[TheRecord] CERT-PL employees rally around politically-dismissed chief

The Polish government has fired the head of CERT-PL, the country’s official computer emergency response team, in what the organization’s employees have described as a dismissal based on the manager’s personal political views.

Przemysław “Prezmek” Jaroszewski, who has been the head of CERT-PL since July 2016, was dismissed last week after he was summoned to a meeting with Janusz Cieszyński, the Secretary of State for Digital Affairs in the Prime Minister’s office.

Cieszyński told Jaroszewski that higher-ups became aware of the CERT-PL’s head criticism of the Polish government on his personal Facebook account, according to sources in the Prime Minister’s office and the Ministry of Interior and Administration, who spoke with Polish TV station TVN24.

The firing angered many of Poland’s top cyber-security experts, primarily because it was the first time that politics touched a previously apolitical institution, where skills and knowledge were believed to be the primary and only factors for holding a job.

Image: Przemysław Jaroszewski (via LinkedIn)

Zaufana Trzecia Strona, a Polish blog dedicated to cybersecurity news, also pointed out that the firing also broke several protocols, as CERT-PL is a division of the Polish National Research Institute (NASK), and the Prime Minister’s cabinet had taken extraordinary steps to bypass normal procedures to dismiss the CERT-PL head.

The move also didn’t sit well with CERT-PL employees. On Monday, 32 of the organization’s 40 employees published an open letter to government officials on the organization’s website.

In the letter, employees show their support for their former manager and ask government officials to reconsider and think about the security of Polish internet users, many of which had been protected by projects set up during Jaroszewski’s tenure.

“As employees of CERT Poland, we express our full confidence in Przemysław Jaroszewski,” CERT-PL employees said.

“Working in this team for over 20 years and being its manager for the last 5 years, he had a key contribution to its development and the construction of the national cybersecurity system and our role in it.”

Support for the dismissed CERT-PL manager outpoured from the Polish cyber-security community over the course of the week.

“Przemek is one of the most important people when it comes to coordinating activities related to cybersecurity in Poland,” said Polish tech news site Niebezpiecznik.

The former head had allegedly played a crucial role in CERT-PL becoming one of the most active and well-respected CERT teams across Europe.

Although national CERT teams don’t have the visibility and resources of professional cyber-security firms, in recent years, CERT-PL had authored many insightful reports on malware strains and open-sourced several cyber-security projects, such as n6mqueryMalduckDRAKVUF, and many more.

The organization was also described as “a forge of cyber staff” for the private sector.

Jaroszewski could not be reached for comment.

The post CERT-PL employees rally around politically-dismissed chief appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[TheRecord] Cyberspace Solarium update finds much work to be done

The U.S. government “has a lot of work ahead” of it to implement key recommendations designed to boost the country’s digital defenses, a congressionally-chartered panel warned on Thursday. The Cyberspace Solarium Commission issued an “implementation” review evaluating the successes in completing the 82 recommendations proposed in the panel’s original report, which was published in March […]

Read More

[TheRecord] Suspected Iranian hacker looks to steal Gmail, Instagram credentials

An Iranian threat actor discovered earlier this year is responsible for attacks against U.S. targets designed to hoover up Gmail and Instagram credentials, according to research released Wednesday by security firm SafeBreach. While the actor was originally exposed in September, further analysis by the company found phishing attacks that stretched back to July. Almost half […]

Read More

[ThreatPost] How to Defend Against Mobile App Impersonation

All posts, ThreatPost

Despite tight security measures by Google/Apple, cybercriminals still find ways to bypass fake app checks to plant malware on mobile devices. Dave Stewart, CEO of Approov, discusses technical approaches to defense against this. Source: Read More (Threatpost)

Read More