Cyber Incident Victim: Czech Republic
Date:
Jul 2024
Location:
Czechia
Summary
A cyberattack targeting the Czech Republic's tax portal involved a disruptive DDoS attack, overwhelming the system with excessive traffic and rendering it inaccessible. The incident occurred amid heightened cybersecurity concerns linked to geopolitical tensions, with authorities noting a general rise in such attacks originating from Russia. This disruption necessitated an extension of the electronic tax filing deadline to accommodate affected users, particularly self-employed individuals mandated to file digitally. Failure to meet the revised deadline risks financial penalties based on a percentage of assessed taxes per day of delay. The Financial Administration confirmed the attack's nature but did not disclose attribution specifics.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On July 1, 2024, the Czech Financial Administration reported a disruptive cyberattack targeting the national Tax Portal (Daňový portál), rendering the service inaccessible to users. Attackers executed a distributed denial-of-service (DDoS) attack, overwhelming the system with excessive traffic to disrupt legitimate access. This incident occurred during the critical tax filing period, directly impacting taxpayers' ability to submit income tax declarations electronically. The Financial Administration confirmed the attack methodology but did not disclose technical specifics regarding attack volume, duration, or infrastructure vulnerabilities exploited. The article contextualizes the incident within a broader trend of escalating DDoS attacks across Europe, particularly noting increased activity linked to geopolitical tensions following Russia’s invasion of Ukraine. While security agencies reportedly attribute many such attacks to Russian origins, the article does not specify attribution for this particular incident.
The DDoS attack necessitated an operational response extending the electronic tax filing deadline for submissions facilitated through tax advisors. The original May 2 deadline was postponed to July 9, 2024, providing affected taxpayers a seven-week extension. This adjustment specifically applied to electronically filed declarations submitted via tax professionals, though the article does not clarify impacts on other submission methods. Mandatory electronic filing for self-employed individuals (živnostníci), implemented the prior year, remained enforceable despite the disruption. Financial penalties for late submissions persisted at 0.05% of assessed tax per day of delay, creating potential financial pressure on filers unable to meet deadlines due to the outage. The Financial Administration’s public acknowledgment served as its primary documented response, with no disclosed details regarding technical mitigation measures, attacker attribution investigations, or long-term security enhancements.