Why It Matters
A spy within Poland’s defence planning unit threatens the integrity of national security strategies and signals escalating hybrid threats across the region.
Key Takeaways
- •Middle-level defence planner arrested for alleged Russian/Belarusian espionage.
- •Spy accessed Poland’s National Security Strategy and defence planning documents.
- •Counter‑intelligence detained suspect after months of surveillance, three‑month custody.
- •Incident highlights growing hybrid threats using disposable agents in Poland.
- •Civil servant travel to Belarus exposes internal security gaps.
Pulse Analysis
The arrest of a civil servant from Poland’s Ministry of National Defence marks a rare breach of a core security institution. While traditional espionage often relies on diplomatic cover, recent Russian and Belarusian tactics have shifted toward ‘proxy’ operatives—individuals with limited intelligence training who exploit civilian positions for access to sensitive data. By infiltrating the Department of Strategy and Defence Planning, the suspect potentially compromised documents such as the National Security Strategy and Defence Response Plan, giving adversaries insight into Poland’s military posture and contingency planning.
Poland’s response highlights gaps in internal security protocols, particularly around travel disclosures and vetting of mid‑level personnel. The suspect’s recent holiday in Belarus, a nation with close ties to Moscow, raises questions about the adequacy of monitoring mechanisms for civil servants with access to classified material. Strengthening background checks, implementing mandatory travel reporting, and expanding continuous evaluation programs are essential steps to mitigate insider threats. The case also revives memories of earlier espionage incidents, suggesting a pattern that demands a more robust, layered counter‑intelligence framework.
Regionally, the incident reverberates through NATO and EU security circles, where member states are increasingly wary of hybrid warfare that blends cyber, informational, and human intelligence operations. Poland’s experience serves as a cautionary tale for allies, emphasizing the need for shared best practices on personnel security and rapid information exchange on suspected foreign influence. As hybrid threats evolve, integrating civilian and military intelligence resources will be critical to preserving the integrity of collective defence structures.
Spy in the Polish Ministry of Defence
Amelia Wojciechowska · 5 February 2026, 09:32 (≈ 3 min read)
On February 3, a long‑serving employee of Poland’s Ministry of National Defence was detained at the ministry’s headquarters. Władysław P. is suspected of cooperating with Russian or Belarusian intelligence services – this information has not yet been confirmed by the prosecutor’s office or by the spokesperson for the Minister‑Coordinator of Special Services, Jacek Dobrzyński.
![ministerstwo obrony narodowej]
Photo: Lukas Plewnia/Wikimedia Commons/CC 2.0 – modified by CyberDefence24.pl
The suspect was a middle‑level employee of the Department of Strategy and Defence Planning, the unit responsible for drafting key national security documents such as the National Security Strategy, the Political‑Strategic Defence Directive, and the Defence Response Plan of the Republic of Poland.
Polish counter‑intelligence services had been surveilling the civil servant for several months. Investigators gathered evidence suggesting involvement in espionage activities. The case is being handled by the Military Counter‑Intelligence Service (SKW), which cooperated with the Military Department of the National Prosecutor’s Office and the Military Police during the arrest. The suspect is now being questioned by the eighth military department of the District Prosecutor’s Office in Warsaw.
He was charged under Article 130(2) of the Criminal Code, which concerns espionage for a foreign intelligence service. Prosecutors have also requested that the suspect be held in custody for three months. Most details of the investigation remain classified. The offence carries a penalty of eight years to life imprisonment.
The court ordered a three‑month pre‑trial detention for the Ministry of National Defence employee suspected of cooperating with foreign intelligence services. He was detained on February 3 on the order of the prosecutor’s office following actions and findings by the Military Counter‑Intelligence Service.
While the discovery of a spy in such a crucial ministry is unprecedented, it is not entirely without precedent. For example, Tomasz L. from the Registry Office (Urząd Stanu Cywilnego) collaborated with Russian intelligence services from around 2017 to 2022, using his access to official documents.
It was also reported that the suspect spent his recent holiday in Belarus, raising additional security concerns, especially since civilian employees of the Ministry of Defence are not required to notify the ministry of their travel destinations in advance.
The presence of an alleged spy within a ministry critical to national security underscores the need for robust counter‑intelligence capabilities in Poland. These efforts should encompass not only senior officials but also civil servants at all levels, including management personnel and decision‑makers with access to information sensitive to state security.
In recent times Russia has shifted its modus operandi in Poland toward hybrid attacks. This shift involves reducing the use of professional intelligence officers—often operating under diplomatic cover—in favour of “proxy” or “disposable” agents. These individuals frequently have criminal backgrounds and are primarily motivated by financial gain, even when the compensation offered is relatively modest.
0
Comments
Want to join the conversation?
Loading comments...