Cyber Incident Victim: Slovakia
Date:
May 2023
Location:
Slovakia
Summary
A massive DDoS cyber-attack targeted Slovakia's capital during an international security conference, disrupting municipal electronic systems and parking services. The attack disabled the city hall’s website and forced authorities to suspend parking ticket issuance as payment systems became inaccessible. An anti-NATO group claimed responsibility, citing opposition to Western military alliances and linking the incident to prior attacks on Hiroshima during the G7 summit. While no data breach occurred, city officials coordinated with national cybersecurity units and internet providers to restore services. The group explicitly connected its actions to the conference, which featured high-profile attendees discussing hybrid threats and support for Ukraine.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On May 31, 2023, Bratislava experienced a disruptive cyber incident coinciding with the GLOBSEC international security conference. A massive distributed denial-of-service (DDoS) attack targeted the Slovak capital’s electronic systems in the early morning hours, disabling the city hall’s primary website. The attack occurred while the conference—attended by high-profile figures including European Commission President Ursula von der Leyen and French President Emmanuel Macron—was discussing security topics such as hybrid threats and support for Ukraine against Russian aggression. An unidentified anti-NATO group claimed responsibility for the attack via Twitter, using the conference’s #GLOBSEC hashtag and explicitly linking their actions to the event. The group’s social media post stated their motivation as opposition to perceived NATO and US actions that might lead toward World War III, echoing similar claims made in May regarding their alleged involvement in cyberattacks targeting Hiroshima during the G7 summit attended by Ukrainian President Zelenskyy. Bratislava Mayor Matus Vallo confirmed the cyber assault but emphasized no data breaches occurred during the incident.
The attack’s immediate operational impact disabled Bratislava’s digital parking services, preventing residents from paying for parking and prompting city authorities to suspend parking ticket enforcement for the duration of the disruption. Municipal response efforts involved coordinated actions between city officials, Slovakia’s National Security Bureau, the government’s Computer Security Incident Response Team (CSIRT), and the city’s internet service provider to restore services. Mayor Vallo publicly assured citizens that recovery operations were prioritized while maintaining communication about system status. The attackers’ public statements attempted to establish ideological continuity between the Bratislava incident and previous operations against international security gatherings, though Slovak authorities refrained from officially naming the responsible group or verifying its broader claims. Service restoration timelines were not disclosed in available reporting, with municipal focus remaining on infrastructure recovery and maintaining essential operations during the security conference.