CSIRT GOV: Report on the state of cybersecurity in Poland

Ten post dostępny jest także w języku: polski

The Computer Security Incident Response Team (CSIRT GOV) has published another report summarizing the state of public sector threats in Poland in 2020. The report highlights the number of actual incidents, which saw a significant increase for the second year in a row.

Increase in the number of applications

Attacks from the event category regarding the potential occurrence of an ICT incident are growing in an alarming state. In 2020, CSIRT GOV recorded exactly 246,107 such reports, of which 23,309 were classified as actual incidents. The report notes that in the case of the number of reports it is an increase of 8%, while in the case of actual threats by as much as 88%. It is also the second consecutive year that the number of actual incidents has almost doubled.

The first and fourth quarters of 2020 saw the highest number of incident reports. The second quarter, on the other hand, was the period in which the CSIRT recorded the highest number of viable incidents, with the increase due to the COVID-19 pandemic and the first restrictions implemented at that time. Among the top threats, events classified as a virus were again the most significant, accounting for more than 16,000 reports. Next was scanning (2.6k), followed by phishing (1.4k).

The main target is offices

The report shows that the previous year highlighted a trend in the number of incidents targeting government offices, which once again became the most attractive target for potential attacks. In 2020, more than 8,000 system infection attempts were carried out against them, 118% more than the year before. In contrast, the largest increases in incidents over 12 months were recorded by the services and military (311%) and critical infrastructure (283%).