Undersea pipelines, drilling platforms, power plants, but also... Electronic banking – critical infrastructure is an highly large term. Without it, it is hard to imagine the functioning of the state. Therefore, dozens of entities are active in a complex strategy related to its protection. The military besides has a function to play here. Although formally his tasks are different.
On July 19, the planet held its breath for a while. Disturbing access to parts of Microsoft's services has caused immense confusion. The largest airports were having problem flying airplanes, in many places electronic banking stopped operating, hospitals were forced to cancel planned treatments, corporations suspended work 1 after another and sent employees home.
First thought: cyber attack. However, it shortly turned out that hackers were not behind the events. As Microsoft's representatives reported, there was a global failure of Windows operating strategy that day. It was caused by an mistake in updating CrowdStrike's antivirus program.
The problems besides affected Poland. Although their scale is hard to compare with what the United States and Western Europe have experienced, it has caused rather a stir. – All state forces and services are working to safe critical infrastructure. This is simply a continuous process – stressed Deputy Prime Minister and National Defence Minister Władysław Kosiniak-Kamysz. due to the fact that although confusion was simply a random accident, in the long word it does not change much. Since the war in Ukraine started, the hazard of impact on systems and critical facilities for the functioning of the state is high Like never before.
Moscow bites quietly
Russian propaganda doesn't even hide. Although fighting is taking place in Ukraine, NATO is simply a real opponent. Under the Kremlin's media, reports of Western agents and mercenaries multiply, while peanas in honour of the Russian army intertwin with threats of hitting Warsaw, Berlin and London. An open confrontation with the North Atlantic Alliance is, of course, a dream, at least as long as it retains political cohesion, and the Russian troops are tied up in Donbasa, the Kharkiv area or Chersonian region. Russia, however, tries to bite the West in a different way. “A hybrid war of unprecedented strength has been going on for years,” says Dr. Łukasz Tolak, global safety expert at Collegium Civitas. 1 of her tools is the information struggle. Russians through the media and social networks effort to interact with Western societies, fueling anxiety and deepening divisions. They besides frequently strike in distant regions, even in sub-Saharan Africa. They support those who are reluctant to the West and sometimes quietly aid to bring them to power. In addition, they effectively heat local conflicts and thus activate further waves of migrants, who yet stand at the borders of Europe. But that is not the end. “The Russians do not avoid classical kinetic activities, and the mark for them is frequently critical infrastructure,” admits Dr. Tolak. The list of activities is long – from observations of military bases and transports with equipment going to Ukraine to placing traffic monitoring cameras at tracks to acts of sabotage. “The shares are usually carried out in specified a way that it is hard to clearly indicate whether there has been an accident or intentional action. We have had many specified suspicious incidents in Europe recently," says Dr. Tolak. The expert here mentions derailment of a train with a burden of iron ore, headed from Kiruna, Sweden, to a port in Norwegian Narvik, or fire of a supply warehouse for Ukraine, which occurred in London. The script of sabotage may besides be considered in the context of a series of fresh arsons in Poland.
– Poland is attacked in various ways, besides in cyberspace. However, the acts of sabotage have not yet crossed the critical line. There were no casualties in humans, no impact on key institutions for the functioning of the state – airports, transmission lines, gasports. But you should be on defender all the time – Dr. Tolak emphasizes. Above all, a coherent strategy that will facilitate civilian protection, but besides critical infrastructure, is being consistently built.
Correction system
To begin with, it is worth answering the basic question – how to specify critical infrastructure? “The seemingly simple answer is,” says Dr. Witold Skomra of the Government safety Centre. "Under this date, there is all the resources essential for the functioning of the state and its citizens. This is, among another things, an infrastructure that allows to conduct elections, access to water and food, medical care and energy, yet conducting transport – the expert says.
In the classical approach we talk about buildings, installations, pipelines, airports or roads. “But according to a fresh definition, any services, specified as digital transmission, electronic banking or email access, are included in critical infrastructure,” explains Dr. Inż. Skomra. The list of specified facilities was drawn up by the RCB as part of the National Critical Infrastructure Protection Programme. “We reviewed it last year and introduced additions,” says the expert. The list is classified.
Meanwhile, in May, the government published a draft amendment to the Emergency Management Act. Objective: to adapt key infrastructure protection procedures to rapidly changing modern requirements. Poland, like another European Community countries, has been obliged to implement 2 EU directives. CER concerns the resilience of critical actors, NIS2 – cybersecurity. We face many challenges. We will not only gotta re-identify services of key importance for the functioning of the state as a whole, but besides establish criteria for the entities that supply these services. Can critical infrastructure include, for example, the operator's facilities that supply electricity to just a fewer villages – explains Dr. Inż. Skomra. In practice, the list of facilities and services will be reviewed again. In addition, any entities that will be on it will gotta comply with advanced safety requirements against cyber attacks. – According to our calculations, specified entities will be between 30 and 100 thousand," noted Dr. Inż. Skomra.
Even if we ignore legal intricacies, 1 will stay unchanged. The first work for protecting critical infrastructure will be the operators themselves, who at the same time can number on State aid – support for various services, including troops.
Front at the desk
In this kind of activity, the army can engage at various levels. Although experts reserve that the protection of critical infrastructure does not fall within its responsibilities under the law. The army is to train and, in the event of war, fight for the territorial integrity of the state. The engagement of operational sub-divisions in the protection of factories or transmission lines under certain circumstances may even be risky. "This mechanics could encourage a possible opponent to increase hybrid operations, due to the fact that these would draw the military distant from basic tasks," noted Dr. Inż. It's bad.
If we take into account the changes to which the modern battlefield is subject, we cannot completely disable the army from specified tasks. The border between war and peace is now fading. Many activities are carried out in the shade. The wars actually begin before tanks go to the battlefield, and planes go to the air. Often, actions are carried out in cyberspace, where the opponent tries to hit not only military resources, but besides civilian resources. The example of Ukraine shows this perfectly. In February 2022, shortly before a full-scale invasion, Russian hackers attacked banking systems and disrupted broadband access.
What is crucial here is the cooperation of troops with non-military institutions, even though participants in April said INSECON congresswhich took place in Poznań. organization dedicated to the widely understood cybersecurity organized a defence department. “The operational environment has global coverage. The front line is scattered here due to the fact that it is determined by all computer, whether by a private individual or by a public institution – emphasizes General Krzysztof Król from the General Staff of the Polish Army. As the army assures, concrete action is besides followed. “In fact, we support civilian critical infrastructure operators on the basis of signed agreements. The Adversary is easier to carry out a hacking attack on a power plant or a transmission network than to organize a diversion group to fire or set fire to specified facilities. Sabotage in the network is frequently little costly and, above all, little risky, due to the fact that the attack can be initiated from anywhere in the world," said Colonel Przemysław Lipczyński, spokesperson for Cyberspace Defence Command. However, he states that he cannot talk about details of cooperation.
WOT Bets Filters
There is surely more to be said about the actions of the territorial defence troops. Under the Homeland Defence Act, the WOT commander assumed work for the non-military part of crisis management in the Defence Ministry. The commanders of the individual brigades execute a akin function at voivodship level. So they work with extra-military institutions. We take part in many exercises. Part of the script concerns the protection of critical infrastructure. We are here to support and strengthen the activities of the entities liable for this, and if necessary, for example, in the case of interruptions in the supply of certain media, supply water to the inhabitants of a given area or supply access to energy, to any limited extent, admits Colonel Robert Pękala, spokesperson for the WOT Command.
The list of specified activities is long. In June, for example, the exercises “Socrates ’24” were conducted in Warsaw. They were attended by employees of urban waterworks, policemen, firefighters, as well as the 18th Capital Territorial Defence Brigade. The individual episodes took place in the water treatment station complex "Fitres" in Ochota and in the area of the sewage treatment plant "Chajka" in Białołęka. The script included a terrorist attack on key buildings and an effort to poison water. – Our task was to cut off access to facilities, which was realized by a company of light infantry. At the same time, our sharpshooters were conducting an reflection of the site – explained Przemysław Łuszzki, spokesperson for the 18th WOT Brigade. – specified skills are useful not only in the context of urban crises but besides during border service – adds.
In June, exercises under the code name ‘Amper ’24 were besides conducted in the east of Poland. In turn, soldiers of the 3rd Podkarpackie Territorial Defence Brigade were active to aid address the harm to the water power plant in Solina. – Together with the police we have surrounded the facility with a tight cordon, and soldiers with the aid of power plant workers connected the power generators KEP-900, which stay in the equipment of our brigade. Thanks to this solution, we provided the residents with a power supply," says Captain Artur Romanowski, the officer for crisis management from the 3rd WOT Brigade. In turn, during the "Amper ’22" exercise, the 2nd Lublin Territorial Defence Brigade utilized a horse section that located the harm to the transmission network in difficult-to-access terrain.
This includes, for example, joint training of the Wielkopolska territorialists and fuel base employees of PERN in Rejowc or a full series of exercises under the codename “Friendly Energy” with the participation of subdivisions of WOT from various regions of Poland and employees of PGE Distribution. But it doesn't close a long list of akin ventures.
“Territorial Defence Military Command has signed many cooperation agreements with transmission network operators specified as Gaz-System and Polish Energy Networks, but besides KG Police and KG Fire Loss. akin agreements are then concluded at local level. They are liable for the commanders of the individual brigades. We are trying to best execute our function as a liaison between the military and civilian critical infrastructure operators – concludes Colonel Pękala. Representatives of individual companies besides talk in a akin tone. – The aim of the agreement with DWOT is to work together on strengthening the safety and defence of Poland [...]. The current geopolitical situation, including the aggression of the Russian Federation to Ukraine, shows how crucial the interaction of the armed forces and entrepreneurs managing strategical infrastructure for our country is – emphasises in an email answer to our questions the spokesperson of PERN Katarzyna Krasińska.
Ships in the Bay
Meanwhile, critical infrastructure is not only inland. In fresh years, the function of offshore installations, straight at sea or at its bottom, has increased significantly. Gasoport in Świnoujście and Baltic tube pipeline are crucial in the process of energy independency from Russia. shortly they will be joined by wind farms erected in Polish waters, while the list of critical infrastructure should be added to telecommunications cables or ports themselves. Operators who, as on land, can number on the support of another state institutions are liable for protecting these facilities. And in this arrangement, the armed forces have an even bigger function to play, due to the fact that no another institution operating at sea has specified opportunities as the military. Only the Navy has ships that can carry out long-term patrol service and monitoring both on the surface and below the sea.
Short After the mysterious detonation of the Nord Stream gas pipeline, reached in September 2022, the Centre for Marine Operations-Sea Component Command in Gdynia began Operation Bay. It continues to this day. Ships belonging to both fleets proceed to depart. “They monitor areas where the key infrastructure for Poland is located. They follow the movement of another units, pay attention to any suspicious behaviours – says Lt. Maciej Bukowski from COM-DKM. For example, erstwhile a ship moves without an AIS transponder on, which allows to get information about its origin and course. Or erstwhile for a long time, and without a clear purpose, an individual is around mining platforms or pipelines. In specified cases, the crew of the patrolling vessel may effort to contact it, approach it, call for the area to leave. In a word – show your presence and possibilities. Examples from another waters show that specified a force projection usually has the desired effect. “We stay in contact with operators of individual networks and facilities at all times, and we exchange information with the maritime offices or the marine branch of the Border Guard”, explains Mr Bukowski. COM-DKM besides cooperates with NATO allies. For the past months, his officers have been in constant contact with the crews of the Italian frigates, which have reinforced the conservation of the water.
So far, there have been no major incidents in patrolled areas, although there have been moments of uncertainty. – 1 day representatives of Gaz- -The system, the operator of Baltic Pipe, alerted us that a ship that could not be contacted would drift around the pipeline. We have besides made specified a test, which yet ended successfully. The captain ordered the engines to be turned on and sailed – explained Mr Bukowski. Operation Bay was initially planned for six months. After that time, however, it was extended for a more indefinite period.
But Operation Bay is not just patrols. As Mr Bukowski admits, the installations arranged at the bottom are checked by submarines. The Polish navy has a truly large chance here. Just mention the equipment they're equipped with. Kormoran II kind mine destroyers. – To monitor underwater infrastructure can be utilized for example Hugowhich was equipped with tube Tracking software. Within 24 hours, it can illustrate a 100 km section of the pipeline, delivering images in very advanced resolution. Gavia vehicles can carry out akin tasks – explains cadmium. Peter Sikora, commander of the 8th Coast Defence Fleet, in which the Kormoran units serve. Crews do it rather often. “For us it is simply a form of training, but besides the accomplishment of an crucial public interest,” he admits to cadmium. Sikora.
Specialists in action
Special troops are besides active in the protection of critical infrastructure. – With a view to protecting critical infrastructure against hybrid attacks, another, third, Formozy combat team. It is stationed in Dziwnow – explains Colonel Mariusz Łapeta, spokesperson for peculiar Forces Headquarters. The village is located respective twelve kilometres from Świnoujście, where the recently expanded Gazoport operates. It is besides close the Baltic tube pipeline, which is pressing gas from Norway to Poland.
Since the outbreak of the war in Ukraine, there have been no major incidents in the Polish waters of the Baltic, but in another parts of the reservoir it has. A fewer months ago, for example, Balticconnector – a pipeline connecting Finland to Estonia was interrupted. The hazard of sabotage is inactive considerable. This is not just about this part of Europe. any time ago, unidentified drones appeared close Norwegian drilling platforms in the North Sea, and the media reported that Russians, under the impression of technological research, map the seabed. In order to better deal with akin threats, NATO has even set up a peculiar cell that coordinates activities related to the protection of offshore infrastructure. It operates on MARCOM, an allied command of naval forces.
