Cyber Incident Victim: Berú A/S

On September 11, 2023, Berú A/S experienced a disruptive incident involving a DDoS attack and hardware failures affecting its hosting services. At 14:08 on Monday afternoon, the company's monitoring system triggered a critical alarm. Developers confirmed within minutes that a DDoS attack was targeting one of Berú's governmental clients. Managing Director Rasmus Rudolf immediately notified all employees and activated emergency DDoS response procedures. The attack originated predominantly from foreign ISP networks, contrasting with normal traffic patterns where approximately 98% of packets to Danish infrastructure typically come from domestic ISPs. Concurrent hardware failures compounded the disruption, though the relationship between these failures and the cyberattack remained unspecified. Several customers experienced service outages, though the exact duration of the attack and full mitigation timeline weren't disclosed in available reports.

Technical infrastructure discussions revealed Berú's GoBasic platform operates on Umbraco, suggesting potential Windows Server usage, though operating system specifics remained unconfirmed. During the incident analysis, commentators debated IP allocation strategies, noting IPv4 address shortages could be mitigated through IPv6 implementations. Suggestions included creating separate IP allocations announced exclusively to Danish ISPs and duplicate allocations for foreign networks to isolate critical infrastructure during attacks. No forensic details about attack vectors, payloads, or attacker attribution beyond "Russian" origins were provided in the source material. The incident highlighted vulnerabilities in national infrastructure protection, though Berú didn't disclose post-incident reviews or specific countermeasures implemented beyond initial emergency protocols.