On June 23, 2021, the Národní úřad pro kybernetickou bezpečnost (National Cyber and Information Security Agency, or NÚKIB) announced that the number of cyber incidents in the Czech Republic was above average in May. According to NÚKIB, the agency recorded 19 cyber incidents in May, all considered less significant as they had no serious consequences. However, the agency warned that the Czech Republic is facing growing cyber threats and that organizations should take steps to protect themselves.
Most of the cyber incidents recorded in May were related to disruptions in service availability, with NÚKIB classifying 11 of the incidents as such. Two incidents involved distributed denial of service (DDoS) attacks, which mainly targeted state administration institutions. DDoS attacks have become one of the most frequently used types of cyber attacks in the ongoing cyberwar parallel to the conflict in Ukraine.
NÚKIB also warned of the growing threat of ransomware attacks in the country. Ransomware attacks can cause significant damage to infected machines by encrypting all data stored on the hard drive. Attackers then demand a ransom to restore access to the data, which can amount to several thousand Czech korunas. However, even if the ransom is paid, the attackers may not release the data, and in most cases, it is impossible to recover unbacked-up data.
In one of the incidents recorded in May, NÚKIB identified a relatively new trend in the behavior of ransomware attackers, where they did not encrypt the victim’s data but instead threatened to publish it. This is known as an “extortion-only” approach and changes the way organizations should prepare for ransomware attacks.
The number of cyber incidents recorded by NÚKIB this year has been fluctuating. The agency recorded above-average 21 incidents in January, while February saw an average of 13 incidents. March was a record-breaking month, with the agency recording 28 incidents, while April returned to the standard with 14 recorded incidents.
Clearly, the Czech Republic is facing a growing number of cyber threats, and organizations need to take steps to protect themselves. This includes implementing cybersecurity measures such as firewalls, antivirus software, and intrusion detection systems and educating employees on how to recognize and avoid cyber threats. Failure to take adequate measures could significantly damage the organization’s reputation, loss of data, and financial losses.
The NÚKIB’s warning of the above-average number of cyber incidents in the Czech Republic highlights the growing threat of cyber attacks in the country. Organizations must protect themselves from these threats by implementing cybersecurity measures and educating their employees. Failure to take adequate measures could significantly damage the organization’s reputation, loss of data, and financial losses. Cybersecurity is a critical issue that needs to be addressed by all organizations in the Czech Republic.