Despite the two statements of Michał Dworczyk, many questions remain unanswered
TVN24 |Poland12 czerwca 2021, 23:08
Almost 30 messages and several dozen documents to come from the e -mail box of the head of the Chancellery of the Prime Minister Michał Dworczyk are posted from June 4 in one of the channels on Telegram.According to the minister, the published materials are partly fabricated, and in part - stolen in a hacker attack.- There was information that should certainly be protected - our interlocutors say.
The head of the Chancellery of the Prime Minister Michał Dworczyk on Friday issued a second statement regarding access by unauthorized persons to the content of his email box."Attacks on my family's accounts are still being carried out in various communication channels, even in relation to my children," he wrote."For two days, through the Russian platform Telegram to the public in Poland, messages and information are provided, some of which have been stolen as a result of a hacker attack on e -mail boxes and social media accounts belonging to me and my family" - he wrote on Twitter.What is known in this matter?We collected knowledge as of Saturday afternoon.
The case of the alleged attack on the e -mailbox of the head of the prime minister's office gained publicity on Tuesday, i.e. June 8.
This was due to the entry on the Facebook profile of the minister's wife Agnieszka Dworczyk.It sounded: "I regret to inform you that my e-mail box was hacked by unknown people.The perpetrators were stolen official documents, which contain classified information and can be used to cause damage to the national security of the Republic of Poland, and can also be used as proof of alleged Polish interference in the internal affairs of Belarus "(we retained the original spelling - red.).
According to the first, official statement of Minister Michał Dworczyk, published on Wednesday afternoon in social media, the entry was prepared and placed on his wife's profile - which means that the perpetrators had unrestricted access to her account.Oświadczenie Michała Dworczyka
The fake entry ended with a link to the next profile, this time on the Telegram messenger.In Poland, it is considered a niche, but it is widely used in Russian -speaking countries and in some Arab countries.
- Here you can really be terrified for the first time, because the profile on the telegram has been published the first alleged emails four days earlier.So for four days, most likely, no one in Poland noticed it - says former minister coordinator of special services, currently a MP working in the commission for services Marek Biernacki.
The first material posted on a telegram is a detailed vaccination in special services - as civil as military.TVN24 editors.pl confirmed that this document contains real information - although none of them is closed within the meaning of the Act on the protection of classified information.
The profile of the FB of the minister's wife was quickly removed after publishing a false entry on it.However, this one works on the Telegram portal without any problems.From June 4, to the publication of this article, almost 30 messages and several dozen documents that are currently circulating the network have been included.Entries are published at different times of the day, also at night.
The minister himself, as well as the Chancellery of the Prime Minister, did not answer a series of questions asked by the editors of TVN24.pl.We wanted to know M..in.Whether the e -mails revealed so far are real or - and if so, why - a private email was used for business matters.From Tuesday, the minister limited himself only to the publication of two statements in social media - the second of them shows that the hacker attack continues all the time.
He emphasized in it that "some of the disclosed information and alleged emails were prepared".Drugie oświadczenie Michała Dworczykatwitter
Despite the statements of Michał Dworczyk, many questions remain unanswered.Among them, those regarding doubts:
- Was the box, which was the subject of a hacker attack, was a private or business post by the minister?Do hackers have access to only one of them?
- In addition to the e -mail box, could hackers also have access to other accounts used by the minister (in the first statement he wrote about reports regarding the takeover of his and his wife's accounts in social media, in the next accounts of his and his family)?
- Are the published correspondence and documents authentic?Which of them - as the minister suggests - were "prepared"?
- Are the materials that could be taken over by hackers?
- Did Michał Dworczyk keep state documents on a private box?
It is also unknown whether the takeover of the Facebook account of the wife of Minister Dworczyk and his e -mail box occurred as a result of a burglary or maybe hackers came into possession of login data.
Documents that are made available on the web are mainly screenshots of e-mail correspondence, text files and PDFs, related M.in.with the legislative process regarding the Act on strategic reserves, the draft act on national security management or a letter regarding settlement in the country of Belarusians of Polish origin, but also such related directly to state defense.Video recordings are also published.
"I would like to emphasize that there was no information in the e -mail inbox, which is the subject of a hacker attack.
Secrets of "Narew"
But the minister is right only from a formal point of view.- no clause document has appeared on the telegram so far.But information that should certainly be protected has already appeared - says an officer from the Military Special Services.
It is about correspondence - if it is true - which the minister mentioned with his subordinates in the office of the Prime Minister, Krzysztof Gaje.Dworczyk collaborated with this colonel for reserve in the Ministry of National Defense, when in 2017 he was the secretary of state.Krzysztof Gaj from 2016.He was the head of the management board of the Organization and Supplements of the General Staff of the Polish Army, he is considered the creator of the concept of Territorial Defense Forces.A few months later, he was dismissed and transferred to the staff reserve of the Ministry of National Defense.As he reported in January 2019.Weekly "Wprost", the reason was his anti -Semitic and anti -Ukrainian statements, supporting the policy of Russian President Vladimir Putin M.in.In the face of the annexation of Crimea."I'm not a Russophile (I emphasize it firmly), but I understand Putin perfectly here - these are fascists.And Putin is quite right - you have to fight them, because Europe will be over.This is a cruel giggle of history that I agree with Putin and the Russians - but in this situation I see no other way " - he said in 2014.About Ukraine in an interview with the Kresy portal.According to the information "Wprost", Colon.
In this case, the disclosed correspondence indicates that Colonel Gaj shares with the minister thoughts and behind -the -scenes information on the "Narew" anti -aircraft defense system.The screenshots of the screen show (if they are authentic) that the email sent from a private box to the minister's private email address.
Then there were videos of training ground tests of weapons, which neutralizes drones.This publication was accompanied by a detailed report indicating M.in.The range of this modern weapon developed by a consortium of the Military University of Technology and a private company, and financed from public funds of NCBiR.
We asked a series of questions.Gaj, i.e. the alleged author of these videos and reports, M.in.about whether and why he used a private box to exchange such correspondence.We have not received the answer until the text is published.
E -mails with prime minister
On Friday, a screenshot from the e -mail thread also appeared on the telegram between the addresses described as belonging to Michał Dworczyk and Mateusz Morawiecki.Officials are entertained by the situation that the opposition MP turned to their friend for help in the organization of the conference.Minister Dworczyk writes about this friend "a former diplomat serving the homeland on the second time".
Already a few hours after the disclosure of this correspondence, during the discussion on Twitter, the name of this "diplomat serving the homeland on the second time" appeared.
In the language of the services, this means an officer acting under cover, i.e. a particularly protected one.
- If in the future it is confirmed that it is real emails, then only the resignation of Minister Michał Dworczyk.Knowing such things can not be treated as a streetworks in the bazaar - believes Marek Biernacki.
TVN24 editors.PL confirmed - among officials of several ministries - that both Michał Dworczyk and the Prime Minister used private emails, founded on public websites.
- When I worked with the prime minister, I only got emails from a private account.It was the address that I see on a telegram - tells us an official of the Ministry of Finance.
The Chancellery of the Prime Minister did not refer to the alleged correspondence of Mateusz Morawiecki and Michał Dworczyk.Only Friday's statement of Minister Dworczyk has been published on the KPRM account.
A warning from allies
In two - unrelated - sources, TVN24 editors.PL found that the allied intelligence agencies gave the warning to Polish services at the beginning of this year.They alerted that the boxes of Polish politicians fell to hackers.
- According to my best knowledge, the alert was not particularly taken over on the floors occupied by the bosses.In any case, no one in the ABW ICT Safety Department has received new tasks related to this threat - says TVN24.pl civil counterintelligence officer.
Eastern trail and internal factor
According to our sources, two contradictory hypotheses about the perpetrators are considered in the national services.The first assumes that the attack is a work coordinated by Belarusian and Russian services.
The fact that the Russian services are behind the attack is not raised by the expert in the security matters of Jarosław Jakimczyk.
- the fabricated entry of the wife of Minister Dworczyk contains Russianism.This is not a mistake, but a demonstrative leaving your own signature - he believes and adds: - It all happens in a non -accidental time.Situation in Belarus, tension in Ukraine and NATO peak with the participation of the US president.Poland is shown as a frivolous partner, with poor quality the highest officials.
The second hypothesis is associated with leakage from attacks on profiles in the social media of the United Right politicians, M.In Marek Suski's MP.His account on the social networking site was taken over, photos appeared on him a undeniable councilor from Inowrocław.Her accounts were also successfully taken over.
We also hear from one of our interlocutors that "there are such in the Ministry of the Interior and Administration" who also take into account the version that the attack is organized and conducted internally in Poland.
A situation like "Owl and Friends"
To determine who is behind the attacks, Marek Biernacki does not want.- However, I pay attention to the similarities to the situation of 2014, when the public was flooded with recordings of private VIP conversations from the restaurant.At that time they were conversations, today emails, and like then we do not know what is really going on and who is behind it - says an experienced politician.
Both our interlocutors also point to the consequence of the mistake made when the Coalition of the United Right took power six years ago.It is about abandoning the development of the Catel safe communication system - as by e -mail - which was developed by the Internal Security Agency.
General Krzysztof Bondaryk, head of the Internal Security Agency, was followed by the reign of Prime Minister Donald Tusk.The system, however, ceased to be developed, so it quickly became anachronistic.A similar fate was met by the National Cryptology Center, which the same general began to build - Minister of Defense Antoni Macierewicz put it so much the controversial boss that soon almost all professionals gathered there passed there.
- The idea was to recreate Polish cryptology.So that Poland would not have to buy ready -made solutions from producers from other countries, but had its own.To operate all this, it was enough for the fact that it was created by the disliked general Bondaryk - a former NCK employee tells us.
The ICT Safety Department operates at the Internal Security Agency.Its part is a CERT cell.gov.pl, which is the task of detecting m.in.just such incidents.
- Agency (internal security - Red.) conducts his analyzes related to the situation described by the Minister (Dworczyk - Red.) - said on TVN24 Stanisław Żaryn, spokesman for the minister coordinator of special services."I can't say about the details of the ABW activities at the moment," he said.When asked if in connection with the incident, steps were taken to increase the safety of Minister Dworczyk and other high -ranking officials, the spokesman announced that "ministers are covered by counterintelligence protection".- such activities are carried out by the ABW.I have no more information about the details of these activities - he added.
Author: Robert Zieliński