The Polish Space Agency (POLSA) has been offline since it disconnected its systems from the Internet over the weekend to contain a breach of its IT infrastructure.
After detecting the attack, the agency reported the incident to relevant authorities and launched an investigation to assess its impact.
“There has been a cybersecurity incident at POLSA. The relevant services and institutions have been informed. The situation is being analyzed,” POLSA said on Sunday.
“In order to secure data after the hack, the POLSA network was immediately disconnected from the Internet. We will keep you updated.”
POLSA has not disclosed the nature of the security incident and has yet to attribute the attack to a specific threat actor.
While no updates have been published since Sunday, sources inside the agency told The Register that staff was asked to use phones after the attackers compromised POLSA’s email systems.
The agency now works with the Polish Computer Security Incident Response Team (CSIRT NASK) and the Polish Military Computer Security Incident Response Team (CSIRT MON) to restore impacted services.
“In connection with the incident, the systems under attack were secured. CSIRT NASK, together with CSIRT MON, supports POLSA in activities aimed at restoring the operational functioning of the Agency,” said Krzysztof Gawkowski, Poland’s Minister of Digital Affairs.
“Intensive operational activities are also underway to identify who is behind the cyberattack. We will publish further information on this matter on an ongoing basis.”
Established in September 2014, POLSA is a European Space Agency (ESA) member. Its priorities include supporting the Polish space industry and increasing Polish defense capabilities through satellite systems.
It also helps Polish entrepreneurs obtain funds from the European Space Agency (ESA) and works with other ESA Members, the EU, and other countries on various space exploration projects.