The attack, detected and analyzed by CERT Polska of NASK and CSIRT (Computer Security Incident Response Team) of the Ministry of Defense, prompted a warning and advisory from NASK on Wednesday. Administrators were urged to verify that their networks hadn't been compromised and to take necessary precautions.
Technical indicators and attack patterns resembling previously documented incidents facilitated the attribution of the cyberattack to the APT28 group. The communiqué also reported that the group is associated with the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU).
(jh)
Source: PAP, RMF24
Click on the audio player above to listen to a report by Radio Poland's Michał Owczarek.