More Russian attacks on Czech banks: Hackers call for end of support to Ukraine

Among the affected institutions were Komerční banka, ČSOB, Air Bank, Fio banka, Raiffeisen, Moneta Money Bank, and the Prague Stock Exchange. Staff ČTK

Written by StaffČTK Published on 31.08.2023 11:45:00 (updated on 31.08.2023) Reading time: 2 minutes

Hackers from the Russian hacktivist group NoName057(16) are responsible for the ongoing cyberattacks on Czech banks and the stock exchange, demanding that the institutions stop supporting Ukraine. However, the finances of the banks' clients are not at risk, according to bank representatives. The only complication for the clients was the temporary outage of their banking services.

Banking systems down, but no money taken

Komerční banka, ČSOB, Air Bank, Raiffeisen, Moneta Money Bank and Fio banka experienced problems after the DDoS attack, while the Česká spořitelna bank had its website slowed down. Most banks managed to restore services during this morning already and the ČSOB after 3 p.m., the banks and the Czech Banking Association said in their statements.

The DDoS attacks on some Czech banks affected the availability of their systems, the National Cyber Security Office (NUKIB) said.

Hackers also attacked the website of the Prague Stock Exchange, which remained unavailable until the early evening hours.

"These are DDoS attacks that affect the availability of some of the systems of these institutions. We are cooperating with the attacked entities and providing them with the maximum possible cooperation in resolving the situation," NUKIB spokeswoman Eva Rajlichová announced.

"Russian hacking groups regularly attack the countries and organizations around the world that they suppose are somehow supporting Ukraine. This is a massive campaign to spread fear and disinformation. A few days ago, for example, the group organized attacks in Poland, where it managed to bring down the websites of the Warsaw Stock Exchange and several banks," Miloslav Lujka of Check Point said.

"In this case, the NoName057 (16) group is politically motivated and demands that institutions stop supporting Ukraine. There is no need to worry about money in this type of attacks, and no reason for panic,” said PwC cybersecurity expert Marek Nejedlý.

Targeted Russian attacks

NoName057(16) communicates primarily through Telegram, where it has its main Russian-language channel with more than 20,000 members as well as an English-language channel, and in addition offers volunteers participation in DDosia Projects, in which they can join planned attacks. "The most active ones even receive financial rewards of up to CZK 25,000," Lujka said.

Banking firm Citadelo CEO Tomáš Zaťko says it is unusual that the attack is synchronized across five domestic banks, so it could be a cover for completely different and more sophisticated attacks, as the banks' IT departments are busy with DDoS campaigns.

"According to our information, this is the result of an organized cyber attack from abroad, which is targeting the Czech banking sector and has hit several domestic banks," Fio Banka spokesman Jakub Heřmánek said, adding that the bank systems were running again before noon.

Would you like us to write about your business? Find out more