Cyber Incident Victim: Enercon

On August 17, 2023, IT security experts from the Mecklenburg-Vorpommern state government detected intensified cyberattacks targeting multiple web services within the state’s digital infrastructure. The attacks commenced in the early morning hours, with the state’s IT service provider, Datenverarbeitungszentrum (DVZ) MV, and the state computer emergency response team (CERT M-V) observing a sharp surge in anomalous traffic directed at the Regierungsportal MV platform. Affected systems included websites of state ministries, subordinate agencies, the public homepage of the Mecklenburg-Vorpommern state police, and the MV-Serviceportal—all centrally managed and maintained by DVZ MV. Initial analysis confirmed the activity constituted a deliberate attempt to overwhelm servers through mass automated requests, characteristic of a distributed denial-of-service (DDoS) attack. Security teams activated heightened monitoring protocols and placed DVZ and CERT personnel on standby to mitigate potential disruptions.

By early afternoon, authorities confirmed defensive measures had successfully neutralized the attack’s impact, preventing significant service degradation or downtime. State Interior Minister Pegel acknowledged the attack’s scale as unprecedented for the state administration’s web infrastructure but emphasized its ultimate ineffectiveness due to robust security protocols. No data breaches or unauthorized access to backend systems were reported. Despite the containment, Pegel warned that attackers might launch follow-on assaults over the upcoming weekend, prompting CERT M-V and DVZ to maintain continuous alert status. The incident concluded without operational interruptions to government services or public-facing portals, though it highlighted persistent threats to critical digital assets managed by regional authorities. Monitoring systems remained active to detect any resurgence of malicious activity targeting the state’s web infrastructure.