DDoS Attack Targets Poland's UEFA Euro Opening Match

The stream was briefly knocked offline, preventing millions of fans from accessing the game. Poland's head of digital services says "all leads lead to the Russian Federation."

Official ball of the UEFA Euro 2024 and the European Cup on the background of the flag of Poland.
Source: Fifg via Alamy Stock Photo

The UEFA Euro 2024 soccer championship tournament kicked off last weekend, but fans of European national teams aren't the only ones paying attention. Cyberattackers took aim at Polish public television, TVP, disrupting its online broadcast of Poland's Group D opening match against the Netherlands.

The broadcaster determined that the attack was a distributed denial-of-service (DDoS) effort that was timed for the start of the match.

"At about 3 p.m., Polish Television recorded a DDoS attack carried out from IP addresses located in Poland," TVP said in a statement on social platform X (via Google Translate). "After less than a minute, we took action in collaboration with national operators, which led to a mitigation of the attack. The IT teams have restored the service."

An Accidental Crash, or Russian Harrying?

Bartłomiej Wypartowicz, editor at Eastern European cybersecurity outlet Defence 24, quickly raised the possibility that the incident might not have been malicious; more than half of the population in Poland reportedly tried to access the stream, and the group responsible for the majority of the traffic appears to be a legitimate community called "fans of the Polish national team on Sunday after lunch."

He posted on X, "Millions of IP addresses want to visit the site" (via Google Translate).

However, Pawel Olszewski, Poland's deputy minister of digital affairs, said in an interview with local media yesterday that the crash was certainly malicious, and likely backed by Russia, which wanted to "prevent Polish citizens from watching the match online."

Cybercriminals have a long history of attacking major world sporting events — from the now-infamous Russia-led Olympic Destroyer attacks against the 2018 Winter Olympics in Pyeongchang, to attempted disruptions to the 2022 UEFA World Cup in Qatar, to threats against the upcoming Summer Games in Paris.

In this case, "all leads lead to the Russian Federation," Olszewski told Radio RMF24 (via Google Translate). "It was a DDoS attack aimed at disabling the service. … This attack was repelled very quickly."

About the Author(s)

Tara Seals, Managing Editor, News, Dark Reading

Tara Seals has 20+ years of experience as a journalist, analyst and editor in the cybersecurity, communications and technology space. Prior to Dark Reading, Tara was Editor in Chief at Threatpost, and prior to that, the North American news lead for Infosecurity Magazine. She also spent 13 years working for Informa (formerly Virgo Publishing), as executive editor and editor-in-chief at publications focused on both the service provider and the enterprise arenas. A Texas native, she holds a B.A. from Columbia University, lives in Western Massachusetts with her family and is on a never-ending quest for good Mexican food in the Northeast.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights