Cyber Incident Victim: Czech Republic

On October 24, 2023, the websites of the Czech Interior Ministry and Police became inaccessible due to a cyberattack during Tuesday morning hours. Ondřej Krátoška, spokesperson for the Interior Ministry, confirmed the incident involved a distributed denial-of-service (DDoS) attack that overwhelmed networks with excessive traffic volumes. The ministry implemented immediate protective measures, including restricting foreign access to the affected systems, and communicated these actions via its official X (formerly Twitter) account. Service disruptions impacted public access to critical government platforms, though the duration of the outage was not specified in available reports. Concurrently, cybersecurity firm GenDigital attributed the attack to the pro-Russian hacker collective NoName057(16), linking this incident to a broader campaign against Czech institutions.

GenDigital's analysis revealed the same threat actor targeted additional government websites, including those of the Czech national government, Chamber of Deputies, and Senate. The coordinated DDoS attacks aimed to disrupt digital services rather than steal data, aligning with NoName057(16)'s established pattern of politically motivated disruptions. Czech authorities did not disclose technical specifics regarding attack vectors, mitigation tools, or full restoration timelines. No evidence suggested data compromise or secondary attack types beyond the confirmed DDoS incidents. The operational impact remained confined to temporary website unavailability, with no reported effects on internal law enforcement or ministerial operations. Attribution relied exclusively on GenDigital's threat intelligence, as Czech officials did not independently verify the perpetrator's identity in publicly released statements.