The Czech National Cyber and Information Security Agency (NUKIB) recorded 262 cyber attacks last year, which is the record for a single year, and almost double the figure from 2022 when 146 attacks were recorded, according to data published today on the NUKIB website.
The increase is mainly due to repeated waves of DDoS attacks led by pro-Russian hacking groups.
“In addition, we classified two of last year’s incidents as very significant – that is, we place them in the highest category in terms of severity. One of them involved a major strategic state institution and the other an unregulated entity in the defence sector,” said NUKIB director Lukas Kintr.
The record number is mainly due to distributed denial of service (DDoS) attacks, in which computers controlled by hackers overwhelm a server with a large number of queries, thus taking it out of service. This is one of the most commonly used methods in the cyber warfare element of the conflict in Ukraine, which was invaded by the Russian military in February 2022.
However, NUKIB has also seen several novelties among recent cyber incidents. For example, attackers operated with a large number of accounts created using bots, which managed to undermine the credibility of the official accounts of the entities affected, rendering them inoperable, especially in relation to email delivery.
The rapid advances in generative artificial intelligence (AI) and large language model (LLM)-based chatbots also impacted cyberspace last year, according to NUKIB, and this trend can be expected to continue this year. “From a cybersecurity perspective, we can expect attacks to become increasingly sophisticated,” said Kintr. “Especially with the development of artificial intelligence and the increasing use of chatbots based on large language models, it is likely that attackers will have better options when preparing cyber attacks.”
NUKIB was created in 2017, when it separated from the National Security Bureau. It currently employs approximately 350 people. The office is responsible for the Czech Republic’s cyber security, including the protection of classified information in the field of information and communication systems and cryptographic protection.
In addition to setting the conditions for the mandatory entities covered by the law on cyber security, it also educates the public in the field of cyber security and cooperates in the development of legislation within the European Union.