Cyber Incident Victim: České dráhy

The Railway Administration, a Czech state organization responsible for managing railway traffic, experienced a cyber attack beginning on or around March 19, 2021. Deník N first reported the incident, noting the attack had been ongoing since the prior week. Spokesperson Dušan Gavenda publicly confirmed on March 22 that the organization had been under cyber assault since the preceding Friday, indicating March 19 as the likely start date. The administration immediately initiated defensive measures to counteract the intrusion, though specific technical details about the attack vectors or affected systems were not disclosed. Gavenda emphasized that personnel were exerting maximum effort to mitigate the threat, though the duration of containment activities remained unspecified. No operational disruptions to railway services or compromises to traffic safety were reported during or after the incident.

This event occurred within a broader pattern of cyber attacks targeting Czech governmental entities, as referenced in media reports linking it to prior incidents against state ministries and organizations. The Railway Administration maintained public assurances throughout the incident, stressing the separation between administrative systems and critical operational railway infrastructure. No data breaches, ransomware notes, or threat actor attributions were confirmed in available reporting. The organization did not disclose whether external cybersecurity firms or law enforcement agencies assisted in their response. Post-incident forensic details or long-term operational consequences were not documented in the sourced material, leaving the scope of infrastructure affected undefined beyond the confirmation of attempted compromise.