Cyber Incident Victim: Czech Republic

On January 13, 2023, the campaign websites of Czech presidential candidates Petr Pavel and Tomáš Zima experienced significant disruption due to distributed denial-of-service (DDoS) attacks. Pavel's electoral website became inaccessible to some users starting Friday morning, with his spokesperson Eva Hromádková confirming the site was under heavy attack. The website's operator noted the assault originated from multiple IP addresses across Europe. While service was partially restored, intermittent outages persisted as attacks continued throughout the day. Simultaneously, Zima's campaign team reported similar disruptions, characterizing this incident as more severe than a previous attack they had experienced just two days earlier on January 11. Karel Křivan, a Zima campaign collaborator, stated technicians were working to restore full functionality but provided no estimated resolution timeline.

The attacks specifically targeted website availability through volumetric DDoS techniques designed to overwhelm servers with excessive traffic, preventing legitimate user access. Russian-aligned hacker group NoName057(16) claimed responsibility via their Telegram channel, explicitly linking the attacks to Czech Republic's upcoming presidential elections and criticizing the country's military training of Ukrainian soldiers at the Libavá base. This group, active since March 2022 following Russia's invasion of Ukraine, previously targeted Polish government websites in December 2022 and Danish financial infrastructure. The Czech National Office for Cyber and Information Security (NÚKIB) confirmed multiple election-related DDoS incidents through spokesperson Marek Vala, who acknowledged collaboration with affected parties but declined to disclose technical details or attribution assessments. Both campaigns maintained operational continuity through alternative communication channels despite persistent website instability throughout the election period.