A recent string of cyberattacks targeted at thousands of Polish email users, including government officials, have been linked by the Polish intelligence services to a Russian hacking group.
“The findings of the Internal Security Agency and the Military Counterintelligence Service show that the UNC1151 group is behind the recent hacker attacks that hit Poland,” Stanisław Żaryn, a spokesperson for the Polish Minister Coordinator of Special Services, said in a translated statement Tuesday.
“The secret services have reliable information at their disposal which [links] this group with the activities of the Russian secret services,” he said.
Żaryn noted that given past actions of the UNC1151 hacking group, Polish officials believed the attacks on Poland were part of a larger effort to destabilize Central European nations.
Żaryn said that the recent attacks hit 4,000 Polish email users, more than 100 of whom were former and present members of the Polish national government, senators, local government officials and others.
Among those targeted by the hackers was Michał Dworczyk, the chief of the Polish prime minister’s office. Żaryn said there were foreign logins used to access Dworczyk’s email, and several potential malicious phishing emails sent to the account.
The Russian hackers also targeted those working for nongovernmental organizations and media groups.
Żaryn said the Polish government notified member nations of NATO of the hacking incident last week.
The attacks come as Russia is under increasing international pressure due to cyberattacks linked to both the government and cyber criminal groups operating from within the country.
U.S. intelligence agencies linked the Russian government to the SolarWinds hack earlier this year, which compromised nine federal agencies and 100 private sector organizations.
Russian-speaking cyber criminal groups have also been linked to recent ransomware attacks on Colonial Pipeline and JBS USA, which significantly disrupted critical supply chains.
President Biden imposed a sweeping set of sanctions on Russia in April in retaliation for the SolarWinds hack, and addressed his concerns around cybersecurity issues with Russian President Vladimir Putin during their summit in Switzerland last week.
The U.S. and other NATO member states endorsed a new cyber defense policy during the NATO summit in Brussels last week, which took steps to lay out how NATO would respond to a major cyberattack on a member.
Biden told reporters at the summit that the new policy would “improve the collective ability to defend against counter-threats from state and nonstate actors against our networks and our critical infrastructure.”
“Our alliance can still prevail against the challenges of our time,” Biden said.