„Poland has made the development and consolidation of cybersecurity competences in the Army a priority. This determination, very strong personal leadership, access to talent, as well as good cooperation with international partners, allow us to be successful,” says Joanna Świątkowska, PhD., expert in cybersecurity at the Kościuszko Institute and program director at CYBERSEC in a conversation with BiznesAlert.pl.
In the 21st century, cyberspace, not a regular battlefield, is where superpowers are competing with one another, which is why protecting the domestic critical infrastructure plays a huge role and guarantees safety.
The MIT has published its annual Cyber Defence Index 2023 where the Polish army took the sixth place and was second only to Australia, the Netherlands, South Korea, the USA and Canada.
Why did Poland rank so high?
Poland has made the development and consolidation of cybersecurity competences in the Army a priority. This determination, very strong personal leadership, access to talent, as well as good cooperation with international partners all translate into clear successes.
What are the most common potential targets for hacker attacks?
Aggressors using cyberspace for hostile activities have different motivations, which means they have different goals. Those who are interested in financial gain attack targets and choose methods that can bring potential profits.
In recent years, ransomware attacks – encrypting data, systems and extorting ransom [in exchange for the promise of unlocking them] – are on top of the list. Everyone can fall victim to them – both large organizations, small entities (private and public), but also ordinary users. The financial sector is at a huge risk.
A different motivation is behind the aggressors involved in political conflicts, where the perpetrators most often want to destroy, paralyze systems or steal confidential information. Russia’s war in Ukraine and accompanying cyberattacks show that the targets are mostly critical infrastructure in sectors such as telecommunications, energy, transport, but also public and defence entities.
Increasingly, we are also seeing attacks on the supply chain, where the victims are entities that are only a stepping stone on the way to achieving the ultimate goal.
Where do attacks on Poland’s critical infrastructure come from? Is Russia the only aggressor?
As mentioned above, attacks are varied and dictated by different goals. They are not only inspired by state entities, they are very often independent groups of criminals eager for financial profits. In such cases attacks can come literally from all directions.
However, it is apparent that in the face of the war in Ukraine and the political involvement of Poland, our systems will be exposed to increased attacks conducted in cyberspace and having a political background. Russian hackers (e.g. APT28, APT29 groups) and other groups favouring them therefore constitute the main threat.
At the end of August, there was a break-in on the frequency of Polish railways and unauthorized broadcasting of the radio-stop signal. During the break, the Russian national anthem and Vladimir Putin’s speech were heard. How would you comment on this incident?
Sending a radio-stop signal can not lead to the most disastrous consequences, so this was not an example of the most dangerous type of incident. The representatives of the Polish group CISO #Poland have made interesting comments on this occurrence in this spirit.
Having said that, it is worth emphasizing that the incident should draw attention to the need to increase efforts aimed at securing industrial control systems. This entails many challenges, especially as these systems, by their very nature, are often outdated and insufficiently secured.
In the face of the convergence of OT (operational technology) and IT solutions, we are facing a lot of efforts related to improving cybersecurity. In particular, Poland’s involvement in supporting Ukraine increases the risk of attacks on critical infrastructure.
Interview by Jacek Perzyński