- • The operation of “Medus” has neutralized Russian Snake software used by FSB since 2004.
- • Poland played a key role in the operation, providing the first information thanks to the Cyberspace Defense Forces.
- • Gen. Karol Molenda is considered a leader in the modernization of Polish cyberbron, including offensive activities against hybrid threats.
In May 2023, the Americans announced the disposal of Snake software, used since 2004 by hackers associated with the 16th Russian Secret Police Center FSB. Only recently did the analysts reveal the entire structure of this center, specializing in an electronic interview.
Snake (Polish snake) was one of the most harmful operations of the Kremlin hackers. Snake's disposal was rightly recognized as one of the greatest successes of the Western special services. The Americans, boasting the success of “Meduza” surgery, thanked allies from Great Britain, Canada, Australia and New Zealand. Together with the USA, all this countries create an intelligence alliance known as the Five Eyes Alliance – probably the most advanced agreement of the intelligence services in the world of several countries.
Intelligence services of many countries would like to join this alliance after World War II. It turns out that at least during the “Medus” surgery, one of the Polish special services has just succeeded.
According to Intelligence Online, a service considered very credible in matters of espionage, the “jellyfish” operation was actually coordinated by three electronic intelligence services: the American NSA, the German BSI, and the British GCHQ. The first and key information that led to the start of “Medusy”, but came from Poland.
Snake in the Polish digital infrastructure was discovered by specialists from the Cyberspace Defense Forces, a component of the Polish army. The Poles decided not to neutralize the Russian virus, but allowed him to act, meticulously observing how he works. They agreed, for example, that Snake is run from servers in Belarus, Lithuania, and in the Królewiec region (where, as we already know, one of the most important bases of the 16th FSB center is located).
Snake data, which Polish military acquired, were transferred to the Americans who, based on this data, launched Perseus, a specially tool for sabotage of IT networks. Perseus broke into the servers leading Snake and forced them to issue a self -destruction command virus. Snake has ceased to exist.
According to Intelligence Online, the operation of “Medusa” meant a strategic change: Poland has stopped satisfied only with the defense of its cyberspace, but began to infiltrate and actively interfere with the actions of Russian hackers on a global scale.
The author of the article believes that the commander of the Cyberspace Defense Forces component of General Karol Molenda plays a key role in changing this policy and in the entire modernization of the Polish Army. “This silent strategist supports artificial intelligence, quantum cryptography and offensive doctrines against hybrid threats from Russia,” reads Intelligenka Online.
Cyberspace defense (WOC) employ – according to Intelligence Online – over 6.5 thousand. employees in 13 operational centers at various points of Poland. This structure remains in constant contact with the NATO Center of Perfection in Cyberobrona in Tallinn, with the command of the NATO Armed Forces transformation, and from the Cybernetic Operation Center in Mons in Belgium, which is part of the NATO Armed Forces Operational Command.
In Legionowo near Warsaw there is a WOC unit known among the military as a shadow cell that conducts operations directly against hackers from Russia, Belarus and other countries. Specialists from this unit specialize in setting up traps – they leave a gap in the government network, e.g. in energy suppliers networks, or in important databases that are to attract the attention of hackers, e.g. from FSB. – Our goal is not to block them, but to let them in – said the Polish officer in an interview with Intelligence Online. WOC operators meticulously observing the attack collect key information about attackers.
The complicated monitoring system developed by the WOC is connected to the transatlantic electronic intelligence network. Here, the 16th Army of the US Air Force plays a key role, which specializes, like the WOC, in defense of cyberspace. Some artificial intelligence algorithms used in Legionowo come directly from the NSA platforms (i.e. the American National Security Agency) at the headquarters of Fort Meade in the USA.
According to Intelligence Online NSA – which is part of the American armed forces – it maintains its own listening centers in Poland, including In Łask and nearby Powidz, whose purpose is to listen to the digital traffic in the Królewiec region, Belarus and the West of Russia. These centers work closely with the WOC, and some systems invented by the WOC have even undergone baptism in Ukraine.
According to the author of the text, cyberspecilists in many countries of the Eastern Flanka NATO already speak directly about Molenda doctrinei.e. rapid modernization of cyberbron ability, also in the direction of offensive operations, such as in the case of “Medusa”.
