Cyber Incident Victim: Slovenská agentúra životného prostredia
Date:
Oct 2023
Location:
Slovakia
Summary
A distributed denial-of-service (DDoS) attack disrupted the Slovak Environmental Agency's online registration system for its home renovation subsidy program during the fourth application window, overwhelming the platform with millions of connection requests and causing temporary inaccessibility. Despite rapid mitigation restoring functionality within minutes, the attack prevented numerous applicants from submitting forms during the critical initial period, as the 10,000 available slots were filled within 70 minutes due to overwhelming demand. The incident caused significant public frustration among unsuccessful applicants, though the agency confirmed all allocated subsidies were secured and emphasized future application opportunities while investigating the attack. Service disruption constituted the primary operational impact, with no reported data compromise or financial losses beyond the temporary system unavailability.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On October 9, 2023, the Slovak Environmental Agency (SAŽP) launched the fourth application window for its "Obnov dom" home renovation subsidy program at 9:00 AM local time. The program offered €19,000 per successful applicant through a €190 million allocation under Slovakia's Recovery Plan, targeting energy efficiency improvements for residential properties. Within moments of opening registration via obnovdom.sk, the system experienced catastrophic disruptions attributed to a distributed denial-of-service (DDoS) attack. SAŽP representatives confirmed detecting millions of malicious connection requests from diverse IP addresses immediately prior to the launch window, overwhelming server capacity and rendering the website inaccessible. This prevented legitimate applicants from generating or submitting required online forms during the critical initial period. Technical staff resolved the disruption within several minutes, restoring partial functionality, though system instability persisted throughout the application window.
The cyberattack significantly impacted public access to the subsidy program, with SAŽP closing applications at 10:10 AM—just 70 minutes after launch—upon reaching the 10,000-application cap. Agency officials acknowledged unprecedented demand, noting over 20,000 cumulative applicants across all program phases competing for 25,000 total available slots nationwide. Public frustration escalated on social media platforms as users reported technical failures and criticized the agency's infrastructure resilience, with some comparing the experience to competitive online gaming due to the time-sensitive registration process. SAŽP initiated an internal investigation into the attack while maintaining that successfully generated applications remained valid if supplemented with physical documentation—including energy certificates and renovation plans—within 90 days. The agency announced plans for smaller-scale application windows in 2024 but confirmed no immediate capacity expansions or procedural changes for the compromised fourth round. No threat actor claimed responsibility, and SAŽP did not disclose forensic details regarding attack origins or mitigation strategies beyond acknowledging the DDoS vector.