Ethical Hacking News
Poland has abandoned Signal in favor of nationally developed messaging platforms amid growing concerns over cyberattacks targeting government officials, with the country opting for greater control and visibility over sensitive communications.
Poland has instructed government officials to stop using Signal and switch to domestically developed messaging apps. The decision comes after repeated cyberattacks targeting government accounts, linked to Russian-backed Advanced Persistent Threat (APT) groups. The Ministry of Digital Affairs recommends transitioning to national platforms like mSzyfr Messenger and SKR-Z for secure communication. mSzyfr Messenger is an encrypted tool managed by NASK-PIB, while SKR-Z is designed for handling classified communications up to the "Restricted" level. Threema will be replaced by mSzyfr Messenger in official government communication setups. Poland's move reflects a broader trend of European countries prioritizing domestic cybersecurity development over foreign-made platforms.
Poland has taken a significant step towards bolstering its national cybersecurity by instructing government officials to cease using the popular instant messaging app, Signal, in favor of domestically developed alternatives. This decision comes on the heels of repeated cyberattacks targeting government accounts, which have been attributed to Russian-backed Advanced Persistent Threat (APT) groups.
In May 2026, Poland's Ministry of Digital Affairs issued an announcement warning officials about the growing threat posed by APT groups linked to hostile state agencies. These attacks allegedly used social engineering techniques, posing as Signal support staff, to trick victims into sharing verification codes or PINs, which allowed attackers to gain full control over their accounts.
The campaigns targeted high-profile individuals, including politicians, military personnel, and public servants. The attacks were reportedly sophisticated in nature, utilizing account compromise and malicious QR codes or links to silently access private chats, group messages, and conversation history. This brazen approach underscored the evolving landscape of cyber threats, where attackers are increasingly leveraging social engineering tactics to breach even the most secure systems.
To address these growing concerns, the Ministry of Digital Affairs has recommended that government staff transition to national platforms developed specifically for public administration. Two such platforms have been identified as priorities: mSzyfr Messenger and SKR-Z. The former is an encrypted communication tool managed by NASK-PIB, while the latter is a secure system designed for handling classified communications up to the "Restricted" level.
The mSzyfr app is not publicly accessible; only users affiliated with approved organizations can receive an invitation to join the platform. This exclusivity has been hailed as a measure to ensure that sensitive government information remains safeguarded. Furthermore, the platform is reportedly fully hosted and managed within Poland under national cybersecurity standards, providing a level of control and visibility that was previously lacking.
Threema, which had been recommended since 2022, will be replaced by mSzyfr Messenger in the official communication setup for government officials. The move reflects an ongoing shift towards prioritizing domestic development and security over reliance on foreign-made platforms. This approach is not unique to Poland; several European countries have taken similar steps to bolster their national cybersecurity.
For instance, Germany has instructed lawmakers to use Wire after phishing attacks targeted government officials using Signal. Meanwhile, Dutch intelligence agencies AIVD and MIVD have reported that government officials were targeted in coordinated campaigns over Signal, with some compromises going through. These developments underscore the growing awareness of the limitations of secure apps when it comes to state-backed attackers.
The Polish decision is part of a broader debate surrounding the effectiveness of encryption in protecting against such threats. While Signal's end-to-end encryption provides an essential layer of security for individual users, governments are grappling with the fact that this same security feature can be exploited by sophisticated adversaries using social engineering tactics.
In response to these concerns, some experts argue that the real problem lies not with the encryption itself but rather with the human element. The ease with which attackers can exploit vulnerabilities in user behavior highlights the need for more robust security measures beyond technical solutions.
By shifting towards national messaging platforms, Poland is taking a proactive step towards improving the security of official communications. While this approach may present its own set of challenges and limitations, it represents a significant acknowledgment of the evolving nature of cyber threats and the need for governments to adapt their strategies accordingly.
In conclusion, Poland's decision to abandon Signal in favor of national messaging platforms marks an important shift towards prioritizing domestic cybersecurity development. As the threat landscape continues to evolve, this move serves as a reminder that security is often more about people than it is about technology.
Related Information:
https://www.ethicalhackingnews.com/articles/Poland-Abandons-Signal-in-Favor-of-National-Messaging-Platforms-Amid-Rising-Cybersecurity-Concerns-ehn.shtml
https://securityaffairs.com/192381/intelligence/poland-shifts-away-from-signal-following-cyberattacks-on-officials-accounts.html
Published: Tue May 19 05:07:49 2026 by llama3.2 3B Q4_K_M
