14 DAY TRIAL // Local Polish media reports that the country's government network was the target of an organized cyberattack back in September. The authorities are reluctant to disclose details about the incident, but apparently the attack originated in Russia.
According to the Polish Rzeczpospolita (The Republic) newspaper, the cyberattack occurred around September 17, the anniversary of the Invasion of Poland, which marked the start of World Word II. At the same time, the Russian Prime Minister Vladimir Putin was visiting the Polish Westerplatte peninsula, where the first WWII battle occurred.
Colonel Pawel Bialek, the deputy chief of Poland's internal security agency Agencja Bezpieczenstwa Wewnetrznego (ABW), told Rzeczpospolita that the attacks targeted the servers of several unnamed government agencies. He also pointed out that the assaults were blocked thanks to the agency's cyberpatrol who detected the suspicious traffic.
ABW has a specialized division that monitors and protects the networks and websites of over fifty government institutions. And even though it refused to release any additional details about the incident, saying it’s a matter of national security, it stressed that such attacks are rarely successful.
In addition, the Polish government's Computer Emergency Response Team (CERT.GOV.PL), established at the beginning of 2008, also monitors the traffic on government networks. It operates an early warning system called ARAKIS-GOV, which is able to detect emerging threats.
The ARAKIS-GOV system recorded over one million incidents in 2008, while so far in 2009, around 450,000 have been detected. According to the collected data, most of these attacks were launched from computers located in US and China; however, this in not a strong indication of their true origin.
Attacks are generally performed with the help of botnets, armies of compromised computers, which are commanded to behave maliciously. The fact that the majority of these computers are located in a specific country does not necessarily mean that the attacker who controls them is also there.
Nevertheless, Russia was linked to other major cyberattacks in the past. In 2007, Russian hackers crippled the entire Estonian IT infrastructure, after the country's government decided to relocate a WWII soviet memorial monument. During the 2008 armed conflict between Russia and Georgia, the website of the Georgian Presidency and other government institutions were hit. In January this year, the Internet went down across the entire Republic of Kyrgyzstan. The incident is suspected to have been caused by the Russian cyber-militia.