Cyber Incident Victim: Slovak Hydro-meteorological Institute
Date:
Jun 2018
Location:
Slovakia
Summary
The Slovak Hydro-meteorological Institute experienced a distributed denial of service (DDoS) attack as part of a broader wave of cyberattacks targeting multiple government-affiliated websites in Slovakia. Hackers from various global locations disrupted services on the institute's platform and the slovensko.sk public administration portal, both operated by the National Network and Electronic Services Agency (NASES) and connected to the Govnet cabinet network. These coordinated attacks overwhelmed online infrastructure, causing operational disruptions across affected systems during the incident period.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 3 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
In early June 2018, the Slovak online infrastructure experienced a series of distributed denial-of-service (DDoS) attacks originating from hackers operating globally. The Slovak National Network and Electronic Services Agency (NASES) publicly confirmed these coordinated attacks on June 12, 2018, noting they targeted multiple critical government-operated websites. Among the primary targets was the Slovak Hydro-meteorological Institute (SHMÚ), a key component of the Govnet cabinet network responsible for national meteorological and hydrological services. Simultaneously, attackers focused on slovensko.sk, the central portal for Slovak public administration services. Both systems fell under NASES’s operational management, indicating a deliberate focus on state digital infrastructure. The attacks occurred over multiple days preceding the June 12 announcement, though the exact start date and initial detection timeline weren’t disclosed. NASES characterized the incident as part of a broader assault affecting numerous Slovak websites beyond government domains, suggesting a widespread disruption campaign. No specific hacker groups or geopolitical motivations were identified in available reporting.
The DDoS attacks disrupted access to SHMÚ’s public-facing website, though the extent of operational interference with meteorological data collection or dissemination remained unspecified. NASES, as the managing entity for both affected systems, led the incident response without detailing specific mitigation measures or technical counteractions taken. No data breaches, ransomware deployment, or system compromises were reported in connection with the DDoS incidents. The agency’s public communication emphasized the attacks’ distributed international origins but provided no attribution to nation-state or criminal actors. Secondary impacts included reduced public access to governmental services through slovensko.sk during attack periods. The incident highlighted vulnerabilities in Slovakia’s centralized government network infrastructure, particularly NASES-operated systems critical to administrative and environmental functions. No long-term consequences or follow-up attacks were documented in the immediate aftermath of the June 12 disclosure.