The Polish Space Agency (POLSA) is currently offline following a significant cyberattack that forced the agency to disconnect its systems from the internet over the weekend.
The attack’s discovery led POLSA to promptly report the incident to relevant authorities and initiate a thorough investigation to determine the attack’s full impact. In a statement released on Sunday, POLSA confirmed the incident, stating:
“There has been a cybersecurity incident at POLSA. The relevant services and institutions have been informed. The situation is being analyzed. In order to secure data after the hack, the POLSA network was immediately disconnected from the Internet. We will keep you updated.”
POLSA has not yet disclosed the specific nature of the attack or identified the responsible threat actor. However, internal sources speaking to The Register revealed that attackers compromised POLSA’s email systems, forcing staff to rely on phones for communication during the recovery process.
This disruption underscores the critical role email plays in organizational operations and the severe consequences of its compromise. This situation mirrors recent incidents like the Freddie Mac Data Breach where sensitive information was exposed.
The Polish government is actively involved in the response. Krzysztof Gawkowski, Poland’s Minister of Digital Affairs, confirmed the agency’s efforts, stating:
“In connection with the incident, the systems under attack were secured. CSIRT NASK, together with CSIRT MON, supports POLSA in activities aimed at restoring the operational functioning of the Agency. Intensive operational activities are also underway to identify who is behind the cyberattack. We will publish further information on this matter on an ongoing basis.”
This collaborative approach involving CSIRT NASK (Polish Computer Security Incident Response Team) and CSIRT MON (Polish Military Computer Security Incident Response Team) showcases a coordinated national response to a significant cybersecurity incident.
POLSA, established in 2014, is a member of the European Space Agency (ESA). Its mission focuses on supporting the Polish space industry and enhancing Polish defense capabilities through satellite technologies.
The agency’s work involves securing funding from the ESA for Polish entrepreneurs and collaborating internationally on space exploration projects. The disruption caused by this attack highlights the potential impact on critical national infrastructure and international collaborations.
Similar attacks targeting critical infrastructure have been reported recently, emphasizing the need for robust cybersecurity measures.
The ongoing investigation aims to identify the perpetrators and the full extent of the data breach. POLSA’s commitment to keeping the public updated underscores the seriousness of the situation and the importance of transparency in cybersecurity incidents. The incident serves as a reminder of the ever-evolving threat landscape and the necessity for robust cybersecurity defenses for all organizations, regardless of size or sector.
For more information on current threats, see our piece on the Top Cyber Threats Facing Enterprise Businesses in 2025.
