Cyber Incident Victim: Czech Republic

On January 13, 2023, the websites of Czech presidential candidates Petr Pavel and Tomáš Zima experienced significant distributed denial-of-service (DDoS) attacks. Pavel's campaign spokesperson Eva Hromádková confirmed the attack began in the early morning hours, causing intermittent accessibility issues for users attempting to access the general's election website. The attack originated from multiple IP addresses distributed across Europe, overwhelming the site with traffic in an attempt to render it inoperable. Simultaneously, Tomáš Zima's campaign team reported similar disruptions, noting this incident represented an escalation from a smaller-scale attack they had experienced two days prior on January 11. Both campaigns worked urgently to restore full functionality, with Pavel's site remaining partially accessible despite ongoing attacks while Zima's team focused on complete restoration.

The Russian-aligned hacker group NoName057(16) claimed responsibility for the attacks through a Telegram statement, explicitly linking their actions to Czech military support for Ukraine and the upcoming presidential elections. The group referenced Ukraine-related military training activities at the Libavá military base in the Czech Republic as motivation. Established in March 2022 following Russia's invasion of Ukraine, NoName057(16) has previously targeted European government infrastructure including Polish government websites and Danish financial institutions. The Czech National Cyber and Information Security Agency (NÚKIB), represented by spokesman Marek Vala, confirmed monitoring multiple election-related DDoS attacks but declined to disclose technical specifics or mitigation details. The sustained attacks aimed to disrupt democratic processes by limiting public access to candidate information during the critical pre-election period, though both campaigns maintained partial functionality through ongoing countermeasures.