Cyber Incident Victim: Slovak Parliament

On the morning of Wednesday, May 31, 2023, the electronic systems of Slovakia’s capital, Bratislava, were subjected to a massive distributed denial-of-service (DDoS) cyber-attack. This incident coincided with the first day of the GLOBSEC international security conference, a high-profile event held in the city that gathered numerous international leaders and focused on topics including hybrid threats and support for Ukraine against Russian aggression. The attack initially disabled the official website of the Bratislava city hall in the early hours, marking the beginning of a significant disruption to the city's digital services.

An anti-NATO group publicly claimed responsibility for the cyber-attack on the social media platform Twitter early that same morning. Although city hall officials declined to officially name the group in their public statements, the group’s posts used the conference's hashtag, #GLOBSEC, directly linking their actions to the event. Their motivation, as stated in social media posts made earlier in May, was opposition to the policies of the United States and NATO, which they accused of leading society toward a third world war. The group also asserted that it was responsible for similar cyber-attacks targeting the city of Hiroshima, Japan, during the G7 summit that was attended by Ukrainian President Volodymyr Zelenskyy.

Beyond the primary target of the city hall's website, the attack’s scope extended to critical public services, most notably the city's electronic parking systems. The DDoS attack rendered these services inoperable, preventing citizens from accessing and paying for parking throughout the city. This technical failure had an immediate and practical impact on daily operations and public convenience. In direct response to the service outage and the inability for citizens to fulfill their payment obligations, the Bratislava City Hall made a decision to suspend the issuance of parking tickets for the entire day. This administrative action was taken to avoid penalizing residents for a situation beyond their control.

Bratislava Mayor Matus Vallo quickly addressed the public regarding the incident. He confirmed that the attack was a DDoS incident and provided the crucial assurance that no data breach had occurred, indicating that the attack was focused on disrupting availability rather than stealing information. Mayor Vallo outlined the response efforts, stating that city officials were doing everything possible to restore the disabled services as quickly as possible. The city’s response was coordinated and involved communication with national-level security bodies, including the Slovak government’s Computer Security Incident Response Team (CSIRT) and the National Security Bureau. Their internet service provider was also a key partner in the mitigation and restoration efforts.

The timing of the cyber-attack was highly significant, as it was executed during a major international gathering. The GLOBSEC forum featured prominent attendees such as European Commission President Ursula von der Leyen and French President Emmanuel Macron. The conference's agenda, which included discussions on hybrid threats and unwavering support for Ukraine, made it a symbolic target for a group expressing anti-NATO and anti-Western sentiments. The incident served to highlight the vulnerability of public infrastructure to cyber threats that are motivated by geopolitical tensions. The disruption, while ultimately limited to service availability and not a compromise of sensitive data, demonstrated how such attacks can be used to create public inconvenience and draw attention to a political cause during a moment of high international visibility. The city's efforts, in conjunction with national cybersecurity units, were focused on containing the disruption and returning public services to normal operation.