The Directorate of Roads and Motorways of the Czech Republic yesterday announced a breach of personal data security, as on 17 May 2022 it became the target of a successful ransomware attack. “As a result of the attack, the disks of some servers in the infrastructure were encrypted and the data stored on these servers was made inaccessible. According to the current findings of forensic experts, a precisely unspecified number of files were also transferred outside the internal network of the Directorate of Roads and Motorways of the Czech Republic,“States ŘSD.
It is not clear at this time who is behind the attack or what data he obtained. According to ŘSD, however, the files could contain documents on the purchase and exchange of real estate or information on former employees. However, the RSD also lost access to all accounting, among other things. Experts are now working to restore data from backups. However, the question is whether they were all backed up or how old the backups are.
The head of the ŘSD, Radek Mátl, told Hospodářské noviny that road workers are considering whether or not to pay the ransom. The attackers demand an amount in the order of tens of millions of crowns in bitcoins. However, if the organization has complete backups, it does not have to negotiate payment for keys at all, which would unlock the encrypted data.
In addition, HN speculates that ŘSD is also under time pressure. Without functional accounting, it cannot issue public contracts or pay invoices, which can lead to contractual penalties higher than the attackers want. According to ŘSD, technicians have so far restored access to only ten of the seventy programs used.
The May cyber attack was ruled out by the home website rsd.cz and dopravniinfo.cz. The first is already running, but the second page, which provides information on traffic flow and closures, is still unavailable.