Russian hackers target Czech websites in a series of cyberattacks

According to the National Office for Cyber and Information Security, hackers have attacked some Czech websites, including České dráhy (Czech railways), some regional airports, and the civil service server operated by the Interior Ministry. 

Russian hackers attacked the Internet systems of the Czech state and private institutions, but no information and no private data of citizens have been leaked, Interior Minister Vít Rakušan said at a press conference after a cabinet meeting today.

"The attack was aimed against the Czech Republic, its state and private institutions," he said.

The Czech police organized crime squad (NCOZ) has been dealing with the DDoS attacks in cooperation with the National Agency for Cyber and Information Security (NÚKIB), the police said on Twitter.

"It has been detected in this case that it was an attack of Russian hackers against Czech systems," Rakušan said.

He said it is necessary to be prepared since Russia does not consider Czechia a friendly country in the current geopolitical situation.

NUKIB announced tonight that its website was attacked as well. Due to the DDoS attack, it may happen that the website will not be accessible from abroad, it said on Twitter. Around 22:00 CEST the website was accessible from Czechia without any problem.

No severe impact has been caused so far, tweeted the National Office for Cyber and Information security (NÚKIB) today. 

NÚKIB said the so-called DDoS attacks were deployed against the Czech websites. This type of cyberattack aims to disrupt the normal traffic of a targeted server by overwhelming the target with flooded requests from unknown IP addresses. 

Czech Railways has been tackling an outage on the Můj vlak (My train) mobile application since Tuesday, railway spokesman Lukáš Kubát said on Wednesday morning. Buying tickets online did not work, there were also problems finding connections.

Smaller Czech airports also came under attack. The Karlovy Vary airport registered a DDoS attack on Wednesday night. The airport's website is still accessible from the Czech Republic. 

"By no means do the attacks affect the safety of transport," said the CEO of Karlovy Vary Airport Alice Undus.

The Karlovy Vary Airport does not operate any regular airline, and the number of visitors to its web is therefore low. "We are monitoring the situation, but I think this will gradually subside," she said.

The international airport in Pardubice recorded a hacker attack on Wednesday. 

"It caused us a failure of the entire web system, our website does not work," said airport spokeswoman Mária Ministrová. The operation of the airport should not be affected by the attack, but Pardubice Airport will have everything checked by the company that provides the computer system.

"We are currently finding out what is happening, so I am not yet able to provide any relevant information," said Kateřina Pustějovská on behalf of Ostrava Airport. According to her, everything else works without problems.

In addition, a public administration portal was not available around 9 a.m. Wednesday. 

"Since Tuesday evening, the website of the Public Administration Portal has been the target of a cyber attack. For this reason, we have shut down the website and its security is currently being strengthened," said Adam Rőzler, a spokesman for the Ministry of the Interior. He noted that users' data was safe. 

"All systems that contain any data on citizens of the Czech Republic stood up to the attack. I can assure everybody that no information and private data of the citizens got into the hands of anybody who should not handle them," Rakušan said.

From the point of the ministry, the attack was a failure, he said.

Killnet named about ten attacked websites including the O2 mobile network operator and the Komerční banka, which, nevertheless, registers no such attack. O2 registered increased traffic on its servers, but the Internet services of O2 and its customers are adequately secured, said Blanka Vokounová from the O2 press section.

In its statement on Twitter, the NÚKIB mentioned its previous warning of an increased risk of cyber attacks in connection with Russia's continuing military aggression against Ukraine.

"The information we have leads to a reasonable fear of a real threat of cyber espionage and cyber attacks on important targets in the Czech Republic, especially strategic public administration institutions, elements of critical information infrastructure, basic services information systems, and the media," stated an NÚKIB press release. 

The Russian military attack on Ukraine started on February 24. On Tuesday, the NÚKIB released the monthly statistics of cyber attacks for March, of which there were 14 in Czechia, which corresponds to the average in the past 12 months. In March, it registered no incident evidently linked to the war in Ukraine.