Poland’s Supreme Audit Office (NIK) says that over 7,000 cyberattacks were attempted against more than 500 of its devices, with particular clusters of incidents at times when it was conducting politically sensitive audits. It is an “attack on a scale unseen in [our] 103-year history”, says NIK.
The claims, first leaked to the media on Friday and officially announced by NIK today, follow a recent series of findings showing the use of Pegasus spyware against opponents of the ruling party. NIK says it has sent devices for analysis to ascertain whether Pegasus was used in the attacks against it.
Government figures, however, have already dismissed claims that Pegasus was against NIK as “fake news”. Aspokesman for the security service also noted that Banaś is facing charges for a number of alleged crimes.
At today’s press conference, NIK revealed that its cybersecurity team had found that 544 NIK devices were attacked in 7,300 incidents between 23 March 2020 and 23 January 2022, reports Interia.
NIK’s spokesman, Łukasz Pawelski, noted that the peaks of the attacks took place when auditors were investigating the abandoned 2020 elections (for which it later issued notifications of crimes against the prime minister and members of his government) and a justice ministry fund that it found to be a “corruption-generating mechanism”.
However, while some media reported on Friday that the attacks had been carried out using Pegasus, Pawelski said today that such claims are premature. While NIK suspects the spyware was used against three people linked to Banaś, they are awaiting analysis by Citizen Lab, a Canadian cybersecurity watchdog, for confirmation.
In our latest podcast, @stanleysbill talks to @jsrailton of @citizenlab about his work to uncover the Pegasus hacking of opposition figures in Poland.
"You can raise very serious questions as to whether the electoral climate counts as fully fair," he says https://t.co/y1v5BvhKCM
— Notes from Poland 🇵🇱 (@notesfrompoland) January 24, 2022
Following Friday’s reports, the spokesman for Poland’s security services, Stanisław Żaryn, issued a statement dismissing the claims as “untrue”. He also noted that prosecutors are seeking to charge Banaś with a number of crimes. Parliament is due to vote soon on whether to strip the NIK president of his immunity from prosecution.
Following today’s press conference, Żaryn said that NIK had offered “big words [and] shocking announcements [but] no specifics”. He also noted that, if NIK suspected it was the victim of cyberattacks, it had an obligation to report this to the government’s computer security team within 24 hours.
A deputy interior minister, Maciej Wąsik, said that “it looks like the leadership of NIK has invented the issue of an alleged Pegasus attack”. He criticised journalists who had spread this “fake news” last week.
A teraz na poważnie:
Wygląda na to, że kierownictwo NIK wymyśliło sobie sprawę ataku domniemanym Pegasusem.
Podziwiam łatwowierność niektórych dziennikarzy, którzy stworzyli z tego fejknewsa o niezłym zasięgu. Zreflektują się?— Maciej Wąsik 🇵🇱 (@WasikMaciej) February 7, 2022
Just before Christmas, Associated Press reported that Citizen Lab had found that a senator’s phone had been repeatedly hacked using Pegasus when he was running the opposition’s 2019 parliamentary election campaign. Two other leading opponents of the government – a lawyer and prosecutor – were also hacked.
Poland’s government long refused to confirm reports that it had purchased the Israeli-made spyware in 2018, and the prime minister initially claimed in December that opposition figures may have been hacked by foreign agencies.
But last month Jarosław Kaczyński – head of the ruling party and deputy prime minister with oversight of security – confirmed for the first time that the authorities had bought Pegasus.
Polish Leader Admits Country Bought Powerful Israeli Spyware | World News | US News https://t.co/AM6FKW1LeB
— Roman Giertych (@GiertychRoman) January 7, 2022
Recent weeks have seen further claims emerge of a number of other public figures being victims of Pegasus hacking, including some from within the ruling camp. That has led to calls for an investigatory committee to be established.
While the opposition-controlled Senate has set up such a committee, the more powerful lower-house Sejm, where the government has a narrow but unstable majority, is yet to do so.
Representatives of the government and security services have continued to insist that any investigative efforts undertaken by the authorities are not conducted for political purposes and that any surveillance is conducted legally, including by obtaining a court order.
After further reports that Pegasus spyware was also used against people within PiS's own ranks, the latest alleged victim, former agriculture minister Jan Krzysztof Ardanowski, says "many PiS MPs are concerned" and may support an investigatory commission https://t.co/tIseOb8fC1
— Daniel Tilles (@danieltilles1) January 31, 2022
Banaś has faced a series of accusations of wrongdoing, including claims that he has links to a criminal gang. Among the charges prosecutors are seeking to bring against him are allegations that he submitted false asset declarations.
The ruling party and its allies have accused Banaś of using NIK – which has produced a series of audits accusing the government of wasteful spending and notified prosecutors of potential crimes by ministers – as a political tool to defend deflect accusations of wrongdoing.
Banaś in turn argues that charges are being brought against him for political purposes, as well as against his son, Jakub, who was last year detained by anti-corruption authorities. At today’s press conference, NIK revealed that Jakub was one of those they suspected of being hacked using Pegasus.
“The government wants to intimidate me, but it won’t work”: an interview with Poland’s state auditor
Main image credit: Slawomir Kaminski / Agencja Wyborcza.pl
Daniel Tilles is editor-in-chief of Notes from Poland. He has written on Polish affairs for a wide range of publications, including Foreign Policy, POLITICO Europe, EUobserver and Dziennik Gazeta Prawna.
