Cyber Incident Victim: Česká televize

On April 28, 2022, the website of Czech television news channel ČT24 experienced a distributed denial-of-service (DDoS) attack beginning approximately at 13:15 local time. The attack involved overwhelming the website with high-volume simultaneous access attempts from multiple computers. ČT24's protective systems initially detected and intercepted the malicious traffic. However, technical outages subsequently occurred in the infrastructure of ČT24's external service provider, prolonging the disruption beyond the immediate attack. Separately, the iROZHLAS.cz news website operated by Czech Radio encountered outages around 19:00, though initial assessments attributed this to network infrastructure issues at their operator rather than a confirmed cyberattack. Both media outlets restored normal operations by approximately 23:00 that evening.

This incident occurred amid a broader pattern of cyberattacks targeting Czech entities over the preceding two weeks. Government websites including the Ministry of Interior, police, fire rescue services, and Czech Railways had suffered DDoS disruptions on April 27 and during the prior week. The Russian hacker group Killnet claimed responsibility for those earlier attacks and explicitly threatened Czech media outlets on April 27, demanding they cease labeling Killnet as pro-Kremlin. The National Office for Cyber and Information Security (NÚKIB) had issued repeated warnings about elevated risks of cyber espionage and attacks linked to geopolitical tensions surrounding Russia's invasion of Ukraine. NÚKIB emphasized the need for organizations to patch known vulnerabilities and maintain vigilance against common attack techniques, noting Czech military support for Ukraine as a potential motivator for retaliatory cyber operations.