Cyber Incident Victim: AbfallWirtschaftsGesellschaft mbH
Date:
Apr 2024
Location:
Germany
Summary
A cyber attack targeted a waste management company, causing a two-week disruption to phone services and online functions including bulk waste registration. The organization implemented extensive security measures, isolating affected systems and taking the entire network offline while establishing temporary mobile contacts for limited customer support. Initial communication was intentionally restricted to deny attackers operational insights. Forensic analysis confirmed the firewall successfully repelled the intrusion, with no compromise of customer data. Internal crisis management teams coordinated technical and operational responses across departments, maintaining service continuity while preventing data exfiltration. Customer interactions during the outage reportedly demonstrated widespread understanding of the imposed limitations.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In early May 2024, AbfallWirtschaftsgesellschaft (AWG) Bassum experienced a two-week operational disruption caused by a cyber attack. The incident rendered all company landline phones unreachable and disabled online services, including the ability to schedule bulky waste pickups. AWG spokesperson Dominik Albrecht confirmed the cyber attack’s role in the outage but emphasized that extensive preemptive security measures and rapid response actions prevented any compromise of customer data. The organization deliberately avoided public transparency during the incident to deny attackers insights into their mitigation efforts, though limited customer service was maintained via newly established mobile phone lines. AWG immediately convened a crisis management team and disconnected the entire corporate network as a precautionary containment measure. IT Director Lennart Pleuß isolated the targeted firewall and initiated forensic analysis by external experts. Investigators determined the attack failed to penetrate the firewall, validating the effectiveness of existing security protocols. Full connectivity and service availability were restored by mid-May following system validation.
The response involved coordinated efforts across multiple departments. Forensic specialists conducted granular examinations of the firewall and IT infrastructure, confirming no lateral movement or data exfiltration occurred. Management acknowledged the deliberate network shutdown as an extreme but necessary step given initial uncertainty about the attack’s scope. Sebastian Koch of AWG’s executive leadership credited the IT and electrical engineering teams for their weekend work implementing safeguards that prevented data breaches. Operational units like fleet management and customer service adapted workflows to maintain partial functionality during the outage. Koch noted widespread customer understanding despite service limitations, publicly thanking clients for their patience. Internal reviews confirmed no secondary infections or persistent threats remained post-recovery. The organization expressed satisfaction with its incident handling, particularly the decision to prioritize containment over public disclosure during active response phases.