Cyber Incident Victim: Czech Republic
Date:
Jul 2024
Location:
Czechia
Summary
A cyberattack involving a massive DDoS incident disrupted a tax portal in Prague, rendering it inaccessible by overwhelming the system with traffic. The disruption prompted authorities to extend the electronic tax filing deadline for self-employed individuals, who face daily financial penalties for late submissions. The attack aligns with a broader rise in such incidents, which security agencies have frequently linked to Russian-originating activities amid geopolitical tensions. Service functionality was impaired during the attack, though specific restoration timelines were not detailed.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On July 1, 2024, the Financial Administration of the Czech Republic reported a disruptive cyber incident targeting the national Tax Portal (Daňový portál) in Prague. Attackers executed a massive Distributed Denial of Service (DDoS) attack, overwhelming the portal’s infrastructure with excessive traffic that rendered it inaccessible to users. This incident occurred during a critical period for tax filings, as self-employed individuals faced mandatory electronic submission deadlines under regulations implemented the previous year. The Financial Administration confirmed the attack’s technical nature, classifying it as a deliberate attempt to disrupt public services through volumetric traffic flooding. DDoS attacks were noted as a prevalent form of cyber aggression in the region, with security agencies observing increased frequency coinciding with geopolitical tensions following Russia’s invasion of Ukraine. While authorities highlighted Russia as a common origin point for many such attacks, no explicit attribution was provided for this specific incident. The attack temporarily paralyzed the portal’s functionality, preventing taxpayers and advisors from submitting required documentation electronically.
The disruption prompted immediate administrative adjustments, with the Financial Administration extending the electronic tax filing deadline from May 2, 2024, to July 9, 2024—a seven-day extension directly attributed to the cyber incident’s operational impact. This extension applied specifically to filings submitted through tax advisors via the compromised portal. Self-employed individuals faced potential financial penalties of 0.05% of assessed tax per day for late submissions, underscoring the urgency of restoring access. No technical remediation measures or forensic findings were disclosed beyond the acknowledgment of DDoS as the attack vector. The incident highlighted systemic vulnerabilities in critical national revenue infrastructure during peak operational periods, though authorities did not report data breaches or permanent system damage beyond temporary service degradation. Service restoration timelines remained unspecified in available reporting.