Cyber Incident Victim: Enercon

On May 23, 2024, hackers launched distributed denial-of-service (DDoS) attacks against multiple websites operated by the state government of Mecklenburg-Vorpommern, Germany. The attacks began in the morning and targeted sites belonging to the state government, state police, and domestic intelligence service (Verfassungsschutz), causing partial outages and restricted accessibility. State Digitalization Minister Christian Pegel confirmed the attacks resembled previous incidents in April and November 2023, noting initial analyses identified the same DDoS methodology—overwhelming servers with massive artificial traffic volumes. The state’s IT service provider, Datenverarbeitungszentrum (DVZ) M-V, which hosts and maintains these websites, implemented technical countermeasures. Specialized departmental pages were primarily affected, though core government portals remained intermittently accessible. Authorities warned that additional attack waves were likely and that service disruptions could persist during mitigation efforts.

This incident followed a pattern established in 2023, when similar DDoS attacks disrupted Mecklenburg-Vorpommern’s online services. The November 2023 attack specifically targeted state police websites, while the April 2023 campaign affected multiple German federal states, including Mecklenburg-Vorpommern. A Russian hacker group had claimed responsibility for the November 2023 incident, according to historical statements from the state interior ministry. DVZ M-V technicians worked intensively to contain the May 2024 attacks, focusing on filtering malicious traffic and hardening infrastructure against ongoing assaults. No data breaches or system compromises were reported, but operational continuity challenges emerged due to prolonged website unavailability for specialized government functions. Authorities maintained public advisories about potential service degradations while mitigation efforts continued.