The Polish space agency POLSA over the weekend announced that it has disconnected its network from the internet in response to a cyberattack.
“There has been a cybersecurity incident at POLSA. In order to secure data after the hack, the POLSA network was immediately disconnected from the internet,” the agency announced on X (formerly Twitter).
The agency said the incident has been reported to the relevant authorities and an investigation was launched, but shared no specific information on the type of cyberattack it fell victim to.
While it is possible that POLSA was targeted by ransomware, since disconnecting systems from the internet is the typical response to such an attack, a nation-state attack should not be ruled out either, especially in the context of the Russian-Ukrainian conflict and given Poland’s long-standing support for Ukraine.
“State services responsible for cybersecurity have detected unauthorized access to the Polish Space Agency’s IT infrastructure,” Poland’s minister of digital affairs Krzysztof Gawkowski said on X.
Gawkowski noted that the targeted systems have been secured and that CSIRT NASK (the Polish Computer Security Incident Response Team) and CSIRT MON (the Polish Military Computer Security Incident Response Team) are aiding the restoration efforts.
“Intensive operational activities are also underway to identify who is behind the cyberattack. We will publish further information on this matter on an ongoing basis,” Gawkowski said.
While POLSA’s website remains offline and no updates on the incident have been shared on social media since Sunday, reports suggest that the agency’s internal email services might have been compromised in the attack.
A member of the European Space Agency, POLSA was established in 2014 as a government body responsible for the country’s space activities. Administered by Poland’s Ministry of Economic Development and Technology, the agency develops satellite networks and space technology.
Related: How China Pinned University Cyberattacks on NSA Hackers
Related: UK Engineering Giant IMI Hit by Cyberattack
Related: Smiths Group Scrambling to Restore Systems Following Cyberattack
Related: Conduent Confirms Cyberattack After Government Agencies Report Outages