Cyber Incident Victim: Landesregierung Mecklenburg-Vorpommern
Date:
Aug 2023
Location:
Germany
Summary
Hackers launched a distributed denial‑of‑service campaign against the online presence of the Landesregierung Mecklenburg‑Vorpommern, targeting its ministerial sites, subordinate agencies, the police homepage and the MV‑Serviceportal, all hosted by the state’s data processing centre. The surge of traffic was identified early by the government’s IT security team and the CERT M‑V, prompting an alert status, but existing defenses kept the impact minimal. The interior minister noted that the attacks were largely ineffective while warning that further attempts could occur over the weekend.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On Thursday morning, 17 August 2023, IT security experts of the Mecklenburg-Vorpommern state government detected a sharp increase in requests to various internet sites of the government portal MV. The increase was noticed by the specialists of the state’s IT service provider, the Datenverarbeitungszentrum (DVZ) MV, and the Computer Emergency Response Team CERT M-V. After an initial analysis, the experts determined that the activity constituted an attempt to overload the servers by means of massive numbers of requests. The attack pattern was described as a renewed effort to disrupt online services through a high‑volume request flood.

According to the report, the affected online presences included the websites of several ministries and subordinate authorities, the public homepage of the state police, and the MV‑Serviceportal. All of these services are hosted and technically maintained by the DVZ MV. Upon recognizing the threat, DVZ and CERT M‑V were placed on alert status to monitor the situation and activate defensive measures. The security measures that were already in place proved effective, and by early afternoon the authorities confirmed that the attack had been largely ineffective.
The responsible minister noted that while the current attack had been mitigated, there remained a possibility that the perpetrators could launch another wave over the weekend. He announced that the IT specialists would continue to stay on alert and be ready to react immediately should further activity be detected. The statement concluded with an assurance that the government’s cyber‑defence teams were prepared to respond to any subsequent incidents.
