A large-scale cyberattack on Poland’s government registry system has occurred, causing significant public resonance and raising concerns about the stability of essential government services
Information resources containing data about citizens, vehicles, tax reporting, and other critical sectors were severely threatened on Wednesday, April 30. According to media reports, the attack was successfully neutralized; however, there are already signs of potential consequences—including disruptions in tax payments, issues with the mobile application mObywatel, and complications in vehicle registration processes. Preliminary data indicate that the attack was of the DDoS (Distributed Denial of Service) type, characterized by a massive assault through simultaneous loads from hundreds or thousands of malicious computers aiming to overload and completely "block" the operation of government servers. As a result of such actions, the proper functioning of the information system predominantly remains in a "suspended" state, and government agencies are temporarily unable to process citizen requests or perform internal operations efficiently. Currently, it is unknown where exactly the attackers operated from, but investigations into the cyberattack are led by representatives of the Polish Cyber Police in cooperation with the country's Internal Security Agency. It is important to note that such attacks have not only technical but also geopolitical dimensions. In the broader global context, questions automatically arise about potential involvement of third states or groups engaged in cyber-espionage activities against Poland. It is also worth mentioning that on the eve of the Polish events, the French Ministry of Foreign Affairs issued a high-profile statement claiming Russia’s involvement in a number of cyberattacks carried out over recent years. According to this information, Russian intelligence agencies, motivated by intentions to destabilize the political and economic climate in European countries, have been implicated in hacking and cyberattacks during election campaigns and other key events, including the 2017 attack on the French presidential candidate Emmanuel Macron’s campaign. Meanwhile, Dutch intelligence previously warned of increased hybrid attacks, deliberately aimed at destabilizing public opinion, cyber espionage, and information security breaches conducted by Russia. Specifically, they noted that Russian hackers have already intensified their activities directed at Dutch government structures, intentionally attempting to access confidential data and spreading disinformation within the information space. Overall, the situation with cyberattacks demonstrates the growing complexity of security in Europe, especially amid active and targeted actions by state and private criminal groups seeking to sow chaos, undermine societal stability, and erode trust in government institutions. Official Kraków is currently on high alert and monitoring closely to prevent possible repetitions and minimize potential damage, emphasizing the importance of global cooperation in combating modern cyber threats.