In view of the threat of a terrorist attack on the country’s information systems, the Prime Minister has introduced the third alert level concerning the threat in cyberspace (CHARLIE-CRP). This is the highest alert level introduced so far in Poland.
By order of the Prime Minister, from February 21 to March 4, 2022, the third alert level on the threat in cyberspace, the CHARLIE-CRP level, was introduced on the territory of the country. The basis for the introduction of CRP alert degrees (ALFA, BRAVO, CHARLIE, DELTA) is the Act of 10 June 2016 on anti-terrorist activities. The rationale is the threat of a terrorist event concerning the ICT systems of public administration bodies or included in critical infrastructure.
Pursuant to Article 15(5) of the Act, the third alert level is introduced, in the event of an event confirming the likely specific target of a terrorist attack or the receipt of reliable and confirmed information about a planned event.
This is the highest CRP alert level introduced so far in Poland; however, as of February 15, 2022, as of 11:59 p.m., the ALFA-CRP level has been in effect. As stated in the Annex to the Regulation of the Prime Minister on the scope of undertakings carried out in individual alert levels and CRP alert levels, the introduction of the CHARLIE-CRP degree is associated with:
1) the initiation of round-the-clock duty of administrators of systems key to the operation of the organization and personnel authorized to make decisions on matters of system security;
2) reviewing available backup resources in terms of their usability in case of an attack;
3) preparing for the activation of plans enabling business continuity after the occurrence of a potential attack, including a review and possible audit of contingency plans and systems, and limiting operations on servers, in order to be able to shut them down quickly and without failure.
In addition, actions provided for earlier stages are taken, these include:
1) intensified monitoring of the state of security of information and communication systems of public administration bodies or included in critical infrastructure;
2) informing the institution’s staff, in particular those responsible for system security, of the necessity to maintain increased vigilance in relation to abnormal states;
3) checking the communication channels between entities involved in emergency response ;
4) verification of established points of contact with ICT security incident response teams.
It is not known with what specific information about the planned attack the introduction of the third level of threat is connected. Most likely, it is related to tensions between Russia and NATO and EU countries and the situation in Ukraine. In current conditions, military aggression is always combined with cyber-aggression, as is also the case in Ukraine.