Cyber Incident Victim: Neos

On September 29, 2024, during Austria's Nationalratswahl (National Council election), multiple Austrian political parties experienced distributed denial-of-service (DDoS) attacks targeting their websites. This marked the second wave of cyber disruptions within a week, following similar attacks on September 22 that had disrupted the online presence of the ÖVP, SPÖ, and KPÖ parties. The latest incidents specifically affected federal and state-level digital infrastructure belonging to the ÖVP, Neos, and KPÖ. Attackers overwhelmed the targeted websites with traffic, causing significant service interruptions. For Neos, approximately 50% of their webpages became inaccessible during the attack window. The timing coincided with election-day operations, though authorities confirmed the attacks did not compromise the physical voting process or electoral integrity.

The impacted parties publicly acknowledged the disruptions on September 29, though no group claimed responsibility for the attacks. While the article provides no details about technical mitigation efforts or forensic investigations, it establishes that the DDoS incidents exclusively targeted political party websites rather than election management systems. Service degradation constituted the primary operational impact, particularly for Neos, where half of their web assets were rendered unavailable. No data breaches, financial losses, or collateral damage to non-political entities were reported in the available source material. The recurrence of attacks within a seven-day period against overlapping targets (ÖVP, KPÖ) and new victims (Neos) suggests a coordinated focus on disrupting political communication during the electoral period.