking of government-linked accounts is aimed at weakening Poland’s position internationally or straining its ties with Western partners. That is widely seen in Poland as a strategic aim of the Kremlin as Warsaw backs sanctions against Russia over its 2014 annexation of Crimea from Ukraine and its support for the authoritarian president of Belarus.