The International Press Institute (IPI) expresses deep alarm over the recent surge in distributed denial of service (DDoS) attacks targeting media outlets in Hungary, Bosnia, Malta, and Ukraine. Cyber-attacks pose an increasingly serious threat to media freedom, hindering the free flow of information and obstructing the public’s access to independent journalism.

In January, DDoS attacks were renewed against independent media in Hungary, including Media1, Telex, Kecsup, and Forbes Hungary, apparently carried out once again by an unknown attacker who goes by “Hano”.

In Hungary, independent news outlets such as Media1, Kecsup, Telex, HVG, 444.hu, Magyar Hang, and Népszava have been repeatedly targeted in cyberattacks since April 2023. The attacks intensified in May and June of the same year and have impacted more than 40 media websites since. During DDoS attacks in summer 2023, the word “Hano” was repeatedly found in the server logs of the Hungarian media that had been targeted. 

Last September, just days after reporting on these events, IPI was itself targeted in a DDoS attack that took our website offline for three days. The attack was also signed by Hano. A subsequent forensic investigation uncovered the digital infrastructure used to perpetrate the attack on IPI and several Hungarian outlets but was unable to determine who ultimately ordered it.

IPI’s monitoring has since documented further cyberttacks against media outlets across Europe. In Bosnia, news outlet BUKA announced on January 8 that its website had been targeted by a large-scale cyber-attack that lasted into early February. In Ukraine, major online outlets Censor.Net, Zn.ua, Ukrainska Pravda, Dim, and Freedom have faced a wave of similar cyberattacks. Then, on February 6, the website of the Times of Malta came under a serious DDoS attack that rendered it temporarily inaccessible to readers. In addition to being temporarily offline, some of these media were also forced to block server requests from certain countries in an attempt to limit attacks, preventing readers in those countries from accessing information.

“The increase in cyberattacks on news outlets in Europe is cause for serious alarm and demands a strong response from law enforcement authorities as well as the companies whose infrastructure is being used to target and silence independent media,” IPI Deputy Director Scott Griffen said. “DDoS attacks are relatively cheap, easy to execute, and exceptionally difficult to trace – but cause serious harm to media outlets’ operations and the public’s right to information, making them a dangerous new tool to attack press freedom. The attacks on media in Hungary, Bosnia, Malta, and Ukraine are the latest wake-up call that urgent action is needed to protect the digital security of media outlets in Europe and beyond.”

IPI calls on national authorities in Hungary, Bosnia, Malta, and Ukraine, in collaboration with relevant European authorities, to identify the perpetrators and bring them to justice. Addressing the threat from cyberattacks must also be a priority for the European Union in the run-up to the upcoming EU elections in June given the threat these attacks may pose to the flow of information ahead of the vote.

Both sustainable financing and technical support are imperative for media to be able to strengthen their cybersecurity defences, ensuring the uninterrupted operation of independent journalism and safeguarding freedom of speech amidst evolving digital challenges.

IPI stands in solidarity with the affected media outlets and journalists who continue to work under challenging circumstances. We will closely monitor the developments and advocate for the protection of media freedom in the face of evolving cyber threats.

This statement is part of the Media Freedom Rapid Response (MFRR), a Europe-wide mechanism which tracks, monitors and responds to violations of press and media freedom in EU Member States, Candidate Countries, and Ukraine. The project is co-funded by the European Commission.