Prosecutors and other state security officials in Poland are investigating a hack, unprecedented in size, after discovering that workstations of some banks were hosting malicious software that infected various banking systems, according to Polish media.
The news comes a few days after the Polish Financial Supervision Authority (KNF) took down its entire system in a cyber-attack believed to be “from another country” and the first ever to result in a service outage, according to a KNF spokesman.
Changing the Face of AML with Self Service AnalyticsGo to article >>
According to local media, some financial institutions had seen unusual network traffic and found encrypted executables on several servers. The details were rapidly shared between the group of roughly 20 commercial banks in the country and other banks started reporting the same issues.
The Polish authorities confirmed that customer money was untouched and that no operations have been affected so far. However, they said that the whole situation is still under investigation, so things may change in the days to come as more information comes to light.
A little more than a year ago, a government department that deals with cyber security confirmed that a few Polish commercial banks had been victims of a malware infection. The source of the executables, however, was the one entity they didn’t expect it from – the KNF.
At the time, the investigation suggested that the starting point for the infection could be the server of the Polish financial regulatory body. Overall, it is ironic that the website of the key institution responsible for assuring security in the financial sector was used to attack it.