Pro-Russia group behind today’s mass cyberattack against Czech institutions

Pro-Russian hacking group NoName057 was behind the cyberattacks that struck multiple government websites in the Czech Republic today, according to cybersecurity firm GenDigital, which is co-headquartered in Prague.

The attacks disrupted access to the websites of the Interior Ministry, police force, Prague Airport, and the lower and upper houses of parliament this morning. As reported by GenDigital, the group has also previously targeted websites in Ukraine during the ongoing conflict.

NoName057 launched the attacks this morning, taking the Interior Ministry and police websites offline for approximately two hours. The targeted sites began to regain functionality around 2 p.m., though the government portal remained inaccessible. The Czech government confirmed this afternoon that no serious data breaches or thefts of personal information were carried out.

Interior Minister Vít Rakušan stated that Russian state-sponsored hacking was the main line of investigation. Avast researcher Martin Chlumecký attributed the cyber assaults to Czechia’s support for Ukraine at the Crimea Platform summit in Prague taking place today.

“DDosia [the platform used to send cyberattacks] is the work of the pro-Russian group NoName057, which has been targeting the countries supporting Ukraine since the beginning of the war,” said Chlumecký.

Fortunately, there was no impact on operations at the Prague Airport during its brief period of inaccessibility. Still, the coordinated strikes represent escalated retaliation over the Czech Republic’s vocal backing of Kyiv since February last year.

The hackers typically deploy distributed denial-of-service (DDoS) attacks, whereby computers controlled by hackers overwhelm the attacked server with a large number of requests, thus putting it out of service.

In August 2023, the Russian group attacked major banking institutions in Czechia, including Komerční Bank, ČSOB, Air Bank, Raiffeisen, Moneta Money Bank, and Fio Bank. In April, a different Russian hacking group attacked the web servers of the City of Prague, which affected its websites. Russian hackers have also targeted Czech Television. 

A report earlier this year from the National Organized Crime Center found that cyber-based crimes in Czechia surged by nearly 100 percent year on year in 2022, with 18,554 cases reported. Unauthorized access to computer systems and the compromise of email accounts, social networking sites, and online banking credentials were cited as the most common cybercrime tactics.