Home > Strategic Analysis > Cyber panic on the Czech Republic

Cyber panic on the Czech Republic

Published : 7 March 2013
824 words in that article

For four days now, the Czech Republic is facing cyber-attacks from unknown aggressors. The police and the Czech National Security Authority (NBÚ) are investigating but no concrete result is going out for the time being.

The attacks are well targeted…

Unlike the situation in Estonia, who faced in 2007 massive cyber-attacks against the country infrastructures, the aggressors of the Czech Republic are targeting their offensive by choosing every day a particular domain:

  • News servers on Monday 4th March,
  • Web portal “Seznam.cz” on Tuesday 5th,
  • Banks –including the Czech National Bank – on Wednesday 6th,
  • Telephone operators (T-Mobile, O2) and Prague public transportation (DPP) on Thursday 7th March.

And most likely the attacks should continue on Friday 8th march and possibly during the weekend too. There are many potential targets – in the domain of Energy of example (ČEZ) – however the imminence of the new Czech President’s oath on 8th March would make an attack on the governmental servers more credible in order to get the biggest media coverage.

But the motivations are quite vague

IT terrorists, anarchist hackers or just IT criminals looking for an immediate profit, it is quite difficult to identify the motivations of the aggressors behind the last attacks against the Czech Republic. Effectively, the domains under attack are so different that every analysis can appear as valid.

However, what is known about those aggressions is that they are of “Distributed Denial of Service” type (DDoS) which saturate the attacked servers in such way that normal people no longer have access to the webpages. IT experts think that one thousand - up dozens thousand - zombie computers were needed to perform the above-mentioned attacks.

Knowing that one can hire the biggest “Botnets” – zombie computer networks consisting of up to several million computers – on specialized websites, the attack against the Czech Republic is quite small and could exclude the theory of a “State” aggression.

Moreover, if the attacks are quite unpleasant – in particular those against banks which prohibited e-payments – they don’t do permanent damage and consequently could lead to an aggressor looking for publicity coup.

This could be confirmed by the timing chosen for launching the attack: the same week during which the ending Czech President Vaclav Klaus will hand over his office to his successor Miloš Zeman. And the selection of targets – particularly the most favorite Czech web portal “Seznam.cz”- shows that the aggressor knows quite well the local situation and the targets to strike in order to get the biggest media coverage.

The weakness of the governmental answer

What is quite striking in reality is the apparent apathy of the public authorities or at least their incapacity to actively react to the attacks which are lasting for four days now.

The cybernetic threat is well-identified by the local authorities though as one of the major threats of the beginning of the 21st Century. Documents related with the defense of the country – Security Strategy, Defense Strategy, and White Paper on Defense etc. – are all putting forward this modern danger. The Czech government even approved precisely three years ago (15th March 2010) a “Strategy for the domain of Cyber-Security” which supposedly had to build the tools aimed at the protection of the country.

Obviously some work has been done during those three years under the coordination of the Czech NBÚ. A national Computer Emergency Response Team (CERT) is operational since 1st January 2011. A governmental CERT has been created on 19th October 2011 together with a National Center for Cyber-Security situated in Brno and belonging to the NBÚ. This Center should be fully operational in 2015. The country has now 6 CERT or CSIRT (Computer Security Incident Response Team) which task is to identify cyber-attacks and help the national organs to counter those threats. Unfortunately, we can only notice that every new day is carrying a new set of attacks.

The Prime minister Petr Nečas declared that he has a clear conscience in this context because he gave enough financial means (240 million crowns (10 M€) for the period 2012-2015) to the cyber defense domain. However the situation on the ground looks a little bit different. According to people from the National Center for Cyber-Security, they have trouble to hire IT experts because the offered salaries (27 000 CZK (a little bit more than 1 000 €)) are too small to attract people from the private sector.

But those attacks will have at least one advantage: they will put this problem on the front page of the newspapers and that should oblige the local authorities to react and motivate the companies to invest in a better protection – domain that they apparently underestimated.

The question is if, when the media pressure will fade away, the routine and the chronic lack of money in this period of economic crisis will not put the Cyber-Security on the 235th position on the governmental priorities list… until the next attack!!!