From: mk_thisisit
General Karol Molenda, commander of the Cyberspace Defense Forces, discusses the critical role of cybersecurity in state defense, detailing Poland’s proactive approach, challenges in establishing and maintaining cyber capabilities, and future innovations in the field [01:17:00].
Cyberspace as an Operational Domain
In 2016, at the NATO summit in Warsaw, a pivotal decision was made to treat cyberspace as an operational domain, on par with land, water, and air [02:11:00]. This decision committed NATO member states to build capabilities for defending this domain [02:27:00]. This acknowledgment was prompted by historical incidents, such as the paralysis of Estonia by cyberattacks [02:57:00].
Establishment of Polish Cyber Defense Forces
The Polish Army recognized the need to consolidate its scattered cybersecurity resources, which were previously managed by various units like the National Center for Cryptology and the Information Technology Inspectorate [03:20:00]. In 2019, General Molenda was appointed to lead this consolidation, a process described as “building airplanes in flight” due to the necessity of maintaining uninterrupted service while merging two large, independently operating units [04:11:00]. This effort led to the establishment of the National Cyberspace Security Center [04:51:00]. This consolidation was a significant challenge of implementing IT solutions within a large organization [04:17:00].
Threat Landscape and Countermeasures
Polish military systems are attractive targets for groups operating under foreign special services, particularly from countries like Russia, such as APT 28 and APT 29 [04:54:00]. The interest in Polish systems has multiplied five times since the war in Ukraine began, given Poland’s role as a significant logistics hub and second-largest armaments donor to Ukraine [05:21:00].
Most attacks utilize social engineering, such as phishing, to trick users [06:08:00]. The Polish approach is proactive, focusing on hunting for adversaries within the network, as “the most worrying thing is silence” [11:49:00].
The Cyberspace Defense Forces are authorized to conduct operations across the full spectrum, including:
- Defensive (ASR) [08:03:00]
- Intelligence and Reconnaissance (Cyber Reconnaissance) [08:07:00]
- Offensive Cyber [08:09:00]
In some situations, the military intentionally allows opponents into specific systems to learn their tools and techniques, as part of their intelligence gathering [07:11:00]. This requires a high level of expertise and unconventional thinking [08:43:00].
Expertise and Team Building
The Cyberspace Defense Forces pride themselves on leading the largest group of cybersecurity experts in Poland’s state administration, known for their unconventional and creative thinking [08:35:00]. The team includes not only military personnel but also officers with backgrounds in police and industry, fostering a diverse range of experiences [21:45:00]. This multidisciplinary approach is crucial for addressing the complex challenges and development in the tech industry of cyber warfare.
Information Sharing and Cooperation
Poland has significantly changed its culture of information exchange about cyber threats, building a robust cybersecurity ecosystem [09:52:00]. Weekly meetings are held with key stakeholders from the ABW and other units responsible for cybersecurity [10:16:00].
International cooperation is based on trust and a “win-win” principle, where information is mutually shared [18:17:00]. Agreements with big-tech companies facilitate early information exchange on vulnerabilities, enabling proactive mitigation of threats like zero-days [18:27:00]. This collaborative approach recognizes that cybersecurity is a team game, and no single entity can win alone [19:34:00]. Poland has also provided training and partnerships for cybersecurity to Ukrainian soldiers, sharing knowledge on APT group tactics [15:59:00].
Future Challenges: Quantum Computing
The rise of quantum computers and digital transformation poses significant challenges to current encryption methods [23:36:00]. Poland is heavily investing in emerging technologies like machine learning, artificial intelligence, and quantum communication to leverage them for defense and to develop “Quantum Save” cryptographic solutions [22:57:00].
“thanks to the use of the properties of quantum entanglement we can generate cryptographic keys that should theoretically be resistant to eavesdropping” [25:00:00]
The focus is on building resilient encryption systems and understanding how new technologies might be exploited by adversaries [24:04:00].
Poland’s Position in Cyber Defense
Poland is ranked highly in cyberspace defense. In one index, Poland was defined in sixth place, ahead of the United Kingdom, which significantly invests in cybersecurity [00:01:00]. This highlights Poland’s position in cyberspace defense [00:01:00]. Initiatives like establishing a military General Secondary School of Information Technology contribute to building a strong intellectual base for cybersecurity [29:04:00].
Effectiveness of Polish Cyber Defense
The Polish military systems, especially those processing classified information, have not experienced incidents leading to data extraction, despite constant attack attempts [29:51:00]. These attempts, such as phishing clicks, are caught and stopped by security departments [30:04:00]. The ability to detect and neutralize attacks quickly, often within hours, distinguishes Poland’s cyber defense capabilities from many other countries [30:37:00].
Key to this success is:
- System Hardening: Ensuring all security patches and devices are implemented [31:06:00].
- Visibility: Knowing exactly what resources are being protected, including comprehensive hardware registers [31:14:00].
- User Awareness: Implementing campaigns and “red teaming” exercises to test and increase the cybersecurity awareness of military personnel, including high-ranking officers [33:03:00].
Structure and Personnel of the Cyber Army
The Polish Cyber Army consists of uniformed soldiers with military ranks, operating from headquarters in Legionowo and 11 subordinate units across the country [36:22:00]. Their presence extends to every military unit, ensuring IT services and cybersecurity for all equipment, including aircraft [37:07:00]. The core strength of the Cyber Army is its intellectual power and creative thinking, with most officers holding Master of Science degrees in computer science, cybersecurity, or cryptology [38:32:00].
To attract and retain talent, special allowances were introduced in 2020 for soldiers in cybersecurity roles, potentially reaching up to 45,000 gross per month [41:12:00]. However, the primary motivators for joining the team are the unparalleled challenges and development in the tech industry in operating rooms, unlimited access to development opportunities, and the sense of patriotism from serving a greater purpose [41:48:00].
The Cyber Army operates 24/7, acknowledging that attackers do not adhere to regular working hours [45:05:00].
Readiness and Achievements
The Polish Cyber Army has not waited until the initially declared readiness year of 2024 to become active [46:11:00]. They are continuously acquiring capabilities and building competencies [46:33:00]. Their effectiveness is demonstrated by their performance in international exercises like Lock Shields, where they secured third place this year and second place last year [47:14:00]. This achievement reflects the potential not only of the military but also of the broader cyber period in Poland [47:28:00].
A significant challenge of implementing IT solutions in a hierarchical military structure was fostering teamwork and encouraging brainstorming over rigid adherence to rank [48:26:00]. General Molenda and his leadership team underwent training, including soft skills and psychology, to transform their leadership approach and empower their teams [48:45:00].
Leadership and Vision
General Karol Molenda is recognized as a key co-author and implementer of the vision for the Polish Cyber Army [51:31:00]. His appointment as chairman of the US Back Command’s ‘Sabe Commanders Forum’ highlights international recognition of Poland’s success in building cyber defense capabilities rapidly [50:25:00]. This forum serves as a platform to share Poland’s approach with other allied commanders [50:46:00]. The upcoming meeting in Krakow in October, where commanders will share experiences, further underscores Poland’s growing maturity in cyber defense [51:13:00].